Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Q2zUq4un0M8KGlWVHpy_BHWyG98.roa
File: Q2zUq4un0M8KGlWVHpy_BHWyG98.roa (raw, json)
Hash identifier: Lo0ey8tFNNWIKdT9cdFPvNGOUuUNpuJ/HXGlhmZyGuk=
Subject key identifier: 43:6C:D4:AB:8B:A7:D0:CF:0A:1A:55:95:1E:9C:BF:04:75:B2:1B:DF
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CCF74814FB8D89DE9C5FFAC16762F80FE
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Q2zUq4un0M8KGlWVHpy_BHWyG98.roa
Signing time: Wed 03 Jan 2024 13:12:48 +0000
ROA not before: Wed 03 Jan 2024 13:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cf:74:81:4f:b8:d8:9d:e9:c5:ff:ac:16:76:2f:80:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 3 13:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=436cd4ab8ba7d0cf0a1a55951e9cbf0475b21bdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:18:c9:43:00:fa:59:d0:10:0b:62:54:9e:17:
e7:4e:94:34:ab:a7:8d:25:14:9b:bb:a3:03:4a:a7:
ca:42:d1:e1:e7:e4:cc:30:f9:d3:32:90:a5:4a:a8:
30:43:b9:89:9c:38:7a:99:ae:c9:aa:8f:f9:24:ae:
18:37:6f:a7:6a:7c:0b:5f:9c:57:70:5a:20:8a:33:
7e:39:ed:9b:12:b9:e4:d2:d0:62:1f:f1:a1:fd:53:
1c:7d:cc:e7:4c:b2:ed:dc:18:ad:ed:c2:80:fb:95:
33:76:d3:ad:f4:5d:b4:9f:12:d0:bb:73:58:fb:7e:
c7:bc:5b:39:4c:0e:c5:6c:3d:0c:82:66:00:00:bc:
91:15:78:c9:2b:eb:ea:e7:7d:bc:83:1c:03:03:69:
e0:0f:4c:ba:be:60:6c:db:ce:30:55:ea:e4:02:29:
3b:99:1c:d4:2b:d5:85:c8:ca:58:70:cc:77:bb:4b:
dc:e6:f5:f1:6a:d9:23:4e:49:1c:6a:94:42:ca:c1:
b6:61:3b:fb:49:4f:40:b8:9c:8c:53:0c:64:33:39:
8b:1a:f4:24:6d:7b:4d:84:60:76:fc:94:06:06:f6:
65:48:b6:ca:44:38:85:f2:2c:7a:ad:88:ef:40:5c:
5a:99:cc:a0:e5:c7:a4:3a:66:98:42:4b:e0:d3:09:
b9:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:6C:D4:AB:8B:A7:D0:CF:0A:1A:55:95:1E:9C:BF:04:75:B2:1B:DF
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Q2zUq4un0M8KGlWVHpy_BHWyG98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
83:90:a8:37:6d:d5:41:62:02:75:f0:7f:a7:25:7f:93:fc:28:
dd:87:f2:45:90:6d:1d:db:e3:05:bb:87:ae:a4:c3:82:23:3b:
a5:62:65:b6:fb:b7:08:ce:16:7d:56:73:d0:05:a8:46:5d:f1:
ca:bd:4b:5d:f3:7a:55:01:16:30:8e:67:d8:f2:55:ef:30:56:
2f:9b:de:e8:81:04:17:93:a1:c6:df:19:d5:fb:6c:f1:ca:42:
1b:0d:ab:54:5f:66:65:0c:d2:6f:35:a7:2f:44:cf:68:e3:7a:
1e:9b:b3:16:1c:28:e6:a1:d9:c5:1f:b9:86:0c:69:55:d4:5f:
0e:dd:3d:ab:99:57:02:fb:76:a3:ad:1e:af:d5:8a:45:47:d3:
0a:e9:63:c8:fa:77:f7:50:b4:27:8d:5b:26:4c:99:20:40:9d:
a1:33:00:01:08:73:d0:74:83:13:ff:90:42:97:e1:bb:20:b1:
6d:37:44:8e:e3:99:dd:77:a2:44:66:e8:0e:f0:17:6d:c1:71:
d0:b1:b2:3c:98:71:2f:50:6b:54:b7:f9:25:73:b7:c7:fe:cc:
f5:c5:92:d1:23:9f:ed:a7:87:56:27:6b:23:14:a5:53:2e:fc:
8c:0a:e9:d4:0a:99:d6:2f:0e:db:b3:10:62:3d:dd:84:e1:c5:
34:1e:dd:03
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzPdIFPuNid6cX/rBZ2L4D+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAzMTMxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzZjZDRhYjhiYTdkMGNmMGExYTU1OTUxZTljYmYwNDc1YjIxYmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBjJQwD6WdAQC2JUnhfnTpQ0q6eN
JRSbu6MDSqfKQtHh5+TMMPnTMpClSqgwQ7mJnDh6ma7Jqo/5JK4YN2+nanwLX5xX
cFogijN+Oe2bErnk0tBiH/Gh/VMcfcznTLLt3Bit7cKA+5UzdtOt9F20nxLQu3NY
+37HvFs5TA7FbD0MgmYAALyRFXjJK+vq5328gxwDA2ngD0y6vmBs284wVerkAik7
mRzUK9WFyMpYcMx3u0vc5vXxatkjTkkcapRCysG2YTv7SU9AuJyMUwxkMzmLGvQk
bXtNhGB2/JQGBvZlSLbKRDiF8ix6rYjvQFxamcyg5cekOmaYQkvg0wm5dwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFENs1KuLp9DPChpVlR6cvwR1shvfMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUTJ6VXE0dW4wTThLR2xXVkhweV9CSFd5Rzk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIOQqDdt1UFiAnXwf6cl
f5P8KN2H8kWQbR3b4wW7h66kw4IjO6ViZbb7twjOFn1Wc9AFqEZd8cq9S13zelUB
FjCOZ9jyVe8wVi+b3uiBBBeTocbfGdX7bPHKQhsNq1RfZmUM0m81py9Ez2jjeh6b
sxYcKOah2cUfuYYMaVXUXw7dPauZVwL7dqOtHq/VikVH0wrpY8j6d/dQtCeNWyZM
mSBAnaEzAAEIc9B0gxP/kEKX4bsgsW03RI7jmd13okRm6A7wF23BcdCxsjyYcS9Q
a1S3+SVzt8f+zPXFktEjn+2nh1YnayMUpVMu/IwK6dQKmdYvDtuzEGI93YThxTQe
3QM=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:33:22 2025 by rpki-client