Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Q5097WQeq5Tngly7xO98tuvIEVM.roa
File: Q5097WQeq5Tngly7xO98tuvIEVM.roa (raw, json)
Hash identifier: c4lXH/lzfCB3lex7wqKRnmLQRrtovupfn2GZ0WfUK80=
Subject key identifier: 43:9D:3D:ED:64:1E:AB:94:E7:82:5C:BB:C4:EF:7C:B6:EB:C8:11:53
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E675D823FB6EC54FC9D9861F9970E2C03
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Q5097WQeq5Tngly7xO98tuvIEVM.roa
Signing time: Fri 22 Mar 2024 18:12:45 +0000
ROA not before: Fri 22 Mar 2024 18:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:67:5d:82:3f:b6:ec:54:fc:9d:98:61:f9:97:0e:2c:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 22 18:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=439d3ded641eab94e7825cbbc4ef7cb6ebc81153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:77:9c:65:56:6d:0f:8b:5b:57:c7:8c:cc:b1:
aa:a7:d6:52:84:42:57:e0:eb:26:48:2f:ab:8a:70:
20:ff:9d:74:fc:07:13:06:eb:75:d4:5a:b0:e2:81:
b1:d8:34:b1:e8:61:fa:d9:b4:57:dc:59:d2:a9:54:
47:45:e7:c7:dd:47:c9:4f:0e:03:26:52:7b:f0:4e:
e1:b5:29:12:3a:b7:e1:f3:f4:7e:e7:9f:aa:d3:d9:
8d:77:81:41:d7:13:8e:d8:40:85:67:e3:9e:69:82:
48:3b:45:32:b2:84:76:ff:9b:69:5e:02:56:72:e4:
27:16:e2:2f:57:13:01:97:e2:fc:cd:e4:7d:1b:09:
c2:fc:8f:b6:28:23:0d:2e:ae:77:63:68:ca:ec:ae:
e8:d5:06:5f:e0:7b:01:42:4d:7e:5c:1e:58:27:97:
58:e9:bd:24:de:11:ca:a4:8d:78:42:e8:10:c3:11:
c2:87:0d:d9:78:b0:72:a8:a0:8f:33:43:2d:9c:05:
2b:bc:9e:46:68:5a:34:a4:c5:12:54:b6:4b:43:9c:
64:e1:66:c9:89:ad:82:e2:62:43:cf:4e:47:d7:4b:
db:4d:26:aa:8a:a2:08:43:eb:ca:f2:bd:f1:73:c1:
93:d7:e1:4e:99:a7:fa:c9:a8:79:b4:90:09:f5:d6:
9f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:9D:3D:ED:64:1E:AB:94:E7:82:5C:BB:C4:EF:7C:B6:EB:C8:11:53
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Q5097WQeq5Tngly7xO98tuvIEVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
41:e7:c9:91:aa:8b:8b:30:5c:44:60:0d:d0:c6:c1:8b:9a:9b:
96:d5:96:fd:18:e1:20:a2:f1:f0:9e:1a:b1:6d:ec:7f:53:ed:
47:1d:43:0e:e1:3a:96:e5:85:b9:9a:fc:d3:b6:05:81:e9:a4:
69:dc:24:cc:65:1c:22:c7:f2:56:43:9f:ab:51:33:99:cb:75:
82:d5:c6:61:52:01:56:4b:16:5f:49:47:ac:13:b8:ae:6a:f9:
ef:35:58:cf:30:c7:64:3b:f3:f4:d2:5c:99:3c:17:d1:4b:03:
9b:a9:2b:f3:70:da:6f:55:d8:a3:77:6f:7d:b8:28:f5:45:9b:
51:c4:b2:e2:85:f1:7c:4e:72:53:51:a9:1d:30:a6:1f:c7:f7:
74:8f:7f:79:d6:dd:a1:0c:22:ab:ec:90:90:a0:50:03:8a:5c:
a1:71:e7:57:fd:a6:31:9c:ba:62:9b:8f:d4:d4:ea:1c:75:1e:
20:e8:ec:97:b2:14:b6:6b:03:eb:1f:0e:5a:9f:fa:31:4e:9a:
5a:2a:9f:4e:67:9a:7b:d2:1a:6b:78:2b:2e:e3:77:17:14:81:
a2:02:81:e5:f9:b4:d4:24:b7:81:30:6e:09:4a:14:b4:ac:81:
12:de:96:ae:79:2d:7c:48:a9:6b:e2:52:db:e5:f1:f4:3d:e6:
d5:18:54:2e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5nXYI/tuxU/J2YYfmXDiwDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIyMTgxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzlkM2RlZDY0MWVhYjk0ZTc4MjVjYmJjNGVmN2NiNmViYzgxMTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXecZVZtD4tbV8eMzLGqp9ZShEJX
4OsmSC+rinAg/510/AcTBut11Fqw4oGx2DSx6GH62bRX3FnSqVRHRefH3UfJTw4D
JlJ78E7htSkSOrfh8/R+55+q09mNd4FB1xOO2ECFZ+OeaYJIO0UysoR2/5tpXgJW
cuQnFuIvVxMBl+L8zeR9GwnC/I+2KCMNLq53Y2jK7K7o1QZf4HsBQk1+XB5YJ5dY
6b0k3hHKpI14QugQwxHChw3ZeLByqKCPM0MtnAUrvJ5GaFo0pMUSVLZLQ5xk4WbJ
ia2C4mJDz05H10vbTSaqiqIIQ+vK8r3xc8GT1+FOmaf6yah5tJAJ9dafXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEOdPe1kHquU54Jcu8TvfLbryBFTMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUTUwOTdXUWVxNVRuZ2x5N3hPOTh0dXZJRVZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEHnyZGqi4swXERgDdDG
wYuam5bVlv0Y4SCi8fCeGrFt7H9T7UcdQw7hOpblhbma/NO2BYHppGncJMxlHCLH
8lZDn6tRM5nLdYLVxmFSAVZLFl9JR6wTuK5q+e81WM8wx2Q78/TSXJk8F9FLA5up
K/Nw2m9V2KN3b324KPVFm1HEsuKF8XxOclNRqR0wph/H93SPf3nW3aEMIqvskJCg
UAOKXKFx51f9pjGcumKbj9TU6hx1HiDo7JeyFLZrA+sfDlqf+jFOmloqn05nmnvS
Gmt4Ky7jdxcUgaICgeX5tNQkt4EwbglKFLSsgRLelq55LXxIqWviUtvl8fQ95tUY
VC4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:19 2025 by rpki-client