Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QAEdyCu21s-aOikCWvCQbQC13iM.roa
File: QAEdyCu21s-aOikCWvCQbQC13iM.roa (raw, json)
Hash identifier: 9fxDBVljMm1VeA4L7N/JliwtXlAhZG1APRKtDx2hhJI=
Subject key identifier: 40:01:1D:C8:2B:B6:D6:CF:9A:3A:29:02:5A:F0:90:6D:00:B5:DE:23
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E82A266E42A5C98001EFAD1BE99EF3D38
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QAEdyCu21s-aOikCWvCQbQC13iM.roa
Signing time: Thu 28 Mar 2024 01:17:44 +0000
ROA not before: Thu 28 Mar 2024 01:17:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:82:a2:66:e4:2a:5c:98:00:1e:fa:d1:be:99:ef:3d:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 28 01:17:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40011dc82bb6d6cf9a3a29025af0906d00b5de23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a0:8a:97:51:5d:b1:e9:1a:41:3a:d8:d2:98:
93:f4:61:43:b8:8c:92:28:46:65:cd:86:b7:f2:06:
66:ad:2d:be:01:bb:cc:5c:ec:93:1b:68:ed:57:4a:
14:90:13:56:fa:a3:e3:dc:94:f0:71:1d:1e:27:da:
1d:18:b6:b9:63:26:47:95:e1:9c:2b:d9:41:5a:2c:
8a:93:6c:61:5f:cb:24:a7:43:41:dd:5d:2f:b5:77:
69:8c:bf:ec:00:90:7f:58:38:21:0b:a9:64:51:f4:
47:5d:6b:c0:b7:de:63:6a:8b:81:d7:49:3a:ad:78:
2b:2d:1b:59:f7:2b:86:19:3a:a0:b4:45:1a:0e:fb:
d6:37:61:12:0a:0a:39:fb:5b:0f:12:25:9e:d2:8f:
bc:4c:8c:a9:ca:1b:01:a6:58:7a:65:98:7d:be:e6:
8e:ba:a8:81:39:2f:4a:26:9d:d3:5a:da:dc:fa:2f:
c6:cb:5c:fc:dd:87:9b:39:d9:f0:e3:53:bf:d3:30:
15:95:dd:05:23:9f:4f:63:f0:3b:7d:72:6f:be:dc:
a5:04:3a:25:35:27:2b:69:c5:03:ec:db:ec:d6:d8:
2f:cd:fc:13:40:3e:84:fc:a0:ac:d9:f3:9e:5a:9f:
90:8b:02:f0:1b:ef:c8:8c:81:88:6c:9d:35:ea:9d:
26:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:01:1D:C8:2B:B6:D6:CF:9A:3A:29:02:5A:F0:90:6D:00:B5:DE:23
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QAEdyCu21s-aOikCWvCQbQC13iM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:4c:0d:d3:d4:fb:06:1e:c3:90:c4:99:fc:17:aa:bb:42:12:
5a:8b:e0:1d:74:c9:53:c6:09:e7:34:a1:00:fe:d5:e7:ff:8e:
a3:66:f5:37:8b:08:c4:51:29:10:e0:ab:df:9b:89:41:4d:50:
ae:45:53:4f:50:84:e7:9a:fd:af:e1:b8:1b:84:cb:13:3d:62:
bb:a4:ad:49:3a:1d:e7:29:4f:9e:33:3a:3e:56:ca:cc:a4:9f:
13:6d:87:c9:70:28:07:84:5b:0d:1d:fd:11:cd:7f:1a:42:fa:
2a:e6:7d:67:88:ff:ca:fa:a0:24:fb:9a:3e:48:45:0b:9f:ee:
7d:9b:b5:30:44:52:31:0c:3e:04:d7:79:c1:97:0d:27:d4:6a:
43:4c:4b:11:23:e0:d6:30:da:5e:1f:45:44:0c:25:17:b1:b9:
81:c1:a8:e4:9b:89:5d:0b:98:26:ed:e8:ae:44:fe:a3:45:75:
74:d9:ed:be:8a:86:3f:0a:99:ee:46:86:28:ab:4d:37:4a:06:
90:c6:d8:a1:de:12:3b:fb:32:a9:60:ed:bd:47:76:14:fc:cb:
cd:5c:5f:f2:03:03:90:4b:fa:90:8c:4b:90:1b:e6:4a:94:91:
ef:85:e3:a9:53:ac:f1:9f:31:01:68:6d:db:d0:a6:e0:4b:7d:
c7:64:e1:35
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6CombkKlyYAB760b6Z7z04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI4MDExNzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDAxMWRjODJiYjZkNmNmOWEzYTI5MDI1YWYwOTA2ZDAwYjVkZTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6CKl1FdsekaQTrY0piT9GFDuIyS
KEZlzYa38gZmrS2+AbvMXOyTG2jtV0oUkBNW+qPj3JTwcR0eJ9odGLa5YyZHleGc
K9lBWiyKk2xhX8skp0NB3V0vtXdpjL/sAJB/WDghC6lkUfRHXWvAt95jaouB10k6
rXgrLRtZ9yuGGTqgtEUaDvvWN2ESCgo5+1sPEiWe0o+8TIypyhsBplh6ZZh9vuaO
uqiBOS9KJp3TWtrc+i/Gy1z83YebOdnw41O/0zAVld0FI59PY/A7fXJvvtylBDol
NScracUD7Nvs1tgvzfwTQD6E/KCs2fOeWp+QiwLwG+/IjIGIbJ016p0mBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEABHcgrttbPmjopAlrwkG0Atd4jMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUUFFZHlDdTIxcy1hT2lrQ1d2Q1FiUUMxM2lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADtMDdPU+wYew5DEmfwX
qrtCElqL4B10yVPGCec0oQD+1ef/jqNm9TeLCMRRKRDgq9+biUFNUK5FU09QhOea
/a/huBuEyxM9YrukrUk6HecpT54zOj5WysyknxNth8lwKAeEWw0d/RHNfxpC+irm
fWeI/8r6oCT7mj5IRQuf7n2btTBEUjEMPgTXecGXDSfUakNMSxEj4NYw2l4fRUQM
JRexuYHBqOSbiV0LmCbt6K5E/qNFdXTZ7b6Khj8Kme5GhiirTTdKBpDG2KHeEjv7
Mqlg7b1HdhT8y81cX/IDA5BL+pCMS5Ab5kqUke+F46lTrPGfMQFobdvQpuBLfcdk
4TU=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:24:05 2025 by rpki-client