Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QDDA2QIQBW7UeaxPPw4kQKwt6O0.roa
File: QDDA2QIQBW7UeaxPPw4kQKwt6O0.roa (raw, json)
Hash identifier: K5qAMFE9PrRFBWpBGxxp4YHZUwMP5Z7LYooAi/opS3g=
Subject key identifier: 40:30:C0:D9:02:10:05:6E:D4:79:AC:4F:3F:0E:24:40:AC:2D:E8:ED
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E8A1F84504E8541DD02F95DBF0B235D10
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QDDA2QIQBW7UeaxPPw4kQKwt6O0.roa
Signing time: Fri 29 Mar 2024 12:11:45 +0000
ROA not before: Fri 29 Mar 2024 12:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8a:1f:84:50:4e:85:41:dd:02:f9:5d:bf:0b:23:5d:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 29 12:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4030c0d90210056ed479ac4f3f0e2440ac2de8ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:67:bd:cc:3f:b4:a4:82:c8:30:48:2b:7f:44:
2b:38:01:81:09:bc:e8:c7:b6:71:83:b8:2b:5c:7a:
05:5b:e5:ca:bb:de:8c:8f:72:81:ee:e9:06:5d:7d:
be:bb:5c:89:94:37:cf:ad:47:5a:84:2e:bc:de:13:
f6:06:9a:19:85:df:43:8f:d4:64:74:b3:04:6d:3e:
a8:fa:30:59:0a:82:96:ad:97:0a:3b:57:a4:6b:09:
7a:c0:a4:13:df:ac:b9:2d:81:79:30:72:e4:ba:68:
22:9a:9c:98:7c:0f:e0:b1:20:9e:ca:4c:f9:ed:25:
ee:7a:88:03:d0:dd:0b:96:54:41:83:97:56:f5:1f:
23:a8:c4:24:16:bc:72:d7:82:ec:34:a2:d9:e6:ce:
35:e2:22:03:78:f2:71:6c:98:b8:b3:a9:fc:53:73:
57:71:0c:09:f2:24:66:09:0a:01:16:77:6f:c7:2f:
6e:1d:4d:97:93:6c:a6:0b:f1:c4:c1:bf:ea:eb:8c:
80:05:62:2f:b6:5b:22:eb:a1:ad:36:48:29:de:75:
f3:1e:32:da:ff:a3:0c:fc:a4:86:4a:bd:89:2a:d8:
7e:22:65:d3:93:76:aa:68:72:1a:fe:78:b1:51:e3:
84:0b:2d:68:55:21:4a:a9:5b:46:cf:2b:e9:95:51:
e0:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:30:C0:D9:02:10:05:6E:D4:79:AC:4F:3F:0E:24:40:AC:2D:E8:ED
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QDDA2QIQBW7UeaxPPw4kQKwt6O0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
52:8d:d3:e7:3e:4a:d3:5f:95:b9:31:00:94:c2:7e:df:e1:3e:
44:06:00:5e:54:18:07:3a:2b:21:f8:df:db:30:6a:f2:8c:20:
36:a7:6e:23:a0:05:5c:84:40:cc:75:63:7a:17:02:2c:7e:c9:
db:b8:c7:1b:34:7d:4b:f2:89:c4:bc:fc:a7:1d:b5:20:06:26:
b6:16:a1:9e:8f:22:0e:9a:ed:51:1b:09:fc:3a:01:8a:1f:9d:
0c:85:1b:ea:a6:ae:0a:aa:f1:71:7c:12:42:4f:f5:8f:b3:8e:
8b:fd:0c:c4:91:e8:09:d0:c8:9d:67:5c:8e:b4:97:14:78:14:
03:f7:08:34:d3:a4:04:39:54:12:4c:86:26:39:f9:97:5a:13:
97:14:27:15:31:c1:e2:fe:59:d7:29:b7:d3:89:a8:53:88:9a:
05:35:80:5f:5a:df:be:6d:89:e6:d0:26:4e:51:92:05:5e:29:
40:91:73:0e:90:72:f7:16:a7:ce:6c:e2:a0:7e:24:e9:da:34:
40:ac:30:9e:40:17:f1:9b:96:0d:3b:be:e0:51:b8:29:d9:69:
0e:78:dd:0c:70:0a:31:8d:94:f5:48:0b:79:3c:b4:2c:23:07:
d7:7a:49:cb:90:88:2e:b6:fb:87:bd:0b:64:47:6c:a3:e3:86:
e2:e9:7b:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6KH4RQToVB3QL5Xb8LI10QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI5MTIxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDMwYzBkOTAyMTAwNTZlZDQ3OWFjNGYzZjBlMjQ0MGFjMmRlOGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGe9zD+0pILIMEgrf0QrOAGBCbzo
x7Zxg7grXHoFW+XKu96Mj3KB7ukGXX2+u1yJlDfPrUdahC683hP2BpoZhd9Dj9Rk
dLMEbT6o+jBZCoKWrZcKO1ekawl6wKQT36y5LYF5MHLkumgimpyYfA/gsSCeykz5
7SXueogD0N0LllRBg5dW9R8jqMQkFrxy14LsNKLZ5s414iIDePJxbJi4s6n8U3NX
cQwJ8iRmCQoBFndvxy9uHU2Xk2ymC/HEwb/q64yABWIvtlsi66GtNkgp3nXzHjLa
/6MM/KSGSr2JKth+ImXTk3aqaHIa/nixUeOECy1oVSFKqVtGzyvplVHgqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEAwwNkCEAVu1HmsTz8OJECsLejtMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUUREQTJRSVFCVzdVZWF4UFB3NGtRS3d0Nk8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFKN0+c+StNflbkxAJTC
ft/hPkQGAF5UGAc6KyH439swavKMIDanbiOgBVyEQMx1Y3oXAix+ydu4xxs0fUvy
icS8/KcdtSAGJrYWoZ6PIg6a7VEbCfw6AYofnQyFG+qmrgqq8XF8EkJP9Y+zjov9
DMSR6AnQyJ1nXI60lxR4FAP3CDTTpAQ5VBJMhiY5+ZdaE5cUJxUxweL+Wdcpt9OJ
qFOImgU1gF9a375tiebQJk5RkgVeKUCRcw6QcvcWp85s4qB+JOnaNECsMJ5AF/Gb
lg07vuBRuCnZaQ543QxwCjGNlPVIC3k8tCwjB9d6ScuQiC62+4e9C2RHbKPjhuLp
e5Q=
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:51:32 2025 by rpki-client