Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QNUdnhQHk1WYKgO6OxymGdJncJI.roa
File: QNUdnhQHk1WYKgO6OxymGdJncJI.roa (raw, json)
Hash identifier: 8fbqFdX6U+yUI3dGT0A1AFVSy4paMdP8KKWjBIWsOqc=
Subject key identifier: 40:D5:1D:9E:14:07:93:55:98:2A:03:BA:3B:1C:A6:19:D2:67:70:92
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D7B56157A5E0C10BCF9F076F6AE1A5549
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QNUdnhQHk1WYKgO6OxymGdJncJI.roa
Signing time: Mon 05 Feb 2024 22:14:15 +0000
ROA not before: Mon 05 Feb 2024 22:14:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7b:56:15:7a:5e:0c:10:bc:f9:f0:76:f6:ae:1a:55:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 5 22:14:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40d51d9e14079355982a03ba3b1ca619d2677092
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c5:47:7f:70:99:37:30:7e:61:1a:91:51:e1:
a6:fc:b7:2a:2e:37:a0:7f:03:5d:0c:3b:72:db:7e:
87:65:7c:e6:b7:e5:54:07:17:1a:e2:f3:bb:d6:f5:
ef:07:78:f8:36:42:3b:1c:9f:a9:bc:e6:83:4c:85:
3d:3d:3f:0a:31:d8:c9:1c:fe:3d:ec:b6:0a:cc:da:
32:5d:2e:03:e2:52:90:b9:73:72:8b:f8:ed:82:51:
ac:e0:b7:cc:cc:85:64:cd:5b:74:e3:1e:cd:0e:74:
28:5f:3d:8a:43:78:81:35:17:c2:35:9e:a9:50:04:
21:cb:5a:c3:d8:54:d4:5c:6c:b0:e4:9e:b0:96:87:
99:3b:e9:ef:c6:62:2e:f0:ee:7a:b9:a4:99:03:05:
83:99:09:2c:b0:b8:ff:22:ca:b5:cb:ff:4a:e4:11:
31:25:2d:5a:9c:07:6e:5e:78:07:a5:9c:ce:66:1f:
17:79:2f:df:c9:b0:ea:ef:75:80:e6:7d:f7:3d:b6:
c4:ce:68:53:e3:21:f3:d2:39:77:09:06:99:2a:ff:
cb:ca:3a:ad:52:94:6b:5a:fa:cf:5c:ed:0f:24:9c:
81:83:c5:4f:69:61:71:43:52:80:5b:ff:9f:01:a4:
a9:3f:f2:86:fc:e2:7c:9c:0e:4b:0f:10:a7:87:33:
e5:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D5:1D:9E:14:07:93:55:98:2A:03:BA:3B:1C:A6:19:D2:67:70:92
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QNUdnhQHk1WYKgO6OxymGdJncJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
74:d7:b0:6b:fd:59:ba:56:cb:d5:18:c1:5e:99:8b:d4:ff:cc:
49:44:4b:21:b5:f9:47:6a:59:9f:60:11:aa:cc:d1:3c:ef:bb:
85:2a:c1:9f:3c:5e:51:0d:42:09:fb:2e:4a:14:94:c0:ef:08:
4c:9d:e6:3e:7e:5c:33:5d:3e:cb:f6:ae:79:06:df:36:db:60:
bf:1b:52:35:ea:47:14:fe:6c:b0:8e:81:a5:55:ff:bc:4a:18:
85:67:87:d2:2f:2f:c4:bf:29:22:88:49:9b:39:0f:3d:b8:c0:
eb:cc:37:cf:45:3e:cc:01:f7:2a:4b:f9:34:43:77:12:d6:05:
34:4b:40:15:7e:29:a3:c7:ba:d5:62:b2:73:ac:6c:9a:e4:54:
54:2b:80:74:4f:ae:c7:d1:b4:c4:bf:2d:21:af:a0:8c:77:9f:
23:93:6e:ef:84:07:ff:66:69:98:df:ef:1d:77:ff:08:e1:d8:
28:ac:e3:eb:7b:c4:ed:61:f1:e5:2f:4c:a6:2c:b8:84:64:d3:
6b:98:60:2e:c3:26:21:e4:00:cf:cc:92:26:2d:ff:c5:03:be:
5c:6d:db:86:f3:94:46:d8:1a:90:61:2e:3d:21:23:cd:fa:14:
01:79:28:5c:b9:d6:29:67:cb:9f:66:3a:63:ab:c3:6e:be:99:
38:6c:04:83
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY17VhV6XgwQvPnwdvauGlVJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA1MjIxNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGQ1MWQ5ZTE0MDc5MzU1OTgyYTAzYmEzYjFjYTYxOWQyNjc3MDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmsVHf3CZNzB+YRqRUeGm/LcqLjeg
fwNdDDty236HZXzmt+VUBxca4vO71vXvB3j4NkI7HJ+pvOaDTIU9PT8KMdjJHP49
7LYKzNoyXS4D4lKQuXNyi/jtglGs4LfMzIVkzVt04x7NDnQoXz2KQ3iBNRfCNZ6p
UAQhy1rD2FTUXGyw5J6wloeZO+nvxmIu8O56uaSZAwWDmQkssLj/Isq1y/9K5BEx
JS1anAduXngHpZzOZh8XeS/fybDq73WA5n33PbbEzmhT4yHz0jl3CQaZKv/Lyjqt
UpRrWvrPXO0PJJyBg8VPaWFxQ1KAW/+fAaSpP/KG/OJ8nA5LDxCnhzPlKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEDVHZ4UB5NVmCoDujscphnSZ3CSMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUU5VZG5oUUhrMVdZS2dPNk94eW1HZEpuY0pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHTXsGv9WbpWy9UYwV6Z
i9T/zElESyG1+UdqWZ9gEarM0Tzvu4UqwZ88XlENQgn7LkoUlMDvCEyd5j5+XDNd
Psv2rnkG3zbbYL8bUjXqRxT+bLCOgaVV/7xKGIVnh9IvL8S/KSKISZs5Dz24wOvM
N89FPswB9ypL+TRDdxLWBTRLQBV+KaPHutVisnOsbJrkVFQrgHRPrsfRtMS/LSGv
oIx3nyOTbu+EB/9maZjf7x13/wjh2Cis4+t7xO1h8eUvTKYsuIRk02uYYC7DJiHk
AM/MkiYt/8UDvlxt24bzlEbYGpBhLj0hI836FAF5KFy51ilny59mOmOrw26+mThs
BIM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org