Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Qb0TXevxIii40eUaHkxqNaUbfEk.roa
File: Qb0TXevxIii40eUaHkxqNaUbfEk.roa (raw, json)
Hash identifier: nKuH2a8r/AwYf4wgk0eZQanSEqbvsYkRohsHffD6rFE=
Subject key identifier: 41:BD:13:5D:EB:F1:22:28:B8:D1:E5:1A:1E:4C:6A:35:A5:1B:7C:49
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D431D04494D87150FC5A68296C50A2088
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Qb0TXevxIii40eUaHkxqNaUbfEk.roa
Signing time: Fri 26 Jan 2024 00:13:11 +0000
ROA not before: Fri 26 Jan 2024 00:13:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:43:1d:04:49:4d:87:15:0f:c5:a6:82:96:c5:0a:20:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 26 00:13:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41bd135debf12228b8d1e51a1e4c6a35a51b7c49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:63:8a:66:7d:2d:a2:37:56:03:94:ea:09:ac:
f6:0f:51:48:e4:d3:7c:46:82:9e:8c:37:98:11:0e:
ca:9c:07:ce:3c:f5:4f:8b:23:da:48:21:ef:92:31:
e2:c3:c1:af:57:15:ab:e9:6f:63:32:da:77:c2:27:
9b:33:ee:5e:df:78:36:90:92:e2:06:66:76:f1:73:
8f:c5:f9:6f:95:18:5b:60:45:2b:2f:03:95:66:84:
74:95:83:26:00:0e:61:d8:0a:de:6f:89:d8:64:12:
eb:ea:af:b7:c3:ca:4d:24:9f:d6:36:6e:78:17:8a:
2d:a8:54:2d:f1:6e:36:19:1f:53:30:97:32:87:89:
73:f6:92:a4:e8:aa:2b:6b:38:77:e6:90:31:eb:02:
30:44:ee:bf:8c:1c:5c:15:2c:59:25:93:e7:0a:4a:
3d:85:63:b6:f7:58:67:39:03:8b:8d:77:4f:e4:21:
f4:09:eb:a8:43:11:0e:8c:9f:fc:98:f4:0f:e3:21:
b6:ba:56:8e:a6:51:88:98:50:a9:6d:34:e1:9f:4f:
d5:47:81:82:7a:6d:42:aa:72:fd:9a:79:b4:f8:69:
76:22:f3:76:77:c2:2b:c9:35:fc:13:2a:43:41:96:
d2:2d:7a:b6:ac:55:6a:d3:24:dc:5a:ba:86:8a:85:
1d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:BD:13:5D:EB:F1:22:28:B8:D1:E5:1A:1E:4C:6A:35:A5:1B:7C:49
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Qb0TXevxIii40eUaHkxqNaUbfEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
94:3a:85:ed:27:99:f5:bd:da:e7:b9:8c:bc:ca:02:20:8c:d7:
68:d0:13:72:96:63:a8:3a:5b:58:a7:1e:7b:c9:f7:ea:42:18:
18:bb:8c:f1:05:b5:dc:6c:3a:e9:d5:24:84:33:5e:7d:ed:89:
c1:64:6c:e0:0e:55:c5:b4:cd:6c:23:d0:e6:e1:33:c7:53:fa:
3a:1c:43:57:3a:57:3e:44:51:43:2b:c4:e6:c9:54:43:49:b2:
4e:b3:f4:1a:4f:72:bb:cd:4d:61:dc:6b:e7:c7:15:42:81:f5:
9d:b2:64:dc:33:1e:d0:a7:8e:5c:f8:89:05:f9:1c:31:31:e6:
8d:2d:9a:64:98:cc:d0:d1:e9:d1:b3:d6:b9:f1:b1:b1:ee:36:
88:e6:27:42:51:a8:c3:4c:a5:8e:be:2f:d9:09:41:f5:98:3e:
03:e6:b5:e8:00:76:ca:5b:78:5c:ac:ef:73:ea:cc:44:b9:f2:
0a:f9:52:a6:56:9b:bb:00:6d:76:f0:f2:a2:76:bb:dc:05:ef:
cb:f9:09:52:3d:3d:fc:cb:71:ef:6a:6e:28:7b:00:92:40:f0:
8d:35:af:06:a9:5a:13:ef:3e:16:60:03:1f:60:09:73:3e:3a:
ba:69:d8:b1:b7:d6:12:4b:4a:d4:d2:6d:b9:3f:cd:f3:e5:6c:
27:90:89:82
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1DHQRJTYcVD8WmgpbFCiCIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI2MDAxMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWJkMTM1ZGViZjEyMjI4YjhkMWU1MWExZTRjNmEzNWE1MWI3YzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGOKZn0tojdWA5TqCaz2D1FI5NN8
RoKejDeYEQ7KnAfOPPVPiyPaSCHvkjHiw8GvVxWr6W9jMtp3wiebM+5e33g2kJLi
BmZ28XOPxflvlRhbYEUrLwOVZoR0lYMmAA5h2Areb4nYZBLr6q+3w8pNJJ/WNm54
F4otqFQt8W42GR9TMJcyh4lz9pKk6Korazh35pAx6wIwRO6/jBxcFSxZJZPnCko9
hWO291hnOQOLjXdP5CH0CeuoQxEOjJ/8mPQP4yG2ulaOplGImFCpbTThn0/VR4GC
em1CqnL9mnm0+Gl2IvN2d8IryTX8EypDQZbSLXq2rFVq0yTcWrqGioUdmQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEG9E13r8SIouNHlGh5MajWlG3xJMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUWIwVFhldnhJaWk0MGVVYUhreHFOYVViZkVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJQ6he0nmfW92ue5jLzK
AiCM12jQE3KWY6g6W1inHnvJ9+pCGBi7jPEFtdxsOunVJIQzXn3ticFkbOAOVcW0
zWwj0ObhM8dT+jocQ1c6Vz5EUUMrxObJVENJsk6z9BpPcrvNTWHca+fHFUKB9Z2y
ZNwzHtCnjlz4iQX5HDEx5o0tmmSYzNDR6dGz1rnxsbHuNojmJ0JRqMNMpY6+L9kJ
QfWYPgPmtegAdspbeFys73PqzES58gr5UqZWm7sAbXbw8qJ2u9wF78v5CVI9PfzL
ce9qbih7AJJA8I01rwapWhPvPhZgAx9gCXM+Orpp2LG31hJLStTSbbk/zfPlbCeQ
iYI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:31 2024 by rpki-client on console-fra.rpki-client.org