Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QdKM1V8ZpyGbdcOIbcQDty3Dhx0.roa
File: QdKM1V8ZpyGbdcOIbcQDty3Dhx0.roa (raw, json)
Hash identifier: tX06pMPMRMHuytZvdbtGTs5TjfqFKTo9HMfaJHjz9D4=
Subject key identifier: 41:D2:8C:D5:5F:19:A7:21:9B:75:C3:88:6D:C4:03:B7:2D:C3:87:1D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E5E59761340DBA428EFED704378A0B888
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QdKM1V8ZpyGbdcOIbcQDty3Dhx0.roa
Signing time: Thu 21 Mar 2024 00:11:44 +0000
ROA not before: Thu 21 Mar 2024 00:11:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5e:59:76:13:40:db:a4:28:ef:ed:70:43:78:a0:b8:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 21 00:11:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41d28cd55f19a7219b75c3886dc403b72dc3871d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:45:3b:3c:e6:eb:17:c2:34:b7:44:0e:d0:a4:
47:3d:a1:46:f9:7a:56:64:24:8c:57:5f:ed:f1:34:
66:ef:d1:b2:46:be:a3:d0:1e:6f:1b:ef:bf:c5:83:
a4:20:98:d9:e2:1d:92:79:d1:00:cc:ea:49:14:42:
a3:8f:a4:47:aa:43:2c:d4:5c:0b:e3:48:28:5b:c5:
d6:7b:5b:b7:65:52:2c:fc:31:e1:3e:22:c3:a2:20:
4d:5e:48:f6:eb:50:f0:90:89:c3:95:2e:f0:98:4c:
64:17:2c:bf:fc:1e:2a:88:a5:ad:fc:7c:7c:67:51:
4f:c8:34:b4:f4:99:7b:d0:25:44:9f:8a:07:9b:c0:
0d:d5:1b:d3:51:2c:7b:4c:4a:bf:ec:09:b0:be:ff:
15:b5:17:c4:da:c8:f6:36:f1:e4:4c:10:14:6b:40:
c5:df:9e:3b:f2:4d:ad:c6:2c:f0:58:76:74:e3:56:
cb:eb:75:74:9e:b4:c0:e0:f2:7c:7a:5c:3b:5a:b3:
5d:2f:78:3c:6b:55:58:b7:7e:4d:fa:d2:0e:c9:a6:
7c:6d:2b:72:bd:d6:b3:60:ff:e5:1d:7f:0f:ff:b8:
38:68:ac:a2:31:0d:e8:3e:56:d4:c2:85:45:dd:1d:
4d:73:99:7e:c6:1a:23:58:f0:d4:c8:0d:d2:0c:63:
51:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:D2:8C:D5:5F:19:A7:21:9B:75:C3:88:6D:C4:03:B7:2D:C3:87:1D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QdKM1V8ZpyGbdcOIbcQDty3Dhx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3f:ff:a3:7f:38:bf:29:78:ad:54:56:61:65:32:f1:d9:82:0d:
5b:d5:63:9a:31:2c:71:a6:a4:4b:35:f9:0f:bd:3d:ff:d6:d9:
5e:bb:7e:96:7c:70:8f:00:da:61:b5:bb:1d:83:1d:11:e7:d5:
b4:16:f2:8f:cf:01:5f:9f:f4:20:26:f4:83:1b:55:8b:a7:66:
8b:05:37:e8:16:38:72:4d:75:e5:dd:72:24:0e:72:11:e7:c3:
e9:d4:ad:b9:72:4d:c1:5d:60:08:bb:6d:38:2a:a6:b3:c5:2d:
91:6b:d4:23:1f:4c:15:1d:80:b1:c6:d6:68:b8:93:40:bc:2a:
47:4d:fa:9b:5d:e3:e5:b4:2a:30:fe:f9:76:9e:8f:c6:35:a3:
89:d7:e8:d1:54:91:64:c0:ff:f5:cf:07:34:cf:27:8b:11:32:
b2:4d:eb:a4:8c:29:bd:ef:e8:69:77:5b:4a:c7:b6:22:82:62:
e4:ba:20:72:b8:fc:00:fe:94:eb:ff:ec:45:a5:7f:d7:28:fe:
27:11:e6:9f:fc:d1:04:45:25:eb:ac:43:de:cd:62:9e:70:df:
7b:6e:de:e5:cf:df:05:56:bb:e4:6b:08:74:e2:67:e7:ce:3d:
b7:eb:60:fc:7c:a4:26:85:f4:70:f7:36:f0:19:06:4d:fb:ec:
cc:e3:d7:3e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5eWXYTQNukKO/tcEN4oLiIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIxMDAxMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWQyOGNkNTVmMTlhNzIxOWI3NWMzODg2ZGM0MDNiNzJkYzM4NzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUU7PObrF8I0t0QO0KRHPaFG+XpW
ZCSMV1/t8TRm79GyRr6j0B5vG++/xYOkIJjZ4h2SedEAzOpJFEKjj6RHqkMs1FwL
40goW8XWe1u3ZVIs/DHhPiLDoiBNXkj261DwkInDlS7wmExkFyy//B4qiKWt/Hx8
Z1FPyDS09Jl70CVEn4oHm8AN1RvTUSx7TEq/7Amwvv8VtRfE2sj2NvHkTBAUa0DF
35478k2txizwWHZ041bL63V0nrTA4PJ8elw7WrNdL3g8a1VYt35N+tIOyaZ8bSty
vdazYP/lHX8P/7g4aKyiMQ3oPlbUwoVF3R1Nc5l+xhojWPDUyA3SDGNRnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEHSjNVfGachm3XDiG3EA7ctw4cdMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUWRLTTFWOFpweUdiZGNPSWJjUUR0eTNEaHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD//o384vyl4rVRWYWUy
8dmCDVvVY5oxLHGmpEs1+Q+9Pf/W2V67fpZ8cI8A2mG1ux2DHRHn1bQW8o/PAV+f
9CAm9IMbVYunZosFN+gWOHJNdeXdciQOchHnw+nUrblyTcFdYAi7bTgqprPFLZFr
1CMfTBUdgLHG1mi4k0C8KkdN+ptd4+W0KjD++Xaej8Y1o4nX6NFUkWTA//XPBzTP
J4sRMrJN66SMKb3v6Gl3W0rHtiKCYuS6IHK4/AD+lOv/7EWlf9co/icR5p/80QRF
JeusQ97NYp5w33tu3uXP3wVWu+RrCHTiZ+fOPbfrYPx8pCaF9HD3NvAZBk377Mzj
1z4=
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:03:00 2025 by rpki-client