Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QgwDP6IMGihh9PAbGVfj7-_6fyM.roa
File: QgwDP6IMGihh9PAbGVfj7-_6fyM.roa (raw, json)
Hash identifier: ngJF27wHS0gMCHFY03jtSwcFp9RO/l/Hq44ao796XUY=
Subject key identifier: 42:0C:03:3F:A2:0C:1A:28:61:F4:F0:1B:19:57:E3:EF:EF:FA:7F:23
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CF726BF1AE6A0E179870741EFDE50A1FC
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QgwDP6IMGihh9PAbGVfj7-_6fyM.roa
Signing time: Thu 11 Jan 2024 06:12:40 +0000
ROA not before: Thu 11 Jan 2024 06:12:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f7:26:bf:1a:e6:a0:e1:79:87:07:41:ef:de:50:a1:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 11 06:12:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=420c033fa20c1a2861f4f01b1957e3efeffa7f23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:8e:22:c6:b1:1f:7d:54:c5:e7:f7:79:a6:3f:
d1:5a:e3:e2:6b:80:e8:6c:77:dc:5e:96:62:0d:94:
3a:57:72:4c:6a:f7:0b:76:ee:ad:07:70:cf:f0:22:
35:15:cb:80:12:0f:8a:8f:db:b3:78:8b:bc:74:7a:
39:3f:b5:c4:48:79:77:ee:95:96:27:01:74:ea:8f:
ec:0f:6f:a8:65:dd:a6:90:b9:af:41:6d:21:ca:19:
28:85:bd:73:43:96:8a:2d:2c:e9:d0:fa:37:93:06:
7c:0d:87:ac:ad:4b:82:37:f4:6e:a5:d8:cb:ff:06:
6f:1c:e4:7c:2e:6c:0f:34:05:65:22:52:1b:54:9d:
d7:4c:24:04:97:9b:38:64:84:2a:43:87:c9:45:a1:
6c:a2:02:eb:1a:e2:ac:26:3f:d9:ca:94:26:8d:6d:
2c:3b:68:73:b4:89:17:d5:04:cb:58:98:08:e7:b8:
29:0a:9f:f9:77:b7:1b:2d:c0:a6:c5:b3:55:05:74:
c8:e5:99:00:a5:76:55:1b:03:63:93:96:1b:63:4c:
bc:51:ba:10:5d:6c:d4:ad:29:d4:c2:c8:bb:30:f7:
a3:0b:37:0b:80:8a:f1:a1:8f:71:f1:87:ff:3f:f8:
11:47:05:21:90:cb:fd:da:a3:fb:a2:08:bc:e6:82:
1a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:0C:03:3F:A2:0C:1A:28:61:F4:F0:1B:19:57:E3:EF:EF:FA:7F:23
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QgwDP6IMGihh9PAbGVfj7-_6fyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
67:b3:ec:4a:68:61:58:d5:6c:60:37:59:ee:c6:86:8b:34:2d:
6e:d7:c0:22:79:53:d5:5b:a1:67:dd:56:a3:8f:a4:be:57:ec:
ff:cd:9d:2b:07:81:bb:33:2e:45:ab:eb:db:1b:02:75:3f:89:
35:d4:86:0b:0f:43:d6:6a:f4:13:d9:9b:72:88:e5:47:91:5d:
32:08:5e:05:fe:09:8e:97:e7:79:6d:49:4e:03:0a:fa:7f:30:
03:a5:20:df:f6:1f:d1:56:25:7f:b9:b9:21:8d:59:56:46:bf:
3f:68:d1:ae:46:0e:f9:6b:62:c5:ba:aa:54:23:d2:7b:9d:72:
8a:3b:e7:14:15:6e:90:db:96:6f:90:b8:2c:41:6f:fb:e7:94:
ae:cb:98:3b:f4:47:3c:e9:00:1e:38:67:a6:c8:bc:c6:23:f4:
96:e3:c1:48:3b:9b:69:5d:c8:9c:c4:db:66:ed:7d:62:01:02:
4f:23:8c:29:2d:a3:b9:68:d1:7f:23:73:9a:9c:5f:0c:42:4a:
ed:22:9e:6a:fa:3e:21:7b:ce:bd:75:3c:47:84:9d:bf:34:ef:
bc:ad:5c:d6:6b:94:65:3f:cc:ba:82:98:49:e6:6a:54:b3:60:
d0:71:96:72:2b:2f:45:b1:8a:a6:1d:2d:a2:a1:bf:d9:ec:1e:
78:96:d1:2e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYz3Jr8a5qDheYcHQe/eUKH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTExMDYxMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjBjMDMzZmEyMGMxYTI4NjFmNGYwMWIxOTU3ZTNlZmVmZmE3ZjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiI4ixrEffVTF5/d5pj/RWuPia4Do
bHfcXpZiDZQ6V3JMavcLdu6tB3DP8CI1FcuAEg+Kj9uzeIu8dHo5P7XESHl37pWW
JwF06o/sD2+oZd2mkLmvQW0hyhkohb1zQ5aKLSzp0Po3kwZ8DYesrUuCN/RupdjL
/wZvHOR8LmwPNAVlIlIbVJ3XTCQEl5s4ZIQqQ4fJRaFsogLrGuKsJj/ZypQmjW0s
O2hztIkX1QTLWJgI57gpCp/5d7cbLcCmxbNVBXTI5ZkApXZVGwNjk5YbY0y8UboQ
XWzUrSnUwsi7MPejCzcLgIrxoY9x8Yf/P/gRRwUhkMv92qP7ogi85oIaUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEIMAz+iDBooYfTwGxlX4+/v+n8jMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUWd3RFA2SU1HaWhoOVBBYkdWZmo3LV82ZnlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGez7EpoYVjVbGA3We7G
hos0LW7XwCJ5U9VboWfdVqOPpL5X7P/NnSsHgbszLkWr69sbAnU/iTXUhgsPQ9Zq
9BPZm3KI5UeRXTIIXgX+CY6X53ltSU4DCvp/MAOlIN/2H9FWJX+5uSGNWVZGvz9o
0a5GDvlrYsW6qlQj0nudcoo75xQVbpDblm+QuCxBb/vnlK7LmDv0RzzpAB44Z6bI
vMYj9JbjwUg7m2ldyJzE22btfWIBAk8jjCkto7lo0X8jc5qcXwxCSu0inmr6PiF7
zr11PEeEnb8077ytXNZrlGU/zLqCmEnmalSzYNBxlnIrL0WxiqYdLaKhv9nsHniW
0S4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:50 2024 by rpki-client on console-ams.rpki-client.org