Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Qvsl6tgguEZVBhjch_v5Le_5M7c.roa
File: Qvsl6tgguEZVBhjch_v5Le_5M7c.roa (raw, json)
Hash identifier: JY8bHoI4uSq1P2GhwfsupF6d1IG64RXf/m2ReQH/x0k=
Subject key identifier: 42:FB:25:EA:D8:20:B8:46:55:06:18:DC:87:FB:F9:2D:EF:F9:33:B7
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E00CC3B8823DEEE4BC326905CECB54E13
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Qvsl6tgguEZVBhjch_v5Le_5M7c.roa
Signing time: Sat 02 Mar 2024 20:12:48 +0000
ROA not before: Sat 02 Mar 2024 20:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:00:cc:3b:88:23:de:ee:4b:c3:26:90:5c:ec:b5:4e:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 2 20:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42fb25ead820b846550618dc87fbf92deff933b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b2:5e:23:06:f5:84:03:a1:41:c5:0a:0a:2f:
b7:a5:a1:a2:c0:29:e1:56:d3:2b:92:8b:36:a8:97:
10:c4:f8:83:4d:2f:55:68:4c:37:11:46:64:45:ad:
26:4c:67:4a:b6:ba:6f:bf:4c:1b:c4:f0:22:11:f6:
36:a2:f9:1a:e8:26:58:c1:33:cd:59:c6:c1:ed:85:
8c:e9:32:1b:0d:af:0b:19:40:a9:a9:78:f8:eb:ec:
99:c5:81:41:ff:ea:44:5e:22:a3:e4:ef:76:d3:d8:
a4:f4:4f:15:b7:d1:26:de:c7:51:b0:25:5a:36:c7:
ab:44:1b:a6:78:c9:33:56:d7:4e:d3:4d:12:7f:76:
9a:d7:95:95:2d:fc:5a:4c:0e:0a:cf:f6:4c:ee:b2:
66:ab:3f:33:ee:cb:9b:e5:fc:a6:f0:0f:44:3f:af:
c6:dc:cf:c9:cf:a3:22:90:b5:f0:cb:74:12:0c:31:
e6:84:8b:10:e1:d5:4c:8f:64:77:a3:89:9d:80:b2:
e8:64:5c:59:af:38:fe:b1:04:86:b0:9c:42:45:41:
7e:f8:a7:72:5d:c9:fa:4c:db:63:2a:9a:23:9b:21:
e8:9a:6c:b0:37:4e:9b:df:a5:59:e9:de:a3:2a:ff:
20:dc:f6:15:e8:9b:24:83:ad:ea:c6:bc:56:b4:47:
ad:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:FB:25:EA:D8:20:B8:46:55:06:18:DC:87:FB:F9:2D:EF:F9:33:B7
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Qvsl6tgguEZVBhjch_v5Le_5M7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
65:5a:83:fd:b7:93:85:2c:ae:3d:79:6b:c0:3b:7f:7c:ee:02:
ae:cf:cf:76:a9:d9:a7:1a:78:33:b8:2a:95:a5:da:35:3b:9e:
8b:18:4b:9d:d4:18:33:b2:4d:b3:ba:dd:e2:e7:0a:04:0b:5d:
2b:95:c3:08:e9:93:39:5d:49:bd:77:c5:f0:bb:58:9c:fe:96:
15:fd:f6:00:43:d9:21:4e:79:9e:38:9d:91:3c:a8:d9:52:bd:
e6:68:0f:88:ba:02:e9:03:e4:71:a3:05:61:d0:38:9e:34:8f:
d3:68:71:00:53:b7:51:10:1f:0b:f2:70:ca:08:93:82:36:6d:
ee:b6:c8:28:78:f5:63:e6:33:63:b1:29:de:ee:89:d5:b1:46:
12:04:2c:14:b8:b6:4b:8d:45:c5:4e:ab:84:36:a2:bc:17:bd:
ec:9b:1f:ba:95:c9:13:78:e4:fb:e3:af:13:05:cb:ea:f8:13:
97:f3:c8:c2:51:d1:0b:67:cd:b1:3e:da:26:d7:c0:1a:03:f2:
9f:86:d8:1e:d3:44:00:8d:3b:a2:0e:fc:df:03:68:c5:b2:9b:
ca:06:b7:94:db:97:2b:d1:b1:63:4c:98:e3:18:95:e8:92:b1:
ea:8b:9d:c9:94:5f:16:85:93:5c:d1:ac:c4:5d:61:eb:4b:3f:
6c:0b:57:fb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4AzDuII97uS8MmkFzstU4TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAyMjAxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmZiMjVlYWQ4MjBiODQ2NTUwNjE4ZGM4N2ZiZjkyZGVmZjkzM2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrJeIwb1hAOhQcUKCi+3paGiwCnh
VtMrkos2qJcQxPiDTS9VaEw3EUZkRa0mTGdKtrpvv0wbxPAiEfY2ovka6CZYwTPN
WcbB7YWM6TIbDa8LGUCpqXj46+yZxYFB/+pEXiKj5O9209ik9E8Vt9Em3sdRsCVa
NserRBumeMkzVtdO000Sf3aa15WVLfxaTA4Kz/ZM7rJmqz8z7sub5fym8A9EP6/G
3M/Jz6MikLXwy3QSDDHmhIsQ4dVMj2R3o4mdgLLoZFxZrzj+sQSGsJxCRUF++Kdy
Xcn6TNtjKpojmyHommywN06b36VZ6d6jKv8g3PYV6Jskg63qxrxWtEetKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEL7JerYILhGVQYY3If7+S3v+TO3MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUXZzbDZ0Z2d1RVpWQmhqY2hfdjVMZV81TTdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGVag/23k4Usrj15a8A7
f3zuAq7Pz3ap2acaeDO4KpWl2jU7nosYS53UGDOyTbO63eLnCgQLXSuVwwjpkzld
Sb13xfC7WJz+lhX99gBD2SFOeZ44nZE8qNlSveZoD4i6AukD5HGjBWHQOJ40j9No
cQBTt1EQHwvycMoIk4I2be62yCh49WPmM2OxKd7uidWxRhIELBS4tkuNRcVOq4Q2
orwXveybH7qVyRN45PvjrxMFy+r4E5fzyMJR0QtnzbE+2ibXwBoD8p+G2B7TRACN
O6IO/N8DaMWym8oGt5TblyvRsWNMmOMYleiSseqLncmUXxaFk1zRrMRdYetLP2wL
V/s=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:14:10 2025 by rpki-client