Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QwBRdqDU_guYrW1hbdshQUl_5hY.roa
File: QwBRdqDU_guYrW1hbdshQUl_5hY.roa (raw, json)
Hash identifier: 3D7tD7DaPTXNShUKigRn5ThcqKWE8YBhHZeGsuhCkWY=
Subject key identifier: 43:00:51:76:A0:D4:FE:0B:98:AD:6D:61:6D:DB:21:41:49:7F:E6:16
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EE4074A784A432AD0E731C451995A8950
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QwBRdqDU_guYrW1hbdshQUl_5hY.roa
Signing time: Mon 15 Apr 2024 23:11:06 +0000
ROA not before: Mon 15 Apr 2024 23:11:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e4:07:4a:78:4a:43:2a:d0:e7:31:c4:51:99:5a:89:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 15 23:11:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43005176a0d4fe0b98ad6d616ddb2141497fe616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:80:a0:c5:58:02:21:f1:a8:4f:33:50:4d:c9:
ab:31:a1:de:20:81:b8:6c:0d:57:df:1b:f2:5d:09:
b7:e9:f9:41:35:0f:09:e0:1d:38:ec:cb:ed:64:66:
2b:63:fa:b4:dd:93:11:ec:8e:40:f3:61:18:de:a6:
f9:9d:a7:a0:e7:b4:c3:a9:a0:fe:be:2d:c3:b6:3f:
b8:86:05:db:59:51:a0:ed:f4:90:e3:8e:2d:dc:f4:
5a:36:ea:93:4c:ad:e5:76:be:34:27:00:bc:da:b3:
5b:60:71:22:42:8f:93:c4:85:95:8b:b5:8e:ab:d3:
23:46:53:1f:49:4b:bf:3e:3a:e7:e2:3a:46:fc:d4:
e7:7b:e0:6d:26:8d:ae:79:7c:0b:d9:c4:e8:fd:1f:
42:cd:3d:c7:dd:cb:45:6e:f8:8f:29:95:a0:44:7d:
ac:5a:3d:e2:7a:ce:d4:81:0c:d9:6b:86:77:79:d3:
2b:4e:09:50:29:31:76:0e:b3:53:1d:fa:70:b5:f9:
95:8c:eb:3e:90:47:86:7b:ed:1e:00:ac:45:25:0b:
44:8e:af:22:d6:b5:cc:3f:ae:a0:94:e4:d0:f7:a2:
0a:73:1e:e0:df:e0:40:92:6d:1a:08:10:4f:07:3e:
2f:11:30:3d:97:63:27:0a:b4:44:98:a3:a1:43:22:
b4:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:00:51:76:A0:D4:FE:0B:98:AD:6D:61:6D:DB:21:41:49:7F:E6:16
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QwBRdqDU_guYrW1hbdshQUl_5hY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2e:71:1e:bd:35:ac:73:df:93:24:81:7e:38:ce:d5:50:81:6b:
63:3f:9f:33:42:f7:44:57:be:d4:a2:fe:2d:46:56:73:4e:79:
48:46:f4:a4:01:7c:60:85:42:8c:43:43:fa:b8:02:a7:58:93:
c3:92:f1:38:27:cf:6b:68:86:52:41:cc:b6:96:02:b1:7a:cc:
90:2d:f7:a8:fb:ad:b9:ed:15:9c:7a:7a:c9:fa:84:22:7a:c3:
f4:4e:47:e2:01:54:1f:7b:94:80:3f:d4:f1:5e:29:cd:a6:70:
3d:91:a3:25:b1:47:72:08:db:ba:94:5e:5b:99:c2:8d:91:8a:
a4:0a:61:36:16:ae:4d:33:19:be:52:9c:22:fd:a6:51:fd:f4:
e3:35:5b:a5:a2:e8:c2:97:86:7b:18:8f:fc:db:da:a5:e9:1a:
63:35:eb:77:c3:9d:93:c0:5a:98:46:e9:81:0a:d4:e1:cd:57:
ec:b1:a4:92:c6:e8:5b:77:13:03:f9:a4:f6:ab:db:26:38:bd:
3e:3e:88:64:9b:2b:9a:84:23:ef:ae:ad:2b:b2:02:45:45:e4:
57:55:88:04:48:5d:3c:85:1b:b6:57:1e:39:02:ca:3f:f6:53:
77:2a:2f:f6:0f:ad:f2:6f:d6:fa:2c:7b:ef:a4:b3:16:67:68:
8d:51:8d:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7kB0p4SkMq0OcxxFGZWolQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDE1MjMxMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzAwNTE3NmEwZDRmZTBiOThhZDZkNjE2ZGRiMjE0MTQ5N2ZlNjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkICgxVgCIfGoTzNQTcmrMaHeIIG4
bA1X3xvyXQm36flBNQ8J4B047MvtZGYrY/q03ZMR7I5A82EY3qb5naeg57TDqaD+
vi3Dtj+4hgXbWVGg7fSQ444t3PRaNuqTTK3ldr40JwC82rNbYHEiQo+TxIWVi7WO
q9MjRlMfSUu/Pjrn4jpG/NTne+BtJo2ueXwL2cTo/R9CzT3H3ctFbviPKZWgRH2s
Wj3ies7UgQzZa4Z3edMrTglQKTF2DrNTHfpwtfmVjOs+kEeGe+0eAKxFJQtEjq8i
1rXMP66glOTQ96IKcx7g3+BAkm0aCBBPBz4vETA9l2MnCrREmKOhQyK0YQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEMAUXag1P4LmK1tYW3bIUFJf+YWMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUXdCUmRxRFVfZ3VZclcxaGJkc2hRVWxfNWhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC5xHr01rHPfkySBfjjO
1VCBa2M/nzNC90RXvtSi/i1GVnNOeUhG9KQBfGCFQoxDQ/q4AqdYk8OS8Tgnz2to
hlJBzLaWArF6zJAt96j7rbntFZx6esn6hCJ6w/ROR+IBVB97lIA/1PFeKc2mcD2R
oyWxR3II27qUXluZwo2RiqQKYTYWrk0zGb5SnCL9plH99OM1W6Wi6MKXhnsYj/zb
2qXpGmM163fDnZPAWphG6YEK1OHNV+yxpJLG6Ft3EwP5pPar2yY4vT4+iGSbK5qE
I++urSuyAkVF5FdViARIXTyFG7ZXHjkCyj/2U3cqL/YPrfJv1vose++ksxZnaI1R
jSQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:31 2024 by rpki-client on console-fra.rpki-client.org