Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Qzadn0ne9-nLwPw3HH0oRRR7WpU.roa
File: Qzadn0ne9-nLwPw3HH0oRRR7WpU.roa (raw, json)
Hash identifier: tFPr8nrfw8ahpTGnBKKeyJc5PAHuII5MDvAE8nEFbK0=
Subject key identifier: 43:36:9D:9F:49:DE:F7:E9:CB:C0:FC:37:1C:7D:28:45:14:7B:5A:95
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C92F1EF9EFC71B819AA6208C18469611E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Qzadn0ne9-nLwPw3HH0oRRR7WpU.roa
Signing time: Fri 22 Dec 2023 19:12:58 +0000
ROA not before: Fri 22 Dec 2023 19:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:92:f1:ef:9e:fc:71:b8:19:aa:62:08:c1:84:69:61:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 22 19:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43369d9f49def7e9cbc0fc371c7d2845147b5a95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d3:c3:83:a4:7f:1e:25:93:fe:5c:dd:e9:27:
45:a0:60:68:f2:15:a1:58:2e:43:6b:26:bc:12:9f:
b2:cd:02:3c:70:26:24:dc:c3:fe:49:37:ab:61:dc:
e7:05:7b:d4:10:2d:68:e1:f5:32:3e:2d:81:b4:ba:
2e:37:77:42:69:a0:bd:d9:c9:64:76:04:ce:b0:48:
23:39:27:17:dc:d0:c8:dc:50:1d:3c:06:00:03:e5:
49:40:de:96:b3:06:fb:87:27:51:9e:94:3f:70:7e:
74:d7:03:3e:0b:c9:3d:0f:77:70:df:33:90:96:19:
e8:be:f6:f3:e5:d7:02:56:ff:81:9c:0f:8e:dc:77:
60:be:9b:6e:88:63:58:80:12:9c:6f:9e:49:92:d9:
b7:aa:06:08:b4:0a:36:bd:a9:4e:3c:21:89:77:e7:
30:14:35:14:e8:6c:30:74:3e:42:50:f4:78:35:35:
d1:4a:0c:7b:71:20:d9:d5:10:54:d4:ed:12:d5:2e:
5b:bc:16:55:78:b7:89:ef:96:d2:bd:36:f0:dd:64:
a8:55:69:cf:93:24:74:13:7a:7e:b1:3a:b3:4f:02:
9c:c5:62:f7:ee:b2:6d:88:29:e8:10:6c:4b:da:43:
7a:be:81:67:fc:d3:63:21:72:2b:f5:8d:42:73:fb:
c8:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:36:9D:9F:49:DE:F7:E9:CB:C0:FC:37:1C:7D:28:45:14:7B:5A:95
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Qzadn0ne9-nLwPw3HH0oRRR7WpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:4f:4c:c4:25:d4:da:2d:49:c8:1a:08:77:5d:97:29:1d:62:
15:43:b9:a0:fd:72:8a:6e:dd:40:5d:b2:b0:f8:ee:ab:65:dc:
3e:23:92:20:1d:fc:5f:71:61:9d:10:e3:df:ae:e9:60:d7:d2:
04:b8:7b:d1:57:65:16:60:43:3f:be:6b:59:3d:78:dd:bf:f2:
48:c5:2e:37:5e:56:fe:e3:92:67:94:a4:4d:75:60:37:b5:53:
0f:8c:69:5a:45:c4:ea:72:06:52:a7:33:f1:4b:38:6d:83:1e:
37:c0:c5:de:d4:ee:11:4b:9d:1f:41:21:af:d6:52:69:5a:bd:
91:a2:c7:47:7b:a2:fa:f7:5c:3e:1f:3e:48:bb:fb:6e:45:4f:
64:fb:38:f1:e4:0b:d0:5d:79:15:f4:5b:ae:f9:57:c6:40:f6:
02:e0:6d:44:42:4a:48:ad:39:44:1e:5d:37:32:19:b7:01:0c:
12:e0:f9:93:5c:81:1a:9e:62:89:c8:16:90:2b:d4:3d:ea:96:
a3:f1:2e:ba:81:a5:06:ce:3c:ca:6f:78:44:21:98:3f:df:dd:
2e:df:ff:ff:2a:8a:e7:42:51:f1:e4:b2:9d:c4:5c:34:5f:6e:
0b:58:74:63:d1:70:83:b7:3e:75:28:14:2d:8e:79:cc:ec:ea:
6a:81:31:a8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyS8e+e/HG4GapiCMGEaWEeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIyMTkxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzM2OWQ5ZjQ5ZGVmN2U5Y2JjMGZjMzcxYzdkMjg0NTE0N2I1YTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9PDg6R/HiWT/lzd6SdFoGBo8hWh
WC5Daya8Ep+yzQI8cCYk3MP+STerYdznBXvUEC1o4fUyPi2BtLouN3dCaaC92clk
dgTOsEgjOScX3NDI3FAdPAYAA+VJQN6Wswb7hydRnpQ/cH501wM+C8k9D3dw3zOQ
lhnovvbz5dcCVv+BnA+O3HdgvptuiGNYgBKcb55Jktm3qgYItAo2valOPCGJd+cw
FDUU6GwwdD5CUPR4NTXRSgx7cSDZ1RBU1O0S1S5bvBZVeLeJ75bSvTbw3WSoVWnP
kyR0E3p+sTqzTwKcxWL37rJtiCnoEGxL2kN6voFn/NNjIXIr9Y1Cc/vI7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEM2nZ9J3vfpy8D8Nxx9KEUUe1qVMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUXphZG4wbmU5LW5Md1B3M0hIMG9SUlI3V3BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI5PTMQl1NotScgaCHdd
lykdYhVDuaD9copu3UBdsrD47qtl3D4jkiAd/F9xYZ0Q49+u6WDX0gS4e9FXZRZg
Qz++a1k9eN2/8kjFLjdeVv7jkmeUpE11YDe1Uw+MaVpFxOpyBlKnM/FLOG2DHjfA
xd7U7hFLnR9BIa/WUmlavZGix0d7ovr3XD4fPki7+25FT2T7OPHkC9BdeRX0W675
V8ZA9gLgbURCSkitOUQeXTcyGbcBDBLg+ZNcgRqeYonIFpAr1D3qlqPxLrqBpQbO
PMpveEQhmD/f3S7f//8qiudCUfHksp3EXDRfbgtYdGPRcIO3PnUoFC2Oeczs6mqB
Mag=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:07:05 2025 by rpki-client