Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/cQYaiDwOEnwHiRyabqCIMwui9AU.roa
File: cQYaiDwOEnwHiRyabqCIMwui9AU.roa (raw, json)
Hash identifier: l1svkxTR21ufzFNeKGhkkD0TQZsEoMYDH/hhunovpHE=
Subject key identifier: 71:06:1A:88:3C:0E:12:7C:07:89:1C:9A:6E:A0:88:33:0B:A2:F4:05
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E1C7D5AB0E00BF8E4410DF89161EF71B0
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/cQYaiDwOEnwHiRyabqCIMwui9AU.roa
Signing time: Fri 08 Mar 2024 05:16:01 +0000
ROA not before: Fri 08 Mar 2024 05:16:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1c:7d:5a:b0:e0:0b:f8:e4:41:0d:f8:91:61:ef:71:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 8 05:16:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71061a883c0e127c07891c9a6ea088330ba2f405
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6f:b6:cb:48:b4:ba:2f:78:d7:05:ea:67:8c:
af:d6:56:87:36:d9:b6:ca:ea:e0:8a:c5:09:d4:34:
40:d3:64:e8:99:1d:ba:06:f2:41:81:a7:65:c0:67:
db:e1:71:f2:d7:8a:45:43:c3:a7:e0:04:c1:e6:eb:
2a:09:16:ee:6b:42:28:7b:35:7f:b4:94:fa:89:73:
50:70:f4:62:d8:5e:ee:77:60:63:6e:fe:6d:11:5f:
f7:68:19:7f:35:85:a5:a9:40:e8:c2:16:5d:f2:d0:
c1:40:07:0b:4b:49:7c:30:db:7d:f5:c5:5e:f5:da:
6a:ae:3a:c2:01:24:6e:d5:4f:3c:99:49:c0:35:18:
df:4e:b9:c6:23:1c:63:69:90:82:7c:1d:3a:84:f3:
50:5f:e0:89:0d:d8:15:80:32:60:78:f4:95:65:93:
88:93:92:3e:1a:0c:ba:91:6f:7d:21:c1:c3:3d:b2:
01:19:3f:b7:99:5c:8f:54:b6:8b:2d:37:76:73:90:
cf:fb:08:3b:dc:9a:6a:6c:bf:ed:26:b6:d3:9e:fa:
4c:65:cf:39:23:7b:21:e2:3d:3f:72:2a:03:61:4b:
8f:d3:8a:31:a5:ee:6e:65:49:34:f5:ac:fb:0d:ba:
89:94:48:ba:a0:34:5a:1d:05:7a:1e:63:1e:16:57:
bb:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:06:1A:88:3C:0E:12:7C:07:89:1C:9A:6E:A0:88:33:0B:A2:F4:05
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/cQYaiDwOEnwHiRyabqCIMwui9AU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
31:00:d9:5f:06:76:e4:12:fb:c7:f2:23:0b:d5:c1:eb:97:b6:
20:75:04:28:54:a5:09:dc:23:b7:18:2d:34:3d:14:56:86:55:
24:91:47:4e:84:0d:a1:86:67:7b:45:d1:01:70:cf:d4:3f:6b:
cd:f5:a3:a5:e8:4b:35:05:d0:da:ff:d8:77:df:0b:17:46:b8:
e9:34:2b:40:46:31:3d:ac:9b:92:f5:26:ad:f7:a2:99:ec:b5:
43:bb:28:73:33:de:b8:f7:ce:dc:8b:16:24:51:77:72:7e:3a:
64:bf:c1:9b:99:be:84:60:48:a5:16:ab:7f:52:0d:96:d0:1e:
29:2b:3d:c0:de:69:66:82:1e:a2:4e:04:76:5b:9a:0c:70:74:
45:17:e0:a2:ec:19:ea:be:40:0f:09:c6:84:84:f7:05:42:68:
c7:f8:c7:cd:f1:ca:cc:ff:b0:57:cf:c3:a8:b5:05:ed:9b:28:
16:e9:a6:1e:94:a1:27:df:77:ff:86:87:dd:63:67:2f:5e:48:
c8:cd:23:81:12:f8:2d:5c:89:d5:48:a8:39:1f:8e:bf:12:32:
41:08:b5:62:ba:f7:1e:75:69:18:3c:2f:bc:f0:41:ad:5f:14:
83:34:db:79:d8:a7:f6:60:f8:00:fd:9d:71:e2:db:4d:d3:04:
79:ad:23:3e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4cfVqw4Av45EEN+JFh73GwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA4MDUxNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTA2MWE4ODNjMGUxMjdjMDc4OTFjOWE2ZWEwODgzMzBiYTJmNDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1m+2y0i0ui941wXqZ4yv1laHNtm2
yurgisUJ1DRA02TomR26BvJBgadlwGfb4XHy14pFQ8On4ATB5usqCRbua0IoezV/
tJT6iXNQcPRi2F7ud2Bjbv5tEV/3aBl/NYWlqUDowhZd8tDBQAcLS0l8MNt99cVe
9dpqrjrCASRu1U88mUnANRjfTrnGIxxjaZCCfB06hPNQX+CJDdgVgDJgePSVZZOI
k5I+Ggy6kW99IcHDPbIBGT+3mVyPVLaLLTd2c5DP+wg73JpqbL/tJrbTnvpMZc85
I3sh4j0/cioDYUuP04oxpe5uZUk09az7DbqJlEi6oDRaHQV6HmMeFle78QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHEGGog8DhJ8B4kcmm6giDMLovQFMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvY1FZYWlEd09FbndIaVJ5YWJxQ0lNd3VpOUFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADEA2V8GduQS+8fyIwvV
weuXtiB1BChUpQncI7cYLTQ9FFaGVSSRR06EDaGGZ3tF0QFwz9Q/a831o6XoSzUF
0Nr/2HffCxdGuOk0K0BGMT2sm5L1Jq33opnstUO7KHMz3rj3ztyLFiRRd3J+OmS/
wZuZvoRgSKUWq39SDZbQHikrPcDeaWaCHqJOBHZbmgxwdEUX4KLsGeq+QA8JxoSE
9wVCaMf4x83xysz/sFfPw6i1Be2bKBbpph6UoSffd/+Gh91jZy9eSMjNI4ES+C1c
idVIqDkfjr8SMkEItWK69x51aRg8L7zwQa1fFIM023nYp/Zg+AD9nXHi203TBHmt
Iz4=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:03:22 2025 by rpki-client