Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/c_q7FHEY6b47ZmxefakMW_0oYWg.roa
File: c_q7FHEY6b47ZmxefakMW_0oYWg.roa (raw, json)
Hash identifier: FKPC3Y6qkuJm2XIhMN5bsrClcXAFeWVY+uDruhat4f0=
Subject key identifier: 73:FA:BB:14:71:18:E9:BE:3B:66:6C:5E:7D:A9:0C:5B:FD:28:61:68
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E054BF7A382B556934B611315BE897ABE
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/c_q7FHEY6b47ZmxefakMW_0oYWg.roa
Signing time: Sun 03 Mar 2024 17:10:48 +0000
ROA not before: Sun 03 Mar 2024 17:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:05:4b:f7:a3:82:b5:56:93:4b:61:13:15:be:89:7a:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 3 17:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73fabb147118e9be3b666c5e7da90c5bfd286168
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9c:1d:35:53:fb:f3:da:85:cc:4d:c5:92:30:
20:99:cd:f9:59:b7:ba:e0:33:8b:66:c9:e3:b1:6d:
18:bf:fc:99:f3:a4:05:f2:ec:85:d3:40:8c:2a:de:
97:1f:23:a0:f8:4d:01:bd:dc:7e:6f:90:48:32:64:
2f:85:17:d1:b7:c4:15:fe:c9:12:36:9f:50:bf:8c:
f1:2d:aa:9c:67:09:72:67:e5:46:af:c9:d0:5b:80:
e3:c3:21:c7:88:ba:92:c3:9e:26:27:b5:3e:57:1d:
22:fa:b2:fc:37:86:af:6f:85:a8:a9:33:e2:dc:75:
c5:b0:11:86:22:6c:f1:8c:c1:82:34:b5:b5:10:80:
27:50:78:47:00:fa:81:80:dd:62:b9:4b:18:5c:7a:
47:f8:ea:b3:c2:da:9f:93:e6:f9:3f:a9:69:dd:53:
c4:d0:ac:8f:a6:3d:ea:19:5b:c6:a2:ee:49:e6:1e:
c8:d8:ba:80:12:3c:80:db:5e:1d:85:27:70:bf:b7:
ff:71:e1:6f:4f:ea:b8:5b:ff:23:a9:48:2f:9c:1e:
3f:69:47:b3:30:25:ca:c2:67:12:1c:07:15:66:ed:
57:ae:c9:c2:db:a8:74:ba:02:04:f1:74:55:e4:34:
6e:9b:cf:0e:a8:c3:10:8a:a3:ef:22:ca:ec:e7:a0:
73:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:FA:BB:14:71:18:E9:BE:3B:66:6C:5E:7D:A9:0C:5B:FD:28:61:68
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/c_q7FHEY6b47ZmxefakMW_0oYWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:d9:b1:f3:0f:2f:4f:8b:89:29:a3:ca:69:90:ca:0d:d0:fc:
97:16:61:0f:48:f9:76:40:78:c4:30:d4:06:16:7b:39:f9:32:
39:a6:30:70:1f:50:68:54:22:bb:6d:ca:f2:aa:79:09:5c:d6:
96:da:a7:61:64:84:d1:45:84:37:96:b6:03:1b:e3:4c:b8:1c:
ba:1f:31:0d:f1:92:6b:bb:e1:53:f3:67:57:8c:bd:b1:cc:3a:
40:19:fa:7c:97:5f:f5:74:56:a9:17:52:5d:d9:88:9f:30:02:
af:7d:57:93:1c:5d:32:19:e5:51:09:e9:0c:6b:da:3b:70:73:
1a:7a:46:7f:be:7d:a3:87:aa:1b:cb:24:a8:ad:0e:37:e6:39:
4b:da:7f:e4:4d:a2:56:15:94:64:2c:b1:60:91:fa:c8:43:d3:
7e:2b:bb:e6:c9:da:31:90:f6:46:9a:90:6a:74:ca:a1:6f:5a:
8b:15:b6:08:84:29:fc:4f:4a:90:1f:d8:70:32:e3:7f:c6:6f:
b9:56:25:40:f0:ac:39:54:b8:0d:fa:c4:dc:76:ac:96:e2:c5:
23:a8:81:90:02:58:f8:8b:e8:c9:bd:22:b6:22:68:7e:f0:32:
51:a9:2d:d2:51:15:8b:f7:9a:f0:92:a6:cf:55:01:d4:04:4a:
0a:1b:73:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4FS/ejgrVWk0thExW+iXq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAzMTcxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2ZhYmIxNDcxMThlOWJlM2I2NjZjNWU3ZGE5MGM1YmZkMjg2MTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpwdNVP789qFzE3FkjAgmc35Wbe6
4DOLZsnjsW0Yv/yZ86QF8uyF00CMKt6XHyOg+E0Bvdx+b5BIMmQvhRfRt8QV/skS
Np9Qv4zxLaqcZwlyZ+VGr8nQW4DjwyHHiLqSw54mJ7U+Vx0i+rL8N4avb4WoqTPi
3HXFsBGGImzxjMGCNLW1EIAnUHhHAPqBgN1iuUsYXHpH+Oqzwtqfk+b5P6lp3VPE
0KyPpj3qGVvGou5J5h7I2LqAEjyA214dhSdwv7f/ceFvT+q4W/8jqUgvnB4/aUez
MCXKwmcSHAcVZu1XrsnC26h0ugIE8XRV5DRum88OqMMQiqPvIsrs56Bz3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHP6uxRxGOm+O2ZsXn2pDFv9KGFoMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvY19xN0ZIRVk2YjQ3Wm14ZWZha01XXzBvWVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACzZsfMPL0+LiSmjymmQ
yg3Q/JcWYQ9I+XZAeMQw1AYWezn5MjmmMHAfUGhUIrttyvKqeQlc1pbap2FkhNFF
hDeWtgMb40y4HLofMQ3xkmu74VPzZ1eMvbHMOkAZ+nyXX/V0VqkXUl3ZiJ8wAq99
V5McXTIZ5VEJ6Qxr2jtwcxp6Rn++faOHqhvLJKitDjfmOUvaf+RNolYVlGQssWCR
+shD034ru+bJ2jGQ9kaakGp0yqFvWosVtgiEKfxPSpAf2HAy43/Gb7lWJUDwrDlU
uA36xNx2rJbixSOogZACWPiL6Mm9IrYiaH7wMlGpLdJRFYv3mvCSps9VAdQESgob
c8s=
-----END CERTIFICATE-----
Generated at Sun Apr 20 01:59:18 2025 by rpki-client