Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/cqlpRsw9P6P69ioh9hxAC6MbPis.roa
File: cqlpRsw9P6P69ioh9hxAC6MbPis.roa (raw, json)
Hash identifier: 1O5iewGVgN7zDiO3DkYq0noeGul4shkKpm+lPg6tNO0=
Subject key identifier: 72:A9:69:46:CC:3D:3F:A3:FA:F6:2A:21:F6:1C:40:0B:A3:1B:3E:2B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C913C50983F91A66D8584495E2F3946CF
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/cqlpRsw9P6P69ioh9hxAC6MbPis.roa
Signing time: Fri 22 Dec 2023 11:14:58 +0000
ROA not before: Fri 22 Dec 2023 11:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:91:3c:50:98:3f:91:a6:6d:85:84:49:5e:2f:39:46:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 22 11:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72a96946cc3d3fa3faf62a21f61c400ba31b3e2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b7:4d:c6:ca:27:ba:89:03:8f:5f:46:48:ac:
b0:13:3c:e8:52:26:ce:2b:46:48:5f:43:2d:9c:1f:
8a:ca:13:39:94:51:f1:20:f7:63:64:ae:d9:f4:6c:
2f:04:a4:22:ad:46:85:15:d5:08:53:31:b8:52:86:
ee:6c:88:ae:f7:99:5b:21:b4:1b:08:98:63:8e:61:
f4:6e:62:0a:b2:74:ea:88:6f:7a:28:ac:be:92:d4:
cb:d5:dd:b0:04:e6:95:03:d0:58:f3:22:ad:1f:20:
5d:c0:32:d6:9a:dc:d5:be:9f:7c:56:ca:21:9a:92:
79:19:69:02:c8:52:b1:fd:ef:c1:84:65:e9:ae:d0:
6f:c7:63:f5:e4:da:45:c7:e2:f9:48:0f:07:c1:57:
f7:5a:04:c0:30:3f:5a:eb:d7:3c:47:fe:a5:db:cc:
e5:46:05:e0:c4:bf:d7:e2:35:36:4c:cd:6f:f4:71:
c5:95:06:fe:77:aa:19:ee:46:6b:91:80:85:0f:cf:
a3:c0:4d:ec:a4:0c:a2:6d:17:62:2a:04:e1:77:90:
7d:17:56:5a:86:92:02:32:2b:51:ff:d5:22:fa:e5:
91:bd:b8:21:5e:ec:6f:3f:70:85:d1:07:5b:45:94:
52:b9:4c:96:17:80:ff:b5:60:83:51:c5:f1:04:a5:
e2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:A9:69:46:CC:3D:3F:A3:FA:F6:2A:21:F6:1C:40:0B:A3:1B:3E:2B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/cqlpRsw9P6P69ioh9hxAC6MbPis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
15:d7:7a:9e:5c:f9:e5:de:9b:d6:3f:fe:31:db:16:c6:f5:3e:
3f:4b:e2:81:84:f3:4b:e3:5a:10:b7:61:b9:de:3c:4e:48:98:
d7:d5:2c:36:de:ab:4a:d1:52:67:2c:71:49:d6:c9:b8:7c:0b:
cc:89:1d:d1:91:5d:08:7a:3d:2e:f5:94:c3:f5:ac:a2:79:38:
29:95:2b:f9:d0:4e:06:3f:00:d5:06:d0:d7:52:ec:5e:92:9b:
f2:db:51:f8:46:87:bb:b6:8c:90:2d:f0:32:1d:e2:8f:e5:45:
5c:63:a2:d3:2e:e0:66:39:55:ec:e1:b2:30:09:9b:af:f9:43:
d5:99:18:4d:14:9a:46:7e:b6:80:6b:1f:32:41:86:55:af:41:
20:77:6c:b2:cb:cd:48:49:27:eb:e2:7b:d0:3b:a0:02:4d:94:
91:33:e2:f7:4c:4c:0f:c8:6b:12:c0:c2:f2:ca:91:f9:57:bc:
5f:4b:14:fd:ce:31:e7:22:75:4f:75:61:51:15:09:0c:2c:46:
f3:1c:86:f2:bd:8f:94:ac:a9:8f:40:32:93:4a:1f:c4:48:3b:
7f:39:b1:7f:1c:c1:a7:cf:86:c0:08:01:a1:9d:60:cf:b8:9b:
c7:93:b1:64:8a:8d:e3:7b:1c:02:c7:3e:52:35:2a:0d:91:3f:
ac:98:56:22
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyRPFCYP5GmbYWESV4vOUbPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIyMTExNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmE5Njk0NmNjM2QzZmEzZmFmNjJhMjFmNjFjNDAwYmEzMWIzZTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrdNxsonuokDj19GSKywEzzoUibO
K0ZIX0MtnB+KyhM5lFHxIPdjZK7Z9GwvBKQirUaFFdUIUzG4UobubIiu95lbIbQb
CJhjjmH0bmIKsnTqiG96KKy+ktTL1d2wBOaVA9BY8yKtHyBdwDLWmtzVvp98Vsoh
mpJ5GWkCyFKx/e/BhGXprtBvx2P15NpFx+L5SA8HwVf3WgTAMD9a69c8R/6l28zl
RgXgxL/X4jU2TM1v9HHFlQb+d6oZ7kZrkYCFD8+jwE3spAyibRdiKgThd5B9F1Za
hpICMitR/9Ui+uWRvbghXuxvP3CF0QdbRZRSuUyWF4D/tWCDUcXxBKXivwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHKpaUbMPT+j+vYqIfYcQAujGz4rMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvY3FscFJzdzlQNlA2OWlvaDloeEFDNk1iUGlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABXXep5c+eXem9Y//jHb
Fsb1Pj9L4oGE80vjWhC3YbnePE5ImNfVLDbeq0rRUmcscUnWybh8C8yJHdGRXQh6
PS71lMP1rKJ5OCmVK/nQTgY/ANUG0NdS7F6Sm/LbUfhGh7u2jJAt8DId4o/lRVxj
otMu4GY5VezhsjAJm6/5Q9WZGE0UmkZ+toBrHzJBhlWvQSB3bLLLzUhJJ+vie9A7
oAJNlJEz4vdMTA/IaxLAwvLKkflXvF9LFP3OMecidU91YVEVCQwsRvMchvK9j5Ss
qY9AMpNKH8RIO385sX8cwafPhsAIAaGdYM+4m8eTsWSKjeN7HALHPlI1Kg2RP6yY
ViI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:13 2025 by rpki-client