Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lqF-vyRvKOlCm5hIAepdibpsR6M.roa
File: lqF-vyRvKOlCm5hIAepdibpsR6M.roa (raw, json)
Hash identifier: IEncLEy/0DCAslvLbNzAp9dtWd3rw+gfOHxO6k5bLpQ=
Subject key identifier: 96:A1:7E:BF:24:6F:28:E9:42:9B:98:48:01:EA:5D:89:BA:6C:47:A3
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E6349CE96C4DE260F79DCFBE730641947
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lqF-vyRvKOlCm5hIAepdibpsR6M.roa
Signing time: Thu 21 Mar 2024 23:12:45 +0000
ROA not before: Thu 21 Mar 2024 23:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:63:49:ce:96:c4:de:26:0f:79:dc:fb:e7:30:64:19:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 21 23:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96a17ebf246f28e9429b984801ea5d89ba6c47a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:40:1a:23:00:10:b2:97:d7:70:ed:02:d9:aa:
43:9d:3d:e9:25:3f:c5:4b:23:71:27:19:b4:c0:be:
0f:32:9e:e8:e2:3a:93:e3:e0:93:63:9f:45:65:e6:
de:96:0b:67:68:31:83:81:f7:77:fc:7f:dd:a2:d9:
97:bd:44:35:0f:2e:c0:97:20:fd:75:09:39:2c:d8:
30:3e:38:7c:30:4d:1b:26:41:ed:44:b7:f0:b2:5c:
5e:f2:58:99:70:72:f5:5d:8e:b0:1d:14:86:62:be:
09:08:0d:06:f5:81:06:40:ef:72:79:a2:88:7e:fc:
77:4f:ad:39:ea:c5:07:92:ce:1a:35:2e:47:fc:59:
29:6a:71:c9:91:1e:b1:ec:cf:47:cb:80:ab:56:57:
88:40:de:39:8e:4f:ff:c0:3a:d3:f2:22:7f:88:5b:
ba:b2:f3:1b:f5:40:e0:a6:90:56:7b:ef:46:96:59:
59:fc:32:a7:ed:d1:f2:16:66:03:aa:3a:d6:9c:0e:
a7:71:dd:e2:e6:e0:12:a4:4e:3a:0e:4b:70:54:15:
cd:41:e6:60:11:d5:72:06:87:23:75:20:da:c8:c8:
8b:2d:90:73:55:62:30:e8:b3:6f:a6:85:51:ab:3c:
0f:6d:0a:c4:ca:3e:b9:bf:62:28:bd:61:6a:6f:49:
d3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:A1:7E:BF:24:6F:28:E9:42:9B:98:48:01:EA:5D:89:BA:6C:47:A3
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lqF-vyRvKOlCm5hIAepdibpsR6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
91:55:b1:46:11:a3:e2:16:73:c4:17:65:23:55:ee:6a:d5:89:
87:ee:40:16:fc:2c:d3:9b:1d:69:e1:0a:78:83:7a:54:6f:15:
4a:c8:e9:f4:84:58:ee:ea:78:1b:d0:6e:b2:cf:43:be:2e:ae:
57:96:54:33:f3:8b:af:76:8a:fd:96:97:27:73:29:ce:38:1a:
50:65:8c:c8:8d:57:52:50:21:67:f7:46:a4:cf:00:5b:5d:a8:
db:60:bc:0f:2f:5e:ea:0c:7e:2a:ef:c7:bb:51:55:5a:c1:08:
d0:a6:20:74:d8:86:bf:cf:cc:09:8d:6c:fc:f1:28:59:30:f3:
f8:98:cd:af:76:fd:bc:d5:97:9c:d5:74:8b:09:7f:8d:5e:f6:
e5:7a:48:cc:4e:67:0c:96:df:40:ae:7e:89:b1:c1:ac:af:ad:
eb:1e:1e:9f:d8:a6:29:e8:c7:5a:b5:02:80:80:b3:6f:92:89:
3c:ab:41:43:0c:0f:ab:37:84:bf:64:69:7b:8f:fa:2d:e2:11:
97:16:ad:c2:26:48:1d:a1:8a:c1:da:27:3e:df:0d:f9:ba:e3:
25:41:2d:f7:10:96:45:8b:f5:fb:03:d4:c5:74:d7:f0:4d:b0:
9d:e4:05:ef:5a:80:39:c6:04:7c:0f:0c:08:b9:ae:15:20:77:
2f:79:c0:c2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5jSc6WxN4mD3nc++cwZBlHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIxMjMxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmExN2ViZjI0NmYyOGU5NDI5Yjk4NDgwMWVhNWQ4OWJhNmM0N2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEAaIwAQspfXcO0C2apDnT3pJT/F
SyNxJxm0wL4PMp7o4jqT4+CTY59FZebelgtnaDGDgfd3/H/dotmXvUQ1Dy7AlyD9
dQk5LNgwPjh8ME0bJkHtRLfwslxe8liZcHL1XY6wHRSGYr4JCA0G9YEGQO9yeaKI
fvx3T6056sUHks4aNS5H/FkpanHJkR6x7M9Hy4CrVleIQN45jk//wDrT8iJ/iFu6
svMb9UDgppBWe+9GlllZ/DKn7dHyFmYDqjrWnA6ncd3i5uASpE46DktwVBXNQeZg
EdVyBocjdSDayMiLLZBzVWIw6LNvpoVRqzwPbQrEyj65v2IovWFqb0nTkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJahfr8kbyjpQpuYSAHqXYm6bEejMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbHFGLXZ5UnZLT2xDbTVoSUFlcGRpYnBzUjZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJFVsUYRo+IWc8QXZSNV
7mrViYfuQBb8LNObHWnhCniDelRvFUrI6fSEWO7qeBvQbrLPQ74urleWVDPzi692
iv2WlydzKc44GlBljMiNV1JQIWf3RqTPAFtdqNtgvA8vXuoMfirvx7tRVVrBCNCm
IHTYhr/PzAmNbPzxKFkw8/iYza92/bzVl5zVdIsJf41e9uV6SMxOZwyW30Cufomx
wayvreseHp/Ypinox1q1AoCAs2+SiTyrQUMMD6s3hL9kaXuP+i3iEZcWrcImSB2h
isHaJz7fDfm64yVBLfcQlkWL9fsD1MV01/BNsJ3kBe9agDnGBHwPDAi5rhUgdy95
wMI=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:27:36 2025 by rpki-client