Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/q1h6DFjHCvq0yWa7LRoiQyQ6grw.roa
File: q1h6DFjHCvq0yWa7LRoiQyQ6grw.roa (raw, json)
Hash identifier: +N6htYCw92oLPHXmGUc2b/PH2xbBa+Ts8MAzsxVXtqE=
Subject key identifier: AB:58:7A:0C:58:C7:0A:FA:B4:C9:66:BB:2D:1A:22:43:24:3A:82:BC
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E32FF7133C2CE486A556AAA1BFA875D09
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/q1h6DFjHCvq0yWa7LRoiQyQ6grw.roa
Signing time: Tue 12 Mar 2024 14:09:45 +0000
ROA not before: Tue 12 Mar 2024 14:09:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:32:ff:71:33:c2:ce:48:6a:55:6a:aa:1b:fa:87:5d:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 12 14:09:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab587a0c58c70afab4c966bb2d1a2243243a82bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:92:fc:12:3a:a5:35:63:1c:72:ac:89:d9:05:
1d:4a:f6:60:cd:2c:c9:fb:f5:1c:9e:a3:82:ab:4f:
e6:85:1c:0d:45:fb:78:98:2c:c7:c4:5f:1a:f6:70:
db:55:3c:4a:b2:77:ef:6d:f0:08:ce:b9:3e:6a:6f:
b9:8f:9a:16:c1:df:39:45:83:5f:97:4b:5e:9c:61:
3e:ca:5f:4f:06:63:e0:03:70:d8:e0:84:53:82:91:
d8:c3:75:85:a2:ec:6c:fc:a0:58:96:e4:5f:e5:1c:
1b:61:be:73:0c:c9:ff:fd:5a:d4:29:d5:f7:81:23:
7b:6d:a9:9e:8f:4b:cf:68:cc:58:e9:33:34:cb:77:
ac:7e:4f:bc:0b:b4:80:9c:19:97:a7:9c:51:b4:7f:
53:d3:76:8f:1d:76:1b:d7:ea:fc:c0:15:a5:c0:a2:
a2:a0:c1:1e:7b:f5:42:0b:6d:0e:28:6a:b4:10:f0:
05:b8:24:83:a7:58:09:09:41:4d:5c:15:76:65:f3:
27:f2:70:bc:f4:98:77:f6:cd:15:3a:5e:9b:52:9c:
b4:70:d6:55:0d:e0:5a:ac:38:41:1d:a7:0e:80:3d:
e2:5b:9e:e0:a1:cf:4d:3d:6a:e6:32:dc:87:5f:24:
5b:94:0a:92:50:73:b2:70:78:ec:d3:c2:29:c5:f6:
9c:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:58:7A:0C:58:C7:0A:FA:B4:C9:66:BB:2D:1A:22:43:24:3A:82:BC
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/q1h6DFjHCvq0yWa7LRoiQyQ6grw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6f:88:66:0e:30:a6:9a:1d:26:d0:38:d6:b2:15:62:d3:d2:70:
68:22:d8:23:a9:f9:5d:9a:f7:f1:43:b0:6e:ea:d6:f0:9e:a1:
a6:f7:ca:71:38:cf:66:7e:7e:b0:93:20:75:ae:2a:c0:48:6e:
29:dd:aa:4d:65:10:7b:8b:34:0b:86:73:22:3c:f3:fb:13:0a:
60:9b:04:5e:78:b7:4e:04:0b:e1:1a:7c:c8:a3:bf:c9:77:83:
2f:08:95:45:16:e0:64:fc:b1:9f:72:e9:bd:e3:ae:c9:27:13:
c3:7e:52:44:95:69:42:16:d9:6a:ff:c1:1b:bd:84:0e:da:ab:
0f:83:66:74:70:36:c7:8f:80:60:59:e9:f1:6a:4d:a5:a6:4e:
62:be:a7:d9:11:66:27:7e:29:79:a5:9b:e8:38:f0:35:3d:d1:
86:1a:9c:0b:8f:67:11:b4:0b:c7:e4:19:05:76:08:c5:7c:43:
ef:c2:5d:b9:22:c8:f4:3a:fe:15:3c:f0:df:ab:3a:53:2a:4e:
f5:3d:9a:ae:36:6b:2f:45:0c:34:93:c3:e9:b3:9b:c4:6f:79:
d9:88:98:f0:29:87:33:b3:0a:61:a0:e0:36:17:5b:f3:ed:76:
b6:3a:82:0d:b9:c7:9f:08:cb:c3:06:c9:38:ab:cb:a7:f9:6f:
ce:8c:71:6a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4y/3Ezws5IalVqqhv6h10JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEyMTQwOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjU4N2EwYzU4YzcwYWZhYjRjOTY2YmIyZDFhMjI0MzI0M2E4MmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipL8EjqlNWMccqyJ2QUdSvZgzSzJ
+/UcnqOCq0/mhRwNRft4mCzHxF8a9nDbVTxKsnfvbfAIzrk+am+5j5oWwd85RYNf
l0tenGE+yl9PBmPgA3DY4IRTgpHYw3WFouxs/KBYluRf5RwbYb5zDMn//VrUKdX3
gSN7bamej0vPaMxY6TM0y3esfk+8C7SAnBmXp5xRtH9T03aPHXYb1+r8wBWlwKKi
oMEee/VCC20OKGq0EPAFuCSDp1gJCUFNXBV2ZfMn8nC89Jh39s0VOl6bUpy0cNZV
DeBarDhBHacOgD3iW57goc9NPWrmMtyHXyRblAqSUHOycHjs08IpxfacswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKtYegxYxwr6tMlmuy0aIkMkOoK8MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcTFoNkRGakhDdnEweVdhN0xSb2lReVE2Z3J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG+IZg4wppodJtA41rIV
YtPScGgi2COp+V2a9/FDsG7q1vCeoab3ynE4z2Z+frCTIHWuKsBIbindqk1lEHuL
NAuGcyI88/sTCmCbBF54t04EC+EafMijv8l3gy8IlUUW4GT8sZ9y6b3jrsknE8N+
UkSVaUIW2Wr/wRu9hA7aqw+DZnRwNsePgGBZ6fFqTaWmTmK+p9kRZid+KXmlm+g4
8DU90YYanAuPZxG0C8fkGQV2CMV8Q+/CXbkiyPQ6/hU88N+rOlMqTvU9mq42ay9F
DDSTw+mzm8RvedmImPAphzOzCmGg4DYXW/PtdrY6gg25x58Iy8MGyTiry6f5b86M
cWo=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:10:55 2025 by rpki-client