Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/q21aNJPkQaspL3Fh98R-HTYUcqc.roa
File: q21aNJPkQaspL3Fh98R-HTYUcqc.roa (raw, json)
Hash identifier: Gf4DK6oUQVvCdGULiuyC7QvTr5qES+btLhRSH2/CweY=
Subject key identifier: AB:6D:5A:34:93:E4:41:AB:29:2F:71:61:F7:C4:7E:1D:36:14:72:A7
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D5C6E76444C0259A9BADBBC0E071F3186
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/q21aNJPkQaspL3Fh98R-HTYUcqc.roa
Signing time: Tue 30 Jan 2024 22:12:39 +0000
ROA not before: Tue 30 Jan 2024 22:12:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5c:6e:76:44:4c:02:59:a9:ba:db:bc:0e:07:1f:31:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 30 22:12:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab6d5a3493e441ab292f7161f7c47e1d361472a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a5:1c:08:a9:f7:64:87:41:c8:44:8c:62:44:
95:f3:e1:23:2c:5d:eb:92:54:d3:1a:98:a2:25:12:
fd:55:67:dd:d1:85:d7:21:75:91:ce:73:b4:f6:14:
8c:1d:43:c1:06:02:cb:84:96:07:53:4b:4e:d6:59:
ef:57:82:22:8b:1d:86:0f:fc:c2:fd:88:be:03:4d:
b5:4c:26:a9:7a:58:3a:1a:c7:9d:1c:b1:2a:17:b0:
36:7d:20:fd:4d:a7:75:a9:51:50:04:a4:8b:8b:d3:
37:b1:9e:ba:05:a5:d9:b5:0e:3d:4c:96:c1:33:86:
be:d7:97:c5:1c:86:e0:ec:05:f4:89:a9:eb:e5:26:
78:e7:9a:23:b7:f4:40:89:7d:fd:a3:b6:eb:71:15:
fc:6f:5b:e9:b2:cc:f6:92:6b:d1:1f:ef:a0:d0:9f:
24:61:54:56:b1:1c:4d:e9:c7:fe:d6:43:56:04:35:
63:95:37:b9:3a:27:6a:d4:d7:bf:7c:9d:40:1d:c8:
ae:ab:b8:a5:bf:8b:c9:83:5a:36:67:aa:d1:23:9d:
d4:31:6e:cd:f6:c4:09:d0:14:29:ef:f8:4e:6c:c7:
e0:d2:61:0f:06:39:f3:05:a6:64:b1:ed:58:1b:8a:
e4:d4:15:7c:32:7e:fa:6f:22:c0:f3:e1:7d:89:c3:
a7:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:6D:5A:34:93:E4:41:AB:29:2F:71:61:F7:C4:7E:1D:36:14:72:A7
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/q21aNJPkQaspL3Fh98R-HTYUcqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0c:26:94:01:cf:ac:6c:df:dc:fe:00:5c:0d:b7:d5:5c:72:76:
54:02:4a:c2:4a:07:92:8e:52:27:16:b5:24:59:68:1b:22:09:
fc:a3:50:82:67:24:d6:15:e6:07:db:86:07:79:88:60:49:45:
bf:dc:a5:40:e6:6a:05:30:f3:39:31:06:a3:93:0b:44:66:b5:
ae:e0:12:87:56:c5:18:31:cf:12:6c:7a:49:dc:30:00:3f:6f:
a8:81:3f:65:8e:78:66:e3:73:24:ff:e4:65:d1:e4:6e:fc:77:
73:e1:3d:ca:72:f6:f7:95:93:c7:fc:cc:70:9c:ec:22:71:44:
58:16:22:d4:f5:1e:35:fb:0e:fd:14:16:c4:85:ac:14:09:53:
42:54:e3:52:90:70:31:49:39:f1:d5:67:f4:a8:fa:28:13:2b:
b6:63:d5:c9:60:45:b4:df:ed:88:21:bf:38:26:ea:46:ae:44:
6c:d4:65:70:66:60:7e:f2:a5:bb:0a:e7:65:43:ef:53:44:c8:
0c:4b:1b:9a:74:21:07:b4:71:c2:cf:7e:67:fe:ce:63:28:88:
2e:f7:9e:5d:91:fb:c4:6f:da:d6:4b:e7:3b:c3:3c:94:39:3c:
31:f3:5e:fc:e5:c1:6d:f0:88:5e:00:47:05:dc:0e:e9:6f:1f:
70:2e:a0:08
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1cbnZETAJZqbrbvA4HHzGGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTMwMjIxMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjZkNWEzNDkzZTQ0MWFiMjkyZjcxNjFmN2M0N2UxZDM2MTQ3MmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqUcCKn3ZIdByESMYkSV8+EjLF3r
klTTGpiiJRL9VWfd0YXXIXWRznO09hSMHUPBBgLLhJYHU0tO1lnvV4Iiix2GD/zC
/Yi+A021TCapelg6GsedHLEqF7A2fSD9Tad1qVFQBKSLi9M3sZ66BaXZtQ49TJbB
M4a+15fFHIbg7AX0ianr5SZ455ojt/RAiX39o7brcRX8b1vpssz2kmvRH++g0J8k
YVRWsRxN6cf+1kNWBDVjlTe5Oidq1Ne/fJ1AHciuq7ilv4vJg1o2Z6rRI53UMW7N
9sQJ0BQp7/hObMfg0mEPBjnzBaZkse1YG4rk1BV8Mn76byLA8+F9icOnFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKttWjST5EGrKS9xYffEfh02FHKnMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcTIxYU5KUGtRYXNwTDNGaDk4Ui1IVFlVY3FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAwmlAHPrGzf3P4AXA23
1VxydlQCSsJKB5KOUicWtSRZaBsiCfyjUIJnJNYV5gfbhgd5iGBJRb/cpUDmagUw
8zkxBqOTC0Rmta7gEodWxRgxzxJsekncMAA/b6iBP2WOeGbjcyT/5GXR5G78d3Ph
Pcpy9veVk8f8zHCc7CJxRFgWItT1HjX7Dv0UFsSFrBQJU0JU41KQcDFJOfHVZ/So
+igTK7Zj1clgRbTf7Yghvzgm6kauRGzUZXBmYH7ypbsK52VD71NEyAxLG5p0IQe0
ccLPfmf+zmMoiC73nl2R+8Rv2tZL5zvDPJQ5PDHzXvzlwW3wiF4ARwXcDulvH3Au
oAg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:52 2024 by rpki-client on console-ams.rpki-client.org