Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qIohIaEZzgP8gT0uSpdNRh4WoqU.roa
File: qIohIaEZzgP8gT0uSpdNRh4WoqU.roa (raw, json)
Hash identifier: TF2YD+krchEJvaAwNJLDFd/k6Ind3mTS8k7MjkBO7tU=
Subject key identifier: A8:8A:21:21:A1:19:CE:03:FC:81:3D:2E:4A:97:4D:46:1E:16:A2:A5
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E6122A86FF328CB2508A99E2E71A61016
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qIohIaEZzgP8gT0uSpdNRh4WoqU.roa
Signing time: Thu 21 Mar 2024 13:10:44 +0000
ROA not before: Thu 21 Mar 2024 13:10:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:61:22:a8:6f:f3:28:cb:25:08:a9:9e:2e:71:a6:10:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 21 13:10:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a88a2121a119ce03fc813d2e4a974d461e16a2a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:4c:60:52:08:46:93:44:b6:e1:d7:b6:27:7d:
ea:56:a3:2d:41:1b:53:ef:91:95:25:7d:b2:80:f0:
0b:ef:8f:a8:f3:f6:dc:7e:0f:de:ad:14:f1:51:d9:
a7:d2:a5:c6:7a:29:c7:1c:c4:ec:33:e2:86:a5:af:
e7:a6:9e:65:14:d6:00:a5:47:22:29:46:0d:4d:5f:
30:9c:6e:d6:9d:9d:0c:e4:99:8f:ee:f6:f2:d5:52:
f6:ac:da:4a:a3:37:aa:00:cb:ca:46:1e:c9:a8:41:
d1:94:f1:c1:6e:78:c5:17:cd:0a:54:0b:ac:a8:90:
8b:c5:09:2b:b6:21:5e:dd:a0:d9:3c:20:90:31:8d:
3b:41:11:4c:c9:26:c9:81:f6:c7:3b:7f:06:d5:58:
39:6b:3c:12:74:60:67:f3:31:22:c6:e3:f4:a1:24:
0b:3f:c1:1b:c0:4d:f8:ce:20:3b:b7:ac:ec:29:b4:
fd:f2:2e:49:bf:52:96:67:70:4a:6b:22:2f:54:fa:
67:0e:1c:5a:9d:d4:aa:36:ba:b0:61:e0:f9:cd:67:
e6:cb:4b:18:8e:f4:39:09:48:4d:f2:fa:62:51:f3:
9f:ef:22:40:ed:30:68:37:b0:e1:82:d0:41:03:00:
57:ae:33:95:0f:64:b5:7a:26:88:65:56:a1:b8:80:
91:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:8A:21:21:A1:19:CE:03:FC:81:3D:2E:4A:97:4D:46:1E:16:A2:A5
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qIohIaEZzgP8gT0uSpdNRh4WoqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
55:2c:b2:5b:7b:93:3b:28:9b:21:00:82:eb:cb:c5:30:21:a1:
2b:d1:e2:b8:0f:77:c4:8e:89:30:37:06:5f:b7:dc:69:95:4e:
14:c1:e3:c5:15:1e:d0:d6:8b:e3:49:60:f4:65:0e:46:df:61:
44:0b:81:58:f7:34:ea:45:ce:f9:fb:ac:94:bb:45:d7:11:b3:
05:35:bd:f4:34:ca:81:89:58:05:5c:cc:36:8a:5e:5e:f9:b2:
dc:bd:83:bb:81:dc:20:7b:70:60:0a:33:e8:15:94:cf:3d:78:
3c:1a:a7:e9:15:75:64:7e:91:09:ef:86:1e:58:0d:c4:83:03:
6a:6c:e6:7a:20:ae:a3:a5:f2:a6:d4:fe:ff:99:f6:30:3b:b6:
5b:df:c7:0a:1d:79:fc:af:78:db:53:07:e3:7f:d2:f4:7d:50:
1c:68:cd:e7:27:25:2e:06:47:a6:ab:52:17:5d:03:62:c7:03:
d6:29:6b:16:f4:9f:2d:24:07:6a:af:02:20:3f:1a:43:40:dd:
fe:52:7e:b2:44:0e:f2:f9:89:a5:a1:e0:f5:d6:f7:a5:c5:fb:
3b:0e:7c:84:db:79:c0:1b:a4:d4:7a:e1:aa:33:59:b7:8d:e1:
f3:d7:85:29:b9:18:bc:66:0b:12:47:95:87:f5:22:2f:b4:6c:
f6:16:11:cf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5hIqhv8yjLJQipni5xphAWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIxMTMxMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODhhMjEyMWExMTljZTAzZmM4MTNkMmU0YTk3NGQ0NjFlMTZhMmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUxgUghGk0S24de2J33qVqMtQRtT
75GVJX2ygPAL74+o8/bcfg/erRTxUdmn0qXGeinHHMTsM+KGpa/npp5lFNYApUci
KUYNTV8wnG7WnZ0M5JmP7vby1VL2rNpKozeqAMvKRh7JqEHRlPHBbnjFF80KVAus
qJCLxQkrtiFe3aDZPCCQMY07QRFMySbJgfbHO38G1Vg5azwSdGBn8zEixuP0oSQL
P8EbwE34ziA7t6zsKbT98i5Jv1KWZ3BKayIvVPpnDhxandSqNrqwYeD5zWfmy0sY
jvQ5CUhN8vpiUfOf7yJA7TBoN7DhgtBBAwBXrjOVD2S1eiaIZVahuICRcwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKiKISGhGc4D/IE9LkqXTUYeFqKlMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcUlvaElhRVp6Z1A4Z1QwdVNwZE5SaDRXb3FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFUsslt7kzsomyEAguvL
xTAhoSvR4rgPd8SOiTA3Bl+33GmVThTB48UVHtDWi+NJYPRlDkbfYUQLgVj3NOpF
zvn7rJS7RdcRswU1vfQ0yoGJWAVczDaKXl75sty9g7uB3CB7cGAKM+gVlM89eDwa
p+kVdWR+kQnvhh5YDcSDA2ps5nogrqOl8qbU/v+Z9jA7tlvfxwodefyveNtTB+N/
0vR9UBxozecnJS4GR6arUhddA2LHA9Ypaxb0ny0kB2qvAiA/GkNA3f5SfrJEDvL5
iaWh4PXW96XF+zsOfITbecAbpNR64aozWbeN4fPXhSm5GLxmCxJHlYf1Ii+0bPYW
Ec8=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:53:24 2025 by rpki-client