Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qN1Y3YHOai-BkAmODgK4Hu1OOKU.roa
File: qN1Y3YHOai-BkAmODgK4Hu1OOKU.roa (raw, json)
Hash identifier: ItJTJNGsGV20FEpU9iYaGAGTofhVU7otsonv3y0RcyU=
Subject key identifier: A8:DD:58:DD:81:CE:6A:2F:81:90:09:8E:0E:02:B8:1E:ED:4E:38:A5
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EB95587D48454E8ECB16B9B7334F83285
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qN1Y3YHOai-BkAmODgK4Hu1OOKU.roa
Signing time: Sun 07 Apr 2024 16:12:54 +0000
ROA not before: Sun 07 Apr 2024 16:12:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b9:55:87:d4:84:54:e8:ec:b1:6b:9b:73:34:f8:32:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 7 16:12:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8dd58dd81ce6a2f8190098e0e02b81eed4e38a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b8:0d:3b:e4:56:c2:1d:75:5b:57:a3:b8:b9:
e7:68:c7:cf:ee:9b:f7:69:2d:3b:2e:a6:a8:42:31:
bb:66:bf:54:86:4c:08:81:8e:02:b7:cc:7b:05:e6:
67:4a:7b:b7:75:dd:93:7e:8a:43:ed:8e:5f:3b:e2:
7a:bc:43:5c:6f:9b:6f:99:75:11:45:a2:6c:33:6e:
9f:de:f6:23:37:96:7f:47:b8:e3:fc:f2:a2:a2:c3:
27:01:36:ba:07:21:ea:63:7c:61:02:9b:9a:08:d1:
4b:3c:cf:ec:50:b5:98:ec:5b:37:26:98:44:02:e4:
6f:d9:df:4e:f3:41:30:61:08:ca:52:e9:bc:37:b2:
04:a1:ab:4c:c4:68:82:99:7a:30:27:34:20:72:f0:
90:17:d7:f4:56:a8:b1:66:bc:70:6e:2d:d8:72:0d:
3f:15:26:be:c5:3e:9a:ac:3b:92:ab:5a:49:57:4a:
c0:1c:13:6f:99:31:0b:a4:0e:53:f3:28:1a:da:8a:
4d:53:d9:ff:83:9b:7a:57:34:70:01:46:24:a5:80:
da:e9:98:c6:2f:dc:ae:2e:ff:b9:91:0a:3a:22:b9:
8b:35:2e:43:d8:05:cc:ae:d3:43:ec:b4:dd:25:89:
86:91:3c:84:70:e8:a7:2b:f6:df:02:cb:73:06:74:
82:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:DD:58:DD:81:CE:6A:2F:81:90:09:8E:0E:02:B8:1E:ED:4E:38:A5
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qN1Y3YHOai-BkAmODgK4Hu1OOKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
26:f2:26:56:03:f3:37:a8:86:e0:b7:d2:26:17:73:1e:fd:8c:
88:02:af:26:5b:0b:e1:49:e2:ac:7d:9d:12:55:b6:f1:0b:51:
9d:f3:ff:be:91:f5:6e:ca:f5:e2:51:f6:fd:a8:7f:0f:20:17:
67:b4:95:92:d9:da:1e:e2:fa:7d:6f:57:b6:60:40:2b:f4:3a:
dd:05:e4:8f:96:cf:48:81:d9:c4:ec:2e:e4:6c:40:0e:13:7d:
c7:cb:19:81:f6:c7:8d:2e:4d:b9:b6:a8:d2:7c:cb:fd:b3:fb:
5b:ee:01:21:29:cb:9f:7b:e6:4a:e3:7a:df:a6:ce:29:31:f6:
65:b2:f3:fa:44:2d:f6:c3:14:b1:d3:e9:5b:cd:92:47:fc:47:
8c:df:0a:78:89:5e:55:1c:09:fd:15:17:20:93:9c:2c:c2:c5:
48:cf:4b:f1:86:fb:f7:b8:f8:18:0c:a9:ce:62:72:02:99:f7:
15:f5:48:e6:1b:28:ec:04:79:a2:c1:42:a8:44:d1:0e:af:49:
68:e9:16:87:24:12:6b:2e:1e:a8:a7:f1:b0:22:9a:51:8e:c2:
fd:5a:9c:c3:5c:d8:72:43:ef:aa:28:0b:77:cd:c4:d2:88:b6:
6f:a7:8a:70:7b:0d:2c:66:83:cd:23:b6:5a:9f:49:1f:56:d0:
8f:0c:4c:a3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY65VYfUhFTo7LFrm3M0+DKFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA3MTYxMjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGRkNThkZDgxY2U2YTJmODE5MDA5OGUwZTAyYjgxZWVkNGUzOGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbgNO+RWwh11W1ejuLnnaMfP7pv3
aS07LqaoQjG7Zr9UhkwIgY4Ct8x7BeZnSnu3dd2TfopD7Y5fO+J6vENcb5tvmXUR
RaJsM26f3vYjN5Z/R7jj/PKiosMnATa6ByHqY3xhApuaCNFLPM/sULWY7Fs3JphE
AuRv2d9O80EwYQjKUum8N7IEoatMxGiCmXowJzQgcvCQF9f0VqixZrxwbi3Ycg0/
FSa+xT6arDuSq1pJV0rAHBNvmTELpA5T8yga2opNU9n/g5t6VzRwAUYkpYDa6ZjG
L9yuLv+5kQo6IrmLNS5D2AXMrtND7LTdJYmGkTyEcOinK/bfAstzBnSCYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKjdWN2BzmovgZAJjg4CuB7tTjilMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcU4xWTNZSE9haS1Ca0FtT0RnSzRIdTFPT0tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACbyJlYD8zeohuC30iYX
cx79jIgCryZbC+FJ4qx9nRJVtvELUZ3z/76R9W7K9eJR9v2ofw8gF2e0lZLZ2h7i
+n1vV7ZgQCv0Ot0F5I+Wz0iB2cTsLuRsQA4TfcfLGYH2x40uTbm2qNJ8y/2z+1vu
ASEpy5975krjet+mzikx9mWy8/pELfbDFLHT6VvNkkf8R4zfCniJXlUcCf0VFyCT
nCzCxUjPS/GG+/e4+BgMqc5icgKZ9xX1SOYbKOwEeaLBQqhE0Q6vSWjpFockEmsu
Hqin8bAimlGOwv1anMNc2HJD76ooC3fNxNKItm+ninB7DSxmg80jtlqfSR9W0I8M
TKM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:36 2025 by rpki-client