Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qTC4PQv8FvsC75wjZ-4WGifE2Sk.roa
File: qTC4PQv8FvsC75wjZ-4WGifE2Sk.roa (raw, json)
Hash identifier: 1B9ACsh0ZnO+TjaRydtlW6RjP2yNVEZU9am+2jt7dYI=
Subject key identifier: A9:30:B8:3D:0B:FC:16:FB:02:EF:9C:23:67:EE:16:1A:27:C4:D9:29
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D06CEEC934F8A10F8641AB116C7FA4179
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qTC4PQv8FvsC75wjZ-4WGifE2Sk.roa
Signing time: Sun 14 Jan 2024 07:10:40 +0000
ROA not before: Sun 14 Jan 2024 07:10:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:06:ce:ec:93:4f:8a:10:f8:64:1a:b1:16:c7:fa:41:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 14 07:10:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a930b83d0bfc16fb02ef9c2367ee161a27c4d929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e9:f9:a9:71:19:cb:7d:3e:cc:3e:c4:bd:31:
31:fa:33:df:d7:4f:ff:a7:5d:37:52:ed:23:47:da:
6c:b9:83:eb:b0:96:3c:c1:22:2f:3d:31:1a:a7:a0:
80:e6:e7:7f:a7:b4:8a:b9:08:f4:19:b0:34:1c:f6:
71:57:c0:5b:ae:53:21:1d:27:40:81:ed:46:fa:4e:
40:53:fa:f6:d4:ab:1e:54:f4:2b:c6:e4:2f:23:57:
ad:2a:a2:59:5e:b8:ae:cc:49:9d:d4:37:bb:0b:d4:
af:2a:4b:b0:b6:9e:5b:f6:f7:f1:04:b4:30:bc:0b:
38:bd:73:56:ff:5b:de:f1:49:b2:c8:c5:89:f0:b2:
4d:d9:69:a9:10:bc:26:07:76:b8:dd:e0:7d:19:5d:
5f:e2:b6:8f:c2:9d:14:10:43:53:c4:dc:fd:ee:18:
17:b1:ae:39:44:d2:28:95:c5:cb:44:c6:08:50:b6:
16:e1:e5:42:96:08:fb:a6:52:42:75:ff:f0:16:c8:
62:fd:d9:75:35:43:3f:9c:b7:57:45:7b:c1:1a:a2:
c9:39:b9:ce:35:ed:1b:54:f5:fe:0c:39:de:84:91:
2c:56:9d:b4:81:7f:aa:80:91:8f:0f:5c:a3:42:0e:
ad:05:c0:9f:44:41:b5:13:88:7e:e5:6e:ca:17:27:
f8:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:30:B8:3D:0B:FC:16:FB:02:EF:9C:23:67:EE:16:1A:27:C4:D9:29
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qTC4PQv8FvsC75wjZ-4WGifE2Sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6d:ac:d8:d5:aa:3b:fa:e7:4e:fc:54:a6:16:63:ee:2a:14:86:
0f:5b:25:6b:e0:cb:9e:4c:ee:b3:04:50:c7:cf:d1:bf:10:80:
dd:48:1b:95:1a:83:5c:a1:7c:4c:c1:bf:7d:a7:af:78:44:49:
91:46:2f:9c:60:1c:02:72:94:31:0d:d6:7b:b3:17:c8:e2:76:
76:92:5d:d7:dc:d2:e0:e8:25:fb:99:cf:16:c7:e9:4d:3b:32:
6d:7a:16:23:aa:2d:1b:58:4e:d7:02:8f:de:b4:a9:14:c9:d9:
4a:c8:42:42:4d:b1:e1:67:8b:fa:6a:69:2c:0a:b1:74:19:09:
b7:b3:3c:0d:71:43:b5:9d:8d:35:ff:db:85:c3:56:50:d9:0b:
1c:33:cc:cd:68:b1:51:3e:af:bd:10:37:3a:8d:05:0e:77:fd:
7f:ff:fc:69:05:cf:17:9e:15:6d:66:2c:25:dd:88:bc:55:02:
0f:9d:62:4c:06:54:7a:1a:8a:4f:15:ba:f6:4b:98:9f:4f:eb:
42:a9:ca:e8:17:cc:e7:62:a6:81:52:ce:f4:df:84:33:3d:53:
56:93:0d:5a:a9:35:fc:5a:28:b5:6c:92:aa:9e:6a:44:f2:bb:
6d:a8:7d:75:44:c8:e6:1d:6a:9c:67:f3:c5:1b:bb:69:25:ad:
e1:f7:d9:f5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0GzuyTT4oQ+GQasRbH+kF5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE0MDcxMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTMwYjgzZDBiZmMxNmZiMDJlZjljMjM2N2VlMTYxYTI3YzRkOTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiun5qXEZy30+zD7EvTEx+jPf10//
p103Uu0jR9psuYPrsJY8wSIvPTEap6CA5ud/p7SKuQj0GbA0HPZxV8BbrlMhHSdA
ge1G+k5AU/r21KseVPQrxuQvI1etKqJZXriuzEmd1De7C9SvKkuwtp5b9vfxBLQw
vAs4vXNW/1ve8UmyyMWJ8LJN2WmpELwmB3a43eB9GV1f4raPwp0UEENTxNz97hgX
sa45RNIolcXLRMYIULYW4eVClgj7plJCdf/wFshi/dl1NUM/nLdXRXvBGqLJObnO
Ne0bVPX+DDnehJEsVp20gX+qgJGPD1yjQg6tBcCfREG1E4h+5W7KFyf4jwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKkwuD0L/Bb7Au+cI2fuFhonxNkpMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcVRDNFBRdjhGdnNDNzV3alotNFdHaWZFMlNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG2s2NWqO/rnTvxUphZj
7ioUhg9bJWvgy55M7rMEUMfP0b8QgN1IG5Uag1yhfEzBv32nr3hESZFGL5xgHAJy
lDEN1nuzF8jidnaSXdfc0uDoJfuZzxbH6U07Mm16FiOqLRtYTtcCj960qRTJ2UrI
QkJNseFni/pqaSwKsXQZCbezPA1xQ7WdjTX/24XDVlDZCxwzzM1osVE+r70QNzqN
BQ53/X///GkFzxeeFW1mLCXdiLxVAg+dYkwGVHoaik8VuvZLmJ9P60KpyugXzOdi
poFSzvTfhDM9U1aTDVqpNfxaKLVskqqeakTyu22ofXVEyOYdapxn88Ubu2klreH3
2fU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 01:59:44 2025 by rpki-client