Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qh_j8LsYIKEImbRX3I8SOBbtgtQ.roa
File: qh_j8LsYIKEImbRX3I8SOBbtgtQ.roa (raw, json)
Hash identifier: cD8oeSw+PdhwE3ZFNf61JzYuZJrBcBsXrl2qNIG1qY0=
Subject key identifier: AA:1F:E3:F0:BB:18:20:A1:08:99:B4:57:DC:8F:12:38:16:ED:82:D4
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D506875C12A92C1ACE66BDC85E404FC0C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qh_j8LsYIKEImbRX3I8SOBbtgtQ.roa
Signing time: Sun 28 Jan 2024 14:10:39 +0000
ROA not before: Sun 28 Jan 2024 14:10:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:50:68:75:c1:2a:92:c1:ac:e6:6b:dc:85:e4:04:fc:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 28 14:10:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa1fe3f0bb1820a10899b457dc8f123816ed82d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:02:a9:cc:fe:5a:37:a2:69:e1:b5:77:8a:c6:
0a:a5:69:d9:da:ce:46:be:b3:ca:c3:2c:0f:cb:74:
7e:6e:5a:c2:ee:f0:46:f2:b3:89:30:88:99:3d:45:
32:6a:7d:55:1b:e2:b0:25:89:2b:2d:13:25:ee:a1:
b1:4b:0c:17:a7:c9:d0:12:b3:1f:2d:3a:e7:0c:9c:
40:8b:0c:7f:f6:0e:72:1b:7d:f0:ac:aa:c7:75:fb:
14:f9:df:c9:b6:a3:91:16:3f:57:08:c7:27:ed:69:
c9:5b:ec:84:67:41:f4:76:d9:9c:8d:44:01:7d:c8:
8f:52:94:41:e9:a6:19:55:29:fb:e1:21:42:eb:65:
21:61:07:4a:8b:a2:93:4f:82:43:94:92:a2:15:3c:
17:b5:e7:a6:62:8f:58:81:ca:49:f1:0d:f0:bc:82:
ed:06:03:71:f6:b1:e0:db:81:34:e4:ca:28:fe:95:
8a:f4:cf:93:d9:a0:b1:3c:20:1b:27:0a:f3:2f:b5:
aa:d3:73:5f:ee:1a:7c:54:3f:33:2d:5d:f3:93:af:
77:f9:00:31:41:7b:a9:67:93:86:4e:1a:c7:95:5b:
c9:2e:c8:7a:26:73:1e:a7:b0:cd:2c:9c:9a:e8:11:
ba:c4:b5:47:39:be:bb:aa:7e:91:bf:d3:f8:d1:c2:
6a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:1F:E3:F0:BB:18:20:A1:08:99:B4:57:DC:8F:12:38:16:ED:82:D4
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qh_j8LsYIKEImbRX3I8SOBbtgtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3f:a9:39:10:66:7d:b7:2e:a6:2f:1f:0c:d0:b7:70:0f:fb:fd:
83:63:cc:30:42:50:1a:29:bf:ee:7c:08:c9:d4:e5:02:b2:28:
ab:75:c6:2e:33:a2:d0:82:7f:1e:64:8e:0d:aa:ee:ae:d6:83:
a7:85:1c:da:50:d7:ab:e1:18:52:1d:50:93:0a:9b:33:e3:29:
50:91:79:f3:69:68:a9:fa:16:b3:b9:97:5a:b3:0d:c4:6b:92:
15:5e:77:36:60:ae:ab:f6:a1:16:81:6b:80:13:47:c1:d0:84:
bf:1f:cc:93:25:dc:3d:1f:05:5b:02:d1:e2:9c:6b:e8:78:68:
02:40:7f:10:1f:e3:50:d5:b3:30:74:86:a0:76:2c:c8:1f:fe:
b8:e7:8e:51:b1:3a:2b:77:0b:e7:e6:a4:77:91:f8:4c:e1:aa:
20:7c:f1:1c:ac:07:2f:8b:60:38:4d:2a:85:bc:f9:08:e1:16:
50:7f:cd:4e:18:9c:dc:78:e2:1c:89:38:b5:d7:0e:0e:b1:9f:
54:1f:12:2e:8e:e0:8a:69:5f:a0:ac:5b:80:c1:92:2d:e9:07:
b8:e4:31:e4:ec:7a:78:e2:7b:51:e6:8e:aa:7b:38:9c:f5:88:
0c:9e:3d:43:51:18:91:39:fd:57:da:da:7a:2b:7a:a6:9e:35:
0d:92:61:7c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1QaHXBKpLBrOZr3IXkBPwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI4MTQxMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTFmZTNmMGJiMTgyMGExMDg5OWI0NTdkYzhmMTIzODE2ZWQ4MmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAKpzP5aN6Jp4bV3isYKpWnZ2s5G
vrPKwywPy3R+blrC7vBG8rOJMIiZPUUyan1VG+KwJYkrLRMl7qGxSwwXp8nQErMf
LTrnDJxAiwx/9g5yG33wrKrHdfsU+d/JtqORFj9XCMcn7WnJW+yEZ0H0dtmcjUQB
fciPUpRB6aYZVSn74SFC62UhYQdKi6KTT4JDlJKiFTwXteemYo9YgcpJ8Q3wvILt
BgNx9rHg24E05Moo/pWK9M+T2aCxPCAbJwrzL7Wq03Nf7hp8VD8zLV3zk693+QAx
QXupZ5OGThrHlVvJLsh6JnMep7DNLJya6BG6xLVHOb67qn6Rv9P40cJq4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKof4/C7GCChCJm0V9yPEjgW7YLUMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcWhfajhMc1lJS0VJbWJSWDNJOFNPQmJ0Z3RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD+pORBmfbcupi8fDNC3
cA/7/YNjzDBCUBopv+58CMnU5QKyKKt1xi4zotCCfx5kjg2q7q7Wg6eFHNpQ16vh
GFIdUJMKmzPjKVCRefNpaKn6FrO5l1qzDcRrkhVedzZgrqv2oRaBa4ATR8HQhL8f
zJMl3D0fBVsC0eKca+h4aAJAfxAf41DVszB0hqB2LMgf/rjnjlGxOit3C+fmpHeR
+EzhqiB88RysBy+LYDhNKoW8+QjhFlB/zU4YnNx44hyJOLXXDg6xn1QfEi6O4Ipp
X6CsW4DBki3pB7jkMeTsenjie1Hmjqp7OJz1iAyePUNRGJE5/Vfa2noreqaeNQ2S
YXw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:51 2025 by rpki-client