Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qnJVTxaBI8Dh1X0NnzRjDbzpiJ8.roa
File: qnJVTxaBI8Dh1X0NnzRjDbzpiJ8.roa (raw, json)
Hash identifier: fhPy44pB4QCuGjnMviAJUfh/WqIaSBeO9hJ+oqjSmvU=
Subject key identifier: AA:72:55:4F:16:81:23:C0:E1:D5:7D:0D:9F:34:63:0D:BC:E9:88:9F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E97356E2CF14D9CC4DCB2918E0F217D1B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qnJVTxaBI8Dh1X0NnzRjDbzpiJ8.roa
Signing time: Mon 01 Apr 2024 01:10:44 +0000
ROA not before: Mon 01 Apr 2024 01:10:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:97:35:6e:2c:f1:4d:9c:c4:dc:b2:91:8e:0f:21:7d:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 1 01:10:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa72554f168123c0e1d57d0d9f34630dbce9889f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fa:3b:75:46:fa:33:90:3f:c3:c5:e1:d0:9d:
c4:1c:f2:dc:4e:3f:f4:32:b4:d9:d5:fb:03:c2:78:
f5:5c:6f:dc:6e:8e:ce:58:ba:3f:50:11:ab:84:c7:
17:68:b6:39:4c:4f:c3:75:6e:5d:59:58:33:21:d6:
93:5c:e4:74:d0:fa:74:7b:b0:47:1f:7d:26:d2:29:
34:f3:aa:a1:ed:96:1e:20:9c:21:11:02:88:1c:dd:
2d:ba:ab:d2:92:6c:d2:80:4f:d5:3e:cd:cb:58:a3:
c3:cd:24:6d:58:bd:0f:17:db:63:41:5e:6c:99:b7:
7a:82:9a:47:13:4b:dc:f0:cc:22:95:0a:8d:86:87:
79:9e:d5:ae:f6:8c:6d:fb:ae:4a:25:6a:68:e0:10:
dc:77:76:ed:50:28:b5:c0:44:ce:38:6c:8c:29:2a:
5a:28:14:ee:a1:6a:0b:c9:1e:ef:d6:97:87:c4:61:
ea:96:e8:38:6b:62:77:85:82:22:c9:b8:41:87:79:
22:e0:fb:3c:41:e6:41:3c:33:7f:d0:41:ab:0b:f5:
c7:f8:bb:3f:16:69:1d:6c:d8:d3:9b:f9:d3:45:25:
6a:13:4a:05:af:8a:d6:4e:40:10:f4:f2:04:c7:7b:
0c:fc:82:47:d0:42:fd:42:98:d1:0b:dd:4f:f1:d8:
3a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:72:55:4F:16:81:23:C0:E1:D5:7D:0D:9F:34:63:0D:BC:E9:88:9F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qnJVTxaBI8Dh1X0NnzRjDbzpiJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
36:8b:2b:df:44:2b:1d:f1:23:53:d5:a2:79:f8:50:0d:3d:8c:
d8:a6:dd:8c:9a:05:e0:ba:fb:fd:ec:54:3c:aa:31:68:e5:01:
57:03:27:6f:bd:67:89:b6:55:cb:74:10:95:90:63:cf:4d:13:
a8:4e:c2:9e:55:2b:8a:f0:e0:cb:8d:de:eb:b7:77:ce:38:90:
c9:5e:e5:25:91:51:ad:12:ec:62:0c:bf:16:10:f9:a3:b8:b3:
a2:3e:cb:c1:c8:39:8c:5b:71:0f:8b:3d:9c:e0:15:7a:eb:cf:
3e:61:26:ef:71:e6:c0:9a:e2:26:f9:47:3c:24:b3:7a:5b:92:
28:2e:ff:c4:45:ae:a3:f8:cd:0f:b1:20:08:3e:80:26:96:6f:
e4:a5:af:03:00:92:98:39:c2:83:de:7a:b5:57:4c:af:f4:fb:
e6:89:a7:b9:ff:a5:45:b0:19:90:cb:bb:14:55:34:33:6c:01:
db:fc:2c:be:99:ce:56:40:ad:b4:74:13:80:9b:48:9b:28:53:
86:6c:f8:64:6f:d4:11:31:28:87:c3:95:56:91:01:ba:2b:eb:
73:ef:14:6c:2d:1c:fb:f4:28:f0:ef:02:9c:46:26:11:ef:94:
c3:fe:fa:19:4c:f7:5a:d3:20:bc:66:87:30:a7:a6:26:25:2d:
e6:8d:b8:37
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6XNW4s8U2cxNyykY4PIX0bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAxMDExMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTcyNTU0ZjE2ODEyM2MwZTFkNTdkMGQ5ZjM0NjMwZGJjZTk4ODlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfo7dUb6M5A/w8Xh0J3EHPLcTj/0
MrTZ1fsDwnj1XG/cbo7OWLo/UBGrhMcXaLY5TE/DdW5dWVgzIdaTXOR00Pp0e7BH
H30m0ik086qh7ZYeIJwhEQKIHN0tuqvSkmzSgE/VPs3LWKPDzSRtWL0PF9tjQV5s
mbd6gppHE0vc8MwilQqNhod5ntWu9oxt+65KJWpo4BDcd3btUCi1wETOOGyMKSpa
KBTuoWoLyR7v1peHxGHqlug4a2J3hYIiybhBh3ki4Ps8QeZBPDN/0EGrC/XH+Ls/
FmkdbNjTm/nTRSVqE0oFr4rWTkAQ9PIEx3sM/IJH0EL9QpjRC91P8dg6AwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKpyVU8WgSPA4dV9DZ80Yw286YifMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcW5KVlR4YUJJOERoMVgwTm56UmpEYnpwaUo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADaLK99EKx3xI1PVonn4
UA09jNim3YyaBeC6+/3sVDyqMWjlAVcDJ2+9Z4m2Vct0EJWQY89NE6hOwp5VK4rw
4MuN3uu3d844kMle5SWRUa0S7GIMvxYQ+aO4s6I+y8HIOYxbcQ+LPZzgFXrrzz5h
Ju9x5sCa4ib5Rzwks3pbkigu/8RFrqP4zQ+xIAg+gCaWb+SlrwMAkpg5woPeerVX
TK/0++aJp7n/pUWwGZDLuxRVNDNsAdv8LL6ZzlZArbR0E4CbSJsoU4Zs+GRv1BEx
KIfDlVaRAbor63PvFGwtHPv0KPDvApxGJhHvlMP++hlM91rTILxmhzCnpiYlLeaN
uDc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org