Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qvwnZyqUobDEZli_0lfz61AaSEc.roa
File: qvwnZyqUobDEZli_0lfz61AaSEc.roa (raw, json)
Hash identifier: 3uBag5IW4cs/dvM++sJdJvAfG+ARdbZwlZKnh3yrE0c=
Subject key identifier: AA:FC:27:67:2A:94:A1:B0:C4:66:58:BF:D2:57:F3:EB:50:1A:48:47
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D24D4550164D2697833ED11E9EB8395F5
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qvwnZyqUobDEZli_0lfz61AaSEc.roa
Signing time: Sat 20 Jan 2024 03:05:11 +0000
ROA not before: Sat 20 Jan 2024 03:05:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:24d3:9a36/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:24:d4:55:01:64:d2:69:78:33:ed:11:e9:eb:83:95:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 20 03:05:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aafc27672a94a1b0c46658bfd257f3eb501a4847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:68:be:27:49:fd:fd:5b:78:20:b9:24:cd:2c:
9d:0d:80:a2:c2:ea:72:ae:dc:b2:13:2c:23:c5:d4:
06:46:7f:eb:fd:51:b7:79:fe:41:b6:79:cb:3b:86:
59:fc:3d:68:c0:14:d4:24:64:e0:97:c1:68:56:11:
1c:5f:b9:c2:84:db:81:cb:71:f3:c1:c1:6b:15:99:
3f:ac:3d:71:e2:5b:de:0b:51:d4:4c:ed:5a:64:ef:
5b:05:99:6d:d7:1c:10:0d:5b:8f:42:bf:e8:01:75:
90:fe:0a:ab:f6:cc:65:20:af:a2:8c:2b:54:f4:91:
ba:5c:f6:01:c1:6d:de:48:65:9a:8f:4d:23:07:fc:
c5:38:65:70:58:41:eb:a9:53:80:3d:85:ee:9f:f3:
36:64:bb:b8:19:51:09:ed:91:45:f6:0a:bc:f1:14:
92:41:a5:d2:35:10:30:11:64:54:7b:d3:19:47:f0:
69:71:4b:58:72:56:49:8a:80:83:77:06:d2:ee:62:
3c:4c:a1:4c:6d:fc:69:d5:c0:16:e5:43:5e:c3:92:
14:f9:a8:fb:00:a4:c2:7c:0c:49:5f:19:c7:00:31:
e1:b8:8f:ac:86:26:ab:87:a4:b4:6b:ff:8d:d5:dd:
b3:4d:b5:69:b3:dc:17:84:8b:a4:57:bf:70:05:03:
32:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:FC:27:67:2A:94:A1:B0:C4:66:58:BF:D2:57:F3:EB:50:1A:48:47
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qvwnZyqUobDEZli_0lfz61AaSEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
56:53:76:9e:a9:de:a7:fe:ea:32:a6:c0:b4:fa:9e:98:13:29:
aa:26:78:bf:b6:59:ea:7e:47:1d:0a:d7:f8:fa:ad:c8:e1:55:
aa:b0:d3:4d:c3:90:c4:dd:e5:5f:aa:4a:9d:47:0f:d8:4a:1a:
fb:b9:3e:38:d5:4f:3a:6b:b6:5e:dc:1f:ad:71:ae:94:8d:50:
c6:bd:9c:a0:9b:20:b8:27:1f:94:10:b7:ec:ad:9d:c6:91:a5:
8c:e2:97:98:13:2f:7c:bb:03:fd:39:06:b5:e4:7e:fd:fd:a6:
39:e7:25:6f:db:be:9e:6b:45:93:04:06:26:b7:2f:22:db:49:
b5:5d:0e:f2:0c:a5:56:6c:9b:15:03:b9:8d:9e:c8:52:5f:dc:
ce:bb:2a:24:82:00:d3:8a:97:e6:e3:83:5d:06:9e:22:44:86:
d5:3d:d9:60:81:b8:0c:26:fe:55:5e:42:80:3d:6b:ed:01:f9:
be:db:5d:08:44:dd:f4:2a:18:3f:62:fe:03:6b:d7:eb:79:dd:
ba:50:79:d2:f7:c3:da:dd:41:cc:ea:ac:58:6a:70:fe:54:2a:
b4:a2:87:35:90:5c:3e:03:a9:5e:4d:2a:8f:13:9e:70:f1:64:
94:7f:9f:21:c4:27:2c:f9:15:e5:07:21:97:69:73:36:33:6b:
fd:c9:c8:a3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0k1FUBZNJpeDPtEenrg5X1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIwMDMwNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWZjMjc2NzJhOTRhMWIwYzQ2NjU4YmZkMjU3ZjNlYjUwMWE0ODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWi+J0n9/Vt4ILkkzSydDYCiwupy
rtyyEywjxdQGRn/r/VG3ef5BtnnLO4ZZ/D1owBTUJGTgl8FoVhEcX7nChNuBy3Hz
wcFrFZk/rD1x4lveC1HUTO1aZO9bBZlt1xwQDVuPQr/oAXWQ/gqr9sxlIK+ijCtU
9JG6XPYBwW3eSGWaj00jB/zFOGVwWEHrqVOAPYXun/M2ZLu4GVEJ7ZFF9gq88RSS
QaXSNRAwEWRUe9MZR/BpcUtYclZJioCDdwbS7mI8TKFMbfxp1cAW5UNew5IU+aj7
AKTCfAxJXxnHADHhuI+shiarh6S0a/+N1d2zTbVps9wXhIukV79wBQMyfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKr8J2cqlKGwxGZYv9JX8+tQGkhHMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcXZ3blp5cVVvYkRFWmxpXzBsZno2MUFhU0VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFZTdp6p3qf+6jKmwLT6
npgTKaomeL+2Wep+Rx0K1/j6rcjhVaqw003DkMTd5V+qSp1HD9hKGvu5PjjVTzpr
tl7cH61xrpSNUMa9nKCbILgnH5QQt+ytncaRpYzil5gTL3y7A/05BrXkfv39pjnn
JW/bvp5rRZMEBia3LyLbSbVdDvIMpVZsmxUDuY2eyFJf3M67KiSCANOKl+bjg10G
niJEhtU92WCBuAwm/lVeQoA9a+0B+b7bXQhE3fQqGD9i/gNr1+t53bpQedL3w9rd
QczqrFhqcP5UKrSihzWQXD4DqV5NKo8TnnDxZJR/nyHEJyz5FeUHIZdpczYza/3J
yKM=
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:01:10 2025 by rpki-client