Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qz1wrRqvga-plIXWRKy2vRCCaks.roa
File: qz1wrRqvga-plIXWRKy2vRCCaks.roa (raw, json)
Hash identifier: IrWK418/a8wW5UWqlGpcHGF9VdclyJgr4DHjGN0/4Dw=
Subject key identifier: AB:3D:70:AD:1A:AF:81:AF:A9:94:85:D6:44:AC:B6:BD:10:82:6A:4B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D1077C3D745574D07D35360B062C8818F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qz1wrRqvga-plIXWRKy2vRCCaks.roa
Signing time: Tue 16 Jan 2024 04:11:40 +0000
ROA not before: Tue 16 Jan 2024 04:11:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:10:77:c3:d7:45:57:4d:07:d3:53:60:b0:62:c8:81:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 16 04:11:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab3d70ad1aaf81afa99485d644acb6bd10826a4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:68:77:ea:2f:09:de:dd:b5:17:0c:4d:54:43:
1f:d1:db:a1:33:f7:4c:b6:19:0e:11:06:f2:2a:a9:
26:fe:0d:5b:3e:67:b2:2e:16:b0:31:72:f1:d3:c5:
62:c3:a5:52:7e:73:f6:bd:ea:c2:28:c9:84:09:86:
b3:8c:49:39:38:8d:b4:4b:30:9c:8f:6a:97:c7:b6:
47:c2:54:b5:fb:b8:fd:b3:e2:48:14:15:1a:e7:56:
66:b2:a2:26:a1:2a:58:69:e8:ca:85:3c:14:1c:7e:
e1:ac:3a:8e:fc:eb:fd:54:3e:c4:65:ed:b2:dc:46:
f2:2e:85:a2:aa:39:6a:a2:c1:4f:1c:0a:ed:4f:f2:
59:fb:88:a1:d2:7f:31:e5:06:b8:3d:56:a3:88:ba:
b3:00:bf:d0:7e:c6:7b:65:f2:1e:56:93:6a:d2:e0:
0d:76:a6:17:18:8b:b9:f0:ad:ff:c9:f3:da:ec:1d:
73:2a:68:dc:09:45:1e:f0:02:d8:38:83:d1:bf:86:
63:22:33:e6:23:e8:ce:45:78:4e:18:0a:75:6c:91:
27:c9:95:1b:e4:f0:5d:dd:81:c9:f8:84:f2:fd:33:
eb:4e:76:13:80:94:15:8d:89:94:5a:39:de:d9:0e:
c3:2f:be:89:4b:6c:f3:2d:69:d2:91:93:2b:81:5a:
3a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:3D:70:AD:1A:AF:81:AF:A9:94:85:D6:44:AC:B6:BD:10:82:6A:4B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qz1wrRqvga-plIXWRKy2vRCCaks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8c:00:7d:93:4d:b7:1e:e2:77:a3:b4:3d:15:d3:28:10:2a:16:
7f:12:c5:11:6a:a4:05:ea:8c:ed:8e:63:c0:7f:c8:41:78:89:
ce:af:e2:1b:e5:e0:ee:5b:dc:dc:23:f5:4d:a9:f8:d5:d0:47:
92:29:3b:f5:3f:ab:d4:92:34:3d:e8:43:c3:89:f8:00:57:8a:
3b:f4:27:24:db:b8:52:d7:52:59:e8:86:44:02:25:b8:a2:22:
e5:ac:e1:8b:3b:2d:f8:80:5e:2b:d3:79:20:1d:ac:05:0e:0f:
1c:ff:3b:95:48:1e:3f:39:c3:87:bb:f4:ac:32:80:d7:69:f8:
14:01:0c:58:40:4f:9d:42:32:ca:13:39:5a:e8:4b:b3:36:1a:
0f:d8:5a:16:63:f7:9b:02:c7:22:3d:7d:2d:4a:e3:35:aa:8e:
f7:ae:c7:4a:11:9b:d9:bd:a0:17:9e:52:42:37:d4:72:90:33:
f5:26:f3:b5:04:e0:33:02:96:0c:1b:8d:2c:54:cd:60:f7:9b:
0f:14:b9:79:99:05:bc:06:19:df:e6:31:6d:38:34:f5:83:a4:
6c:26:96:6a:ac:28:8f:b5:ba:a5:80:86:6c:cd:02:1a:46:fd:
34:ab:05:bf:24:42:16:bc:61:bc:c6:a3:f6:d3:90:14:3d:4c:
0d:83:21:a3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0Qd8PXRVdNB9NTYLBiyIGPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE2MDQxMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjNkNzBhZDFhYWY4MWFmYTk5NDg1ZDY0NGFjYjZiZDEwODI2YTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22h36i8J3t21FwxNVEMf0duhM/dM
thkOEQbyKqkm/g1bPmeyLhawMXLx08Viw6VSfnP2verCKMmECYazjEk5OI20SzCc
j2qXx7ZHwlS1+7j9s+JIFBUa51ZmsqImoSpYaejKhTwUHH7hrDqO/Ov9VD7EZe2y
3EbyLoWiqjlqosFPHArtT/JZ+4ih0n8x5Qa4PVajiLqzAL/QfsZ7ZfIeVpNq0uAN
dqYXGIu58K3/yfPa7B1zKmjcCUUe8ALYOIPRv4ZjIjPmI+jORXhOGAp1bJEnyZUb
5PBd3YHJ+ITy/TPrTnYTgJQVjYmUWjne2Q7DL76JS2zzLWnSkZMrgVo6owIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKs9cK0ar4GvqZSF1kSstr0QgmpLMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcXoxd3JScXZnYS1wbElYV1JLeTJ2UkNDYWtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIwAfZNNtx7id6O0PRXT
KBAqFn8SxRFqpAXqjO2OY8B/yEF4ic6v4hvl4O5b3Nwj9U2p+NXQR5IpO/U/q9SS
ND3oQ8OJ+ABXijv0JyTbuFLXUlnohkQCJbiiIuWs4Ys7LfiAXivTeSAdrAUODxz/
O5VIHj85w4e79KwygNdp+BQBDFhAT51CMsoTOVroS7M2Gg/YWhZj95sCxyI9fS1K
4zWqjveux0oRm9m9oBeeUkI31HKQM/Um87UE4DMClgwbjSxUzWD3mw8UuXmZBbwG
Gd/mMW04NPWDpGwmlmqsKI+1uqWAhmzNAhpG/TSrBb8kQha8YbzGo/bTkBQ9TA2D
IaM=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:20:55 2025 by rpki-client