Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qz1xSfd35yTPrudUkVRjZKYzd1g.roa
File: qz1xSfd35yTPrudUkVRjZKYzd1g.roa (raw, json)
Hash identifier: LgNuqVjWpDyAL2c2pi0PsNFA3cwYQNvKCqdc70FsaHc=
Subject key identifier: AB:3D:71:49:F7:77:E7:24:CF:AE:E7:54:91:54:63:64:A6:33:77:58
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D36DE408AE891EADECD3D42C3510D8D6D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qz1xSfd35yTPrudUkVRjZKYzd1g.roa
Signing time: Tue 23 Jan 2024 15:09:11 +0000
ROA not before: Tue 23 Jan 2024 15:09:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:36:de:40:8a:e8:91:ea:de:cd:3d:42:c3:51:0d:8d:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 23 15:09:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ab3d7149f777e724cfaee75491546364a6337758
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a7:8f:bf:c1:42:22:0a:73:da:be:fa:dd:03:
0d:0a:f2:eb:d4:92:b7:46:1b:3a:bb:e8:59:a3:c8:
25:75:e7:2d:e7:1a:1d:a9:35:6a:7f:42:96:61:14:
0c:fa:40:7c:dd:d4:f0:db:1a:6c:52:c5:2b:8e:0a:
f1:01:ac:51:08:27:ee:7a:ff:0b:c6:24:a9:a3:79:
81:18:45:b8:77:54:90:2a:22:ad:b9:90:fb:95:fe:
2a:34:de:ba:cf:12:22:7e:a1:34:e9:80:03:ca:62:
dc:39:5a:4a:21:43:01:af:c0:2f:54:03:17:81:e6:
7a:08:c8:cf:13:8d:7a:c6:0a:d1:40:d8:81:dc:db:
1f:54:6e:1a:d1:19:22:9a:af:bf:52:9a:bf:91:b8:
4a:8f:75:d4:71:14:2c:83:49:35:22:66:97:d9:dd:
02:80:66:c4:88:de:8b:b6:0e:8e:53:32:2d:38:b7:
d6:4b:dc:6e:c9:43:47:9d:31:b8:fd:c8:dd:f2:e3:
97:3f:1f:ee:b7:b7:08:4e:4b:bc:31:28:8c:a7:3d:
c6:6c:38:59:98:84:c4:bb:a4:13:4b:db:e1:fd:e7:
20:37:1a:7d:ff:4a:aa:4d:3a:66:a4:c3:f3:32:df:
a8:ff:f1:25:b8:e8:ea:9b:42:1d:ec:ac:8e:21:a0:
2a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:3D:71:49:F7:77:E7:24:CF:AE:E7:54:91:54:63:64:A6:33:77:58
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qz1xSfd35yTPrudUkVRjZKYzd1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2d:51:8a:34:f3:ac:e1:28:af:c1:db:cb:c4:d6:b3:97:b9:8c:
af:47:6e:52:d7:0b:c4:48:28:c5:78:f7:a6:c9:14:8a:46:b9:
82:41:89:6f:19:eb:94:08:57:be:69:6e:3b:5b:a7:db:94:6f:
57:38:b1:10:be:cc:05:8a:70:4b:9e:1d:f5:b6:27:8d:01:23:
2e:84:09:ca:e9:ad:a5:19:fc:9d:82:b3:ed:44:fb:80:32:da:
c5:f7:98:8e:46:d9:3e:a5:29:ca:61:0b:1c:22:e9:72:46:ee:
2f:6c:ae:81:0a:e2:cf:c1:69:53:75:35:36:4a:7b:95:80:c9:
d3:83:0f:2c:32:93:ff:a1:d0:3c:3f:f0:b2:23:d5:23:0f:a6:
52:77:49:9e:04:00:c5:9d:35:f3:20:5a:1a:8b:56:4f:4b:16:
f2:62:14:34:2d:5d:23:5e:17:95:8d:03:2b:6a:d8:d5:2d:5c:
bd:1f:86:53:d8:2a:0c:1f:89:45:2d:2f:bd:3c:c0:62:c4:34:
d2:b1:a6:d5:ab:5e:64:db:b9:4d:26:1f:f6:cf:e3:52:26:3d:
9f:89:de:a5:c6:77:01:ab:97:56:2e:84:cc:39:f0:b9:14:65:
e2:50:d6:e7:10:6a:b9:22:7f:b4:cd:88:e9:82:06:f2:f8:7d:
7b:b5:98:13
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY023kCK6JHq3s09QsNRDY1tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIzMTUwOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjNkNzE0OWY3NzdlNzI0Y2ZhZWU3NTQ5MTU0NjM2NGE2MzM3NzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6ePv8FCIgpz2r763QMNCvLr1JK3
Rhs6u+hZo8gldect5xodqTVqf0KWYRQM+kB83dTw2xpsUsUrjgrxAaxRCCfuev8L
xiSpo3mBGEW4d1SQKiKtuZD7lf4qNN66zxIifqE06YADymLcOVpKIUMBr8AvVAMX
geZ6CMjPE416xgrRQNiB3NsfVG4a0Rkimq+/Upq/kbhKj3XUcRQsg0k1ImaX2d0C
gGbEiN6Ltg6OUzItOLfWS9xuyUNHnTG4/cjd8uOXPx/ut7cITku8MSiMpz3GbDhZ
mITEu6QTS9vh/ecgNxp9/0qqTTpmpMPzMt+o//EluOjqm0Id7KyOIaAq2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKs9cUn3d+ckz67nVJFUY2SmM3dYMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcXoxeFNmZDM1eVRQcnVkVWtWUmpaS1l6ZDFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC1RijTzrOEor8Hby8TW
s5e5jK9HblLXC8RIKMV496bJFIpGuYJBiW8Z65QIV75pbjtbp9uUb1c4sRC+zAWK
cEueHfW2J40BIy6ECcrpraUZ/J2Cs+1E+4Ay2sX3mI5G2T6lKcphCxwi6XJG7i9s
roEK4s/BaVN1NTZKe5WAydODDywyk/+h0Dw/8LIj1SMPplJ3SZ4EAMWdNfMgWhqL
Vk9LFvJiFDQtXSNeF5WNAytq2NUtXL0fhlPYKgwfiUUtL708wGLENNKxptWrXmTb
uU0mH/bP41ImPZ+J3qXGdwGrl1YuhMw58LkUZeJQ1ucQarkif7TNiOmCBvL4fXu1
mBM=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:34:15 2025 by rpki-client