Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/E3QHs_4I92h8_zeiQt-pd77UcRY.roa
File: E3QHs_4I92h8_zeiQt-pd77UcRY.roa (raw, json)
Hash identifier: i88ETU4WTcYa6bkH5YRsemQEIrgPvfbvX+Lk+t1SNII=
Subject key identifier: 13:74:07:B3:FE:08:F7:68:7C:FF:37:A2:42:DF:A9:77:BE:D4:71:16
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BCB97AE7CAC22DF4840A7592E29D956BE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/E3QHs_4I92h8_zeiQt-pd77UcRY.roa
Signing time: Tue 14 Nov 2023 02:09:57 +0000
ROA not before: Tue 14 Nov 2023 02:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cb:97:ae:7c:ac:22:df:48:40:a7:59:2e:29:d9:56:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 14 02:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=137407b3fe08f7687cff37a242dfa977bed47116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7f:a4:0b:5a:b7:87:93:a8:68:78:e0:d1:85:
1b:21:13:b8:14:2b:b3:6b:c1:d1:34:85:4b:a5:cb:
00:01:52:87:6b:18:f7:3f:e2:00:90:e7:04:a3:94:
15:e8:33:9a:3a:67:5e:92:f4:62:86:b2:f7:5c:fc:
96:8b:27:82:11:dd:36:17:0b:82:fa:51:ae:6b:52:
32:52:7c:6b:92:5e:14:01:a8:0a:22:6c:b4:dc:e8:
54:b6:e0:2b:21:0b:1d:c3:a6:80:50:65:6b:86:10:
13:88:95:7b:82:65:56:e8:e3:36:d7:74:13:b5:8c:
22:29:fa:2d:8a:ed:ed:51:77:2f:3a:1c:2f:64:1a:
c6:11:f7:02:dc:5d:a9:be:c2:23:72:0c:2c:ca:c1:
f9:22:18:0a:55:fa:77:4f:2c:7b:1b:79:3a:95:1c:
44:4e:33:5f:fa:05:83:28:71:49:f9:fa:5c:8c:9e:
2e:0d:d1:37:a3:a6:52:ac:39:b6:46:a1:ab:66:db:
60:4a:f0:d3:94:2a:e1:4c:b3:4a:a9:80:cc:0b:13:
d5:cd:25:55:cd:3f:da:8f:2f:92:4c:07:75:7f:39:
50:b7:f6:37:18:c2:90:bb:4d:db:fb:1a:c5:98:df:
bf:35:30:ec:4f:ee:ad:53:80:61:65:74:8a:5e:b7:
a0:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:74:07:B3:FE:08:F7:68:7C:FF:37:A2:42:DF:A9:77:BE:D4:71:16
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/E3QHs_4I92h8_zeiQt-pd77UcRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ba:9e:67:f4:7a:c4:33:f3:f1:33:79:20:aa:68:0b:63:fa:1f:
ef:c2:91:b0:a3:b3:49:f3:42:e8:4c:d2:76:ed:40:b9:d5:5f:
9e:a8:8c:47:67:cd:8a:fe:83:df:1b:28:c4:44:37:59:da:e2:
59:88:72:83:bd:a1:8b:2d:8b:c7:4c:f5:98:f1:20:7f:74:86:
22:74:2b:97:66:b4:f5:32:c9:d8:b5:fc:13:93:59:36:68:8e:
98:e9:cb:f2:5b:86:95:80:04:89:99:2b:9b:de:71:0a:ef:78:
fa:15:93:fa:8f:3a:73:ec:93:24:a1:b3:ac:9d:f8:fb:35:1a:
e6:c4:87:9c:24:bd:9c:82:cd:b6:c9:87:59:ea:89:6c:3c:0a:
1d:24:89:78:ce:0d:05:5d:80:c9:ac:19:7d:1c:ba:1a:4f:51:
01:bb:90:f6:80:3a:bb:d2:3e:97:60:c6:15:c1:88:39:66:cf:
7c:e5:85:d4:56:7f:f4:03:0f:91:7b:3a:1d:a9:fc:91:8f:e1:
32:57:4e:da:8c:2e:0e:32:26:e1:2d:64:77:03:33:d3:99:c8:
05:36:4a:53:ec:4e:91:47:bd:eb:6c:75:dc:e1:b1:1f:4a:83:
ba:dd:af:a3:62:f1:39:58:1e:6d:64:02:c2:e4:c0:4e:39:34:
2e:38:0b:1d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvLl658rCLfSECnWS4p2Va+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE0MDIwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzc0MDdiM2ZlMDhmNzY4N2NmZjM3YTI0MmRmYTk3N2JlZDQ3MTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtX+kC1q3h5OoaHjg0YUbIRO4FCuz
a8HRNIVLpcsAAVKHaxj3P+IAkOcEo5QV6DOaOmdekvRihrL3XPyWiyeCEd02FwuC
+lGua1IyUnxrkl4UAagKImy03OhUtuArIQsdw6aAUGVrhhATiJV7gmVW6OM213QT
tYwiKfotiu3tUXcvOhwvZBrGEfcC3F2pvsIjcgwsysH5IhgKVfp3Tyx7G3k6lRxE
TjNf+gWDKHFJ+fpcjJ4uDdE3o6ZSrDm2RqGrZttgSvDTlCrhTLNKqYDMCxPVzSVV
zT/ajy+STAd1fzlQt/Y3GMKQu03b+xrFmN+/NTDsT+6tU4BhZXSKXregQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBN0B7P+CPdofP83okLfqXe+1HEWMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRTNRSHNfNEk5Mmg4X3plaVF0LXBkNzdVY1JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALqeZ/R6xDPz8TN5IKpo
C2P6H+/CkbCjs0nzQuhM0nbtQLnVX56ojEdnzYr+g98bKMREN1na4lmIcoO9oYst
i8dM9ZjxIH90hiJ0K5dmtPUyydi1/BOTWTZojpjpy/JbhpWABImZK5vecQrvePoV
k/qPOnPskyShs6yd+Ps1GubEh5wkvZyCzbbJh1nqiWw8Ch0kiXjODQVdgMmsGX0c
uhpPUQG7kPaAOrvSPpdgxhXBiDlmz3zlhdRWf/QDD5F7Oh2p/JGP4TJXTtqMLg4y
JuEtZHcDM9OZyAU2SlPsTpFHvetsddzhsR9Kg7rdr6Ni8TlYHm1kAsLkwE45NC44
Cx0=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:12:12 2025 by rpki-client