Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/6BymHH0vfIFjd67EiTC0IFkXOv8.roa
File: 6BymHH0vfIFjd67EiTC0IFkXOv8.roa (raw, json)
Hash identifier: gc4K3tym9vQzLZE1VEvXBM31YdKEVXnpysh9Ao9O82w=
Subject key identifier: E8:1C:A6:1C:7D:2F:7C:81:63:77:AE:C4:89:30:B4:20:59:17:3A:FF
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EEFCE6A091F3E392C40761095F41C3708
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/6BymHH0vfIFjd67EiTC0IFkXOv8.roa
Signing time: Thu 18 Apr 2024 06:04:25 +0000
ROA not before: Thu 18 Apr 2024 06:04:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:efce:575a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ef:ce:6a:09:1f:3e:39:2c:40:76:10:95:f4:1c:37:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 18 06:04:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e81ca61c7d2f7c816377aec48930b42059173aff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:37:fe:4d:3f:b0:1d:24:d2:8d:d4:7e:36:0c:
f8:bb:7d:47:30:13:95:9f:ac:ec:94:14:a2:7e:39:
29:f6:af:4a:a8:76:d5:08:52:9c:d1:02:cb:e6:f7:
42:3d:f2:d8:3e:0c:e9:5e:22:9f:2c:eb:a5:6f:f8:
81:eb:56:81:79:aa:a7:39:41:9c:c9:02:2e:df:6c:
94:b1:ed:7d:b2:17:e2:0c:3a:3b:11:d3:a7:30:96:
f3:41:38:91:54:15:fb:29:5c:fc:72:4d:79:79:0d:
f7:df:95:31:e4:c6:fa:50:af:95:b2:e4:88:c2:3f:
73:98:e6:1a:06:ea:ff:4c:b7:02:20:98:85:61:8e:
e3:c0:ac:ab:da:8d:6d:8a:fe:8a:78:34:83:17:68:
cd:f4:3c:22:8b:0d:4c:93:bf:57:39:54:dd:59:fb:
a3:6c:f1:44:04:0b:81:ee:4b:3d:54:68:5f:30:46:
37:44:cd:0c:10:3d:b1:f9:58:7f:ba:0e:90:a1:bc:
94:9b:e2:b6:2c:fa:df:c0:a8:ac:bf:aa:c0:50:29:
96:c4:eb:23:98:24:69:72:60:79:0e:13:18:18:1b:
b3:03:ad:4c:6e:2c:f8:76:34:0f:1c:83:db:1d:d0:
2b:36:39:6f:66:85:7f:28:aa:3e:1c:6f:af:93:43:
10:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:1C:A6:1C:7D:2F:7C:81:63:77:AE:C4:89:30:B4:20:59:17:3A:FF
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/6BymHH0vfIFjd67EiTC0IFkXOv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
85:ed:48:fc:61:2d:26:af:cc:58:56:50:5f:4f:b8:c8:9d:36:
53:65:6b:4f:aa:34:f9:53:43:20:a5:80:08:3d:d7:f4:f4:cb:
38:60:b3:88:06:35:a4:24:31:8b:d3:c6:12:1a:77:dd:b0:b8:
41:21:56:55:92:15:49:45:91:08:d8:a2:7e:d2:90:90:96:4e:
ac:69:2d:21:3b:9a:97:08:1e:35:b5:67:5a:a1:2e:b9:07:20:
84:be:28:d2:96:da:3f:e0:22:70:35:ce:8a:f1:50:d5:9d:63:
b3:2b:1a:80:80:5a:5c:ac:04:9e:8d:93:ba:86:3a:0d:a3:9a:
66:7a:ba:65:f1:0e:97:34:ab:90:6d:e0:e5:1c:65:60:fd:c8:
fe:f1:95:5e:5f:fd:cd:eb:82:62:73:a1:b2:69:88:62:f1:15:
c4:30:f4:a3:a6:a6:ec:16:84:f0:0c:3b:9d:5c:cc:cc:4b:17:
ad:f2:07:fb:c8:f7:a2:c6:46:24:f5:d8:77:8f:36:83:82:c5:
39:01:f0:4b:2f:6a:87:5b:0c:76:9c:60:11:cc:1f:f2:61:2f:
0d:36:fa:15:13:6c:34:dd:58:95:0c:b2:32:00:a2:bf:82:ab:
bf:8f:2d:00:62:1c:1f:ad:31:7f:9a:50:dd:10:37:75:c0:cd:
61:05:84:5d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7vzmoJHz45LEB2EJX0HDcIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE4MDYwNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODFjYTYxYzdkMmY3YzgxNjM3N2FlYzQ4OTMwYjQyMDU5MTczYWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjf+TT+wHSTSjdR+Ngz4u31HMBOV
n6zslBSifjkp9q9KqHbVCFKc0QLL5vdCPfLYPgzpXiKfLOulb/iB61aBeaqnOUGc
yQIu32yUse19shfiDDo7EdOnMJbzQTiRVBX7KVz8ck15eQ3335Ux5Mb6UK+VsuSI
wj9zmOYaBur/TLcCIJiFYY7jwKyr2o1tiv6KeDSDF2jN9Dwiiw1Mk79XOVTdWfuj
bPFEBAuB7ks9VGhfMEY3RM0MED2x+Vh/ug6QobyUm+K2LPrfwKisv6rAUCmWxOsj
mCRpcmB5DhMYGBuzA61Mbiz4djQPHIPbHdArNjlvZoV/KKo+HG+vk0MQEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOgcphx9L3yBY3euxIkwtCBZFzr/MB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvNkJ5bUhIMHZmSUZqZDY3RWlUQzBJRmtYT3Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIXtSPxhLSavzFhWUF9P
uMidNlNla0+qNPlTQyClgAg91/T0yzhgs4gGNaQkMYvTxhIad92wuEEhVlWSFUlF
kQjYon7SkJCWTqxpLSE7mpcIHjW1Z1qhLrkHIIS+KNKW2j/gInA1zorxUNWdY7Mr
GoCAWlysBJ6Nk7qGOg2jmmZ6umXxDpc0q5Bt4OUcZWD9yP7xlV5f/c3rgmJzobJp
iGLxFcQw9KOmpuwWhPAMO51czMxLF63yB/vI96LGRiT12HePNoOCxTkB8Esvaodb
DHacYBHMH/JhLw02+hUTbDTdWJUMsjIAor+Cq7+PLQBiHB+tMX+aUN0QN3XAzWEF
hF0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:33 2025 by rpki-client