Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/Dg6YHWkiD9YJJeSKJnPiCf1VrSo.roa
File: Dg6YHWkiD9YJJeSKJnPiCf1VrSo.roa (raw, json)
Hash identifier: 277ddMPE+5VVId9yFMru4RCecdjJ4tkBrXlaaYKTGmM=
Subject key identifier: 0E:0E:98:1D:69:22:0F:D6:09:25:E4:8A:26:73:E2:09:FD:55:AD:2A
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EE9D2BC9C9CAA5C06743F9CEE97EA6F5F
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/Dg6YHWkiD9YJJeSKJnPiCf1VrSo.roa
Signing time: Wed 17 Apr 2024 02:11:25 +0000
ROA not before: Wed 17 Apr 2024 02:11:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e9:d2:bc:9c:9c:aa:5c:06:74:3f:9c:ee:97:ea:6f:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 17 02:11:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e0e981d69220fd60925e48a2673e209fd55ad2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:6d:ef:c5:9c:8d:c3:20:9e:a6:79:78:4a:b4:
1b:d4:e5:6a:e4:42:85:a9:7c:96:fe:25:39:e8:14:
03:93:bd:bd:7c:02:8d:9c:57:97:00:25:8b:fa:35:
93:b0:f6:5d:a9:88:3d:52:ca:fa:f9:e8:53:73:49:
34:d5:f5:2c:f0:07:f0:c1:d1:97:4b:b0:7a:8d:84:
36:45:f3:69:e6:38:d1:ca:fb:6b:e3:aa:16:4e:54:
6a:ab:77:ab:4f:44:4f:1f:41:7a:dd:f4:60:01:75:
f0:e7:47:5d:89:71:dc:24:e0:9c:61:84:93:9b:02:
69:12:03:5f:fb:bb:b1:b0:56:7a:08:88:43:e3:29:
15:01:91:f2:72:d3:79:1f:e1:6a:7f:61:ed:cc:6f:
96:f0:19:ab:db:cf:b1:70:be:9b:e7:5e:9f:fa:54:
41:3f:39:27:b3:b4:36:7d:40:b6:45:45:b7:dd:be:
7a:79:81:9a:4b:ba:28:05:ae:8a:d4:78:f5:06:09:
d0:ef:68:2b:ae:6b:e9:18:e9:3d:2d:89:0f:d2:bc:
fe:6d:02:13:1c:a0:92:d0:5c:24:99:40:1e:df:2e:
a2:5a:1c:f1:4d:6f:02:70:b8:43:44:17:c8:df:5d:
af:40:1d:8d:84:52:d4:37:74:6e:23:e4:d9:51:a6:
30:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:0E:98:1D:69:22:0F:D6:09:25:E4:8A:26:73:E2:09:FD:55:AD:2A
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/Dg6YHWkiD9YJJeSKJnPiCf1VrSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7c:cd:9d:82:e4:3e:56:29:d6:3f:fd:7a:e4:3b:45:fc:08:79:
7f:1e:14:bb:62:f3:fe:d7:04:55:35:c7:f1:fa:6b:5f:bf:a3:
2c:16:01:7b:c9:3b:72:ac:8c:42:e8:6f:48:17:1d:38:90:f6:
b3:bc:85:17:7d:86:2e:21:7d:49:bc:a4:2e:6b:d5:89:d9:d0:
7e:8a:cf:ee:ab:ad:0d:8b:a3:d8:4e:37:23:54:bc:2b:b7:a7:
6c:86:07:99:a1:90:cf:49:a2:3e:0c:b4:86:2d:21:7c:69:4b:
bc:39:4d:1c:02:3f:55:c0:6a:10:8c:78:36:48:19:da:07:85:
1a:0d:e3:a9:8b:cc:52:13:f5:f5:ad:e1:76:d2:fa:aa:89:9b:
fd:f4:f8:5f:01:b3:af:de:3c:d8:c3:40:5e:9e:82:c0:c4:61:
66:3e:ea:d6:e0:35:53:43:fa:8d:f9:35:49:b5:e6:38:6d:9c:
ca:b6:0a:7f:1d:7d:1e:78:96:2c:d1:de:8b:6e:0c:5a:f5:37:
31:94:51:2b:e0:64:08:d3:62:e3:b6:98:6c:6b:ec:d7:ee:0a:
f8:44:d0:16:d4:cc:27:25:80:c5:c2:30:4c:5c:57:0d:af:e7:
6d:0d:1c:31:b1:25:f8:f9:4e:f4:18:08:39:e5:ee:3b:8a:8c:
15:2c:a1:77
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7p0rycnKpcBnQ/nO6X6m9fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE3MDIxMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTBlOTgxZDY5MjIwZmQ2MDkyNWU0OGEyNjczZTIwOWZkNTVhZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzG3vxZyNwyCepnl4SrQb1OVq5EKF
qXyW/iU56BQDk729fAKNnFeXACWL+jWTsPZdqYg9Usr6+ehTc0k01fUs8AfwwdGX
S7B6jYQ2RfNp5jjRyvtr46oWTlRqq3erT0RPH0F63fRgAXXw50ddiXHcJOCcYYST
mwJpEgNf+7uxsFZ6CIhD4ykVAZHyctN5H+Fqf2HtzG+W8Bmr28+xcL6b516f+lRB
Pzkns7Q2fUC2RUW33b56eYGaS7ooBa6K1Hj1BgnQ72grrmvpGOk9LYkP0rz+bQIT
HKCS0FwkmUAe3y6iWhzxTW8CcLhDRBfI312vQB2NhFLUN3RuI+TZUaYwiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA4OmB1pIg/WCSXkiiZz4gn9Va0qMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvRGc2WUhXa2lEOVlKSmVTS0puUGlDZjFWclNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHzNnYLkPlYp1j/9euQ7
RfwIeX8eFLti8/7XBFU1x/H6a1+/oywWAXvJO3KsjELob0gXHTiQ9rO8hRd9hi4h
fUm8pC5r1YnZ0H6Kz+6rrQ2Lo9hONyNUvCu3p2yGB5mhkM9Joj4MtIYtIXxpS7w5
TRwCP1XAahCMeDZIGdoHhRoN46mLzFIT9fWt4XbS+qqJm/30+F8Bs6/ePNjDQF6e
gsDEYWY+6tbgNVND+o35NUm15jhtnMq2Cn8dfR54lizR3otuDFr1NzGUUSvgZAjT
YuO2mGxr7NfuCvhE0BbUzCclgMXCMExcVw2v520NHDGxJfj5TvQYCDnl7juKjBUs
oXc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:22 2025 by rpki-client