Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/Q-lnsGxlvry4vjwp90hzH3WatFs.roa
File: Q-lnsGxlvry4vjwp90hzH3WatFs.roa (raw, json)
Hash identifier: FwjeHdUrdj743T4fRxkxfvOvCIDqSP4VXFZvjoe3n5E=
Subject key identifier: 43:E9:67:B0:6C:65:BE:BC:B8:BE:3C:29:F7:48:73:1F:75:9A:B4:5B
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EF343BBA087691F713C51E312F0A560AD
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/Q-lnsGxlvry4vjwp90hzH3WatFs.roa
Signing time: Thu 18 Apr 2024 22:11:26 +0000
ROA not before: Thu 18 Apr 2024 22:11:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:f1f3:8b1f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f3:43:bb:a0:87:69:1f:71:3c:51:e3:12:f0:a5:60:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 18 22:11:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43e967b06c65bebcb8be3c29f748731f759ab45b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:6c:5e:64:76:6f:5f:f2:4d:67:e3:84:18:27:
80:e5:9d:c9:a2:c5:ab:e4:c1:eb:07:20:d8:c5:43:
8a:96:05:6e:ad:fc:09:e2:5e:fa:45:ea:d6:fc:c9:
e5:02:c7:39:9a:11:5f:3f:21:d6:55:95:27:6f:aa:
c6:3f:99:64:af:36:1f:3b:1c:42:3c:82:67:99:b0:
86:de:ae:78:f7:80:9e:40:6a:46:25:79:31:00:f5:
1a:d6:3c:98:97:70:ae:0a:91:37:9a:92:60:7d:4d:
fa:12:83:94:2b:23:dc:1a:b7:0a:54:15:cd:b8:15:
9f:21:39:53:a2:58:23:53:fb:b3:88:09:f9:1d:78:
03:30:81:e8:d1:c0:ad:62:73:82:a1:c7:d9:87:35:
32:7a:4b:8b:36:5d:55:46:f7:0b:0e:a5:7d:0b:22:
28:68:d3:dd:f8:b7:39:58:ad:c1:33:57:2b:dc:c2:
70:79:39:7c:d4:97:4f:e1:66:7c:2b:0c:78:38:d9:
5d:af:a0:03:97:d3:88:f2:d4:76:5f:c5:40:cc:05:
d0:c0:2f:2f:8e:7b:21:06:3b:84:8a:1d:de:d6:7a:
5c:54:e5:c3:d3:0d:9d:15:88:2c:18:a0:37:af:77:
80:59:a3:05:d1:12:f5:d1:db:e4:95:08:00:39:40:
6c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E9:67:B0:6C:65:BE:BC:B8:BE:3C:29:F7:48:73:1F:75:9A:B4:5B
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/Q-lnsGxlvry4vjwp90hzH3WatFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:f4:83:12:41:35:d0:29:f4:0e:b1:93:ac:54:56:28:06:6f:
f3:fd:3e:c0:ce:9e:ea:45:8f:af:b9:be:5d:15:4c:8f:0e:d7:
a0:cd:37:95:eb:74:f8:5b:6b:0d:d3:b7:05:5d:78:4d:f9:bb:
b8:58:a4:89:b5:6a:4a:2c:cc:7e:48:ec:cc:10:5c:90:1a:80:
a0:17:7b:d8:5b:ed:e2:37:d8:ab:22:16:65:c4:5e:10:d1:26:
38:85:9f:89:a0:7d:eb:4b:de:70:50:37:b0:a4:ff:e5:59:75:
de:69:b9:9e:5a:a7:a3:49:23:4d:c7:d6:1b:33:73:4b:3b:24:
31:41:23:24:bb:dc:b8:92:2b:5c:f4:e2:31:04:31:10:84:59:
dc:28:3f:a1:e9:68:b9:8a:de:1b:1f:77:99:14:30:87:fb:a9:
96:02:eb:f3:0c:9e:56:15:77:01:13:59:9a:ad:5f:ce:24:51:
cb:1b:81:91:91:f0:5b:fe:d8:29:45:57:2c:44:f4:5f:37:f3:
c8:4f:df:f6:02:0c:50:f2:7a:3a:7f:17:c5:9b:88:fe:52:b6:
e2:c1:d3:f7:96:11:24:1e:93:99:24:6e:ab:93:d1:b5:5a:41:
d5:a3:11:f0:11:0d:5e:ff:f9:bf:45:0c:11:46:98:c2:a7:d3:
ff:8f:98:4c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7zQ7ugh2kfcTxR4xLwpWCtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE4MjIxMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2U5NjdiMDZjNjViZWJjYjhiZTNjMjlmNzQ4NzMxZjc1OWFiNDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2xeZHZvX/JNZ+OEGCeA5Z3JosWr
5MHrByDYxUOKlgVurfwJ4l76RerW/MnlAsc5mhFfPyHWVZUnb6rGP5lkrzYfOxxC
PIJnmbCG3q5494CeQGpGJXkxAPUa1jyYl3CuCpE3mpJgfU36EoOUKyPcGrcKVBXN
uBWfITlTolgjU/uziAn5HXgDMIHo0cCtYnOCocfZhzUyekuLNl1VRvcLDqV9CyIo
aNPd+Lc5WK3BM1cr3MJweTl81JdP4WZ8Kwx4ONldr6ADl9OI8tR2X8VAzAXQwC8v
jnshBjuEih3e1npcVOXD0w2dFYgsGKA3r3eAWaMF0RL10dvklQgAOUBsHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEPpZ7BsZb68uL48KfdIcx91mrRbMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvUS1sbnNHeGx2cnk0dmp3cDkwaHpIM1dhdEZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHb0gxJBNdAp9A6xk6xU
VigGb/P9PsDOnupFj6+5vl0VTI8O16DNN5XrdPhbaw3TtwVdeE35u7hYpIm1akos
zH5I7MwQXJAagKAXe9hb7eI32KsiFmXEXhDRJjiFn4mgfetL3nBQN7Ck/+VZdd5p
uZ5ap6NJI03H1hszc0s7JDFBIyS73LiSK1z04jEEMRCEWdwoP6HpaLmK3hsfd5kU
MIf7qZYC6/MMnlYVdwETWZqtX84kUcsbgZGR8Fv+2ClFVyxE9F8388hP3/YCDFDy
ejp/F8WbiP5StuLB0/eWESQek5kkbquT0bVaQdWjEfARDV7/+b9FDBFGmMKn0/+P
mEw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:50 2024 by rpki-client on console-fra.rpki-client.org