Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/SIXWjzMBW_u87hTY0W57IRD3lWM.roa
File: SIXWjzMBW_u87hTY0W57IRD3lWM.roa (raw, json)
Hash identifier: QwhV6ifrKSgw9EAa1QOwx2BbUGJ93bXNoFnCK61WXh0=
Subject key identifier: 48:85:D6:8F:33:01:5B:FB:BC:EE:14:D8:D1:6E:7B:21:10:F7:95:63
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EEDE49B7317F3B2E72798CB264B279990
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/SIXWjzMBW_u87hTY0W57IRD3lWM.roa
Signing time: Wed 17 Apr 2024 21:09:25 +0000
ROA not before: Wed 17 Apr 2024 21:09:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ed:e4:9b:73:17:f3:b2:e7:27:98:cb:26:4b:27:99:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 17 21:09:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4885d68f33015bfbbcee14d8d16e7b2110f79563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:56:52:8d:7d:b5:71:68:64:0a:7b:8d:1f:e0:
90:17:ee:9f:b7:c9:97:f4:90:dd:62:e1:bb:cb:af:
9d:27:48:f3:12:ca:4e:6a:55:12:38:17:0b:d4:75:
aa:d2:ae:84:cc:71:90:00:1a:c0:a8:01:aa:dd:03:
e0:7d:89:2d:4c:e1:15:d6:98:5e:af:40:b0:9f:16:
bd:00:47:aa:71:5c:f8:7d:aa:b7:5a:51:3b:ff:1d:
71:aa:26:6f:19:bc:e6:cd:e2:2d:3d:b8:21:50:ed:
7a:c5:31:85:51:a8:ce:c3:e4:ab:19:4b:f3:9f:ec:
29:e9:4d:49:76:b4:48:d5:f8:83:0a:40:77:eb:6e:
4d:10:ba:6c:ac:a7:b5:50:af:09:5d:8f:fa:76:e7:
be:e5:a7:d2:a5:ad:ad:4e:f6:3b:8b:e3:c1:41:d0:
00:9f:34:31:a8:a0:d5:72:56:26:cf:4a:40:68:47:
09:33:3e:35:94:3f:7b:25:91:2a:eb:9a:bf:55:37:
82:da:75:9d:ff:4e:c8:c1:0a:4a:19:43:52:a5:16:
c6:eb:52:3c:00:d9:bb:78:e4:22:93:bf:d9:56:af:
cc:a6:b9:aa:55:9e:27:59:2a:17:51:25:be:f8:2e:
4d:ac:2b:ff:ac:8f:f9:a1:98:92:eb:42:d2:ad:ce:
6a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:85:D6:8F:33:01:5B:FB:BC:EE:14:D8:D1:6E:7B:21:10:F7:95:63
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/SIXWjzMBW_u87hTY0W57IRD3lWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
91:c0:4f:5a:75:09:57:15:ac:8d:e0:7d:6e:1d:f7:ca:37:5f:
f4:92:1d:34:c1:49:ab:cf:f0:bd:2f:d1:2d:cb:23:67:a5:d9:
48:13:c9:91:d4:4b:9a:56:31:57:b4:03:58:77:f2:0d:31:09:
fe:70:34:3a:e3:b3:58:33:1e:02:0b:53:b3:8a:6a:8d:23:75:
38:78:ad:ea:3d:e3:b0:9c:ed:44:e5:af:fb:88:3a:46:71:d3:
5e:1c:02:5c:7a:70:4e:09:03:02:b0:82:a7:d9:23:bf:56:30:
01:71:97:54:df:1c:90:ef:f6:13:df:d4:20:56:68:9a:96:fa:
bd:bb:05:2e:af:ae:37:07:77:3f:1c:17:e8:b9:66:e3:07:53:
45:5c:86:15:ad:93:12:d2:31:0f:31:e1:58:5b:5c:9c:0e:7c:
51:16:55:20:f3:e5:80:fa:33:37:8a:12:6f:d0:9e:db:17:52:
c7:7e:88:23:10:46:77:fd:e5:b7:4d:12:80:67:1d:bf:b3:e2:
a9:4b:69:40:5d:73:54:52:67:7a:16:0e:aa:1b:6b:d9:ed:2c:
79:94:38:09:e7:3f:07:56:93:01:d3:26:42:e7:c5:2f:3f:68:
d2:bb:34:c6:be:bb:bf:47:06:fc:55:7c:c7:84:5e:cd:8b:26:
62:74:c2:79
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7t5JtzF/Oy5yeYyyZLJ5mQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE3MjEwOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODg1ZDY4ZjMzMDE1YmZiYmNlZTE0ZDhkMTZlN2IyMTEwZjc5NTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+FZSjX21cWhkCnuNH+CQF+6ft8mX
9JDdYuG7y6+dJ0jzEspOalUSOBcL1HWq0q6EzHGQABrAqAGq3QPgfYktTOEV1phe
r0Cwnxa9AEeqcVz4faq3WlE7/x1xqiZvGbzmzeItPbghUO16xTGFUajOw+SrGUvz
n+wp6U1JdrRI1fiDCkB3625NELpsrKe1UK8JXY/6due+5afSpa2tTvY7i+PBQdAA
nzQxqKDVclYmz0pAaEcJMz41lD97JZEq65q/VTeC2nWd/07IwQpKGUNSpRbG61I8
ANm7eOQik7/ZVq/MprmqVZ4nWSoXUSW++C5NrCv/rI/5oZiS60LSrc5qAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEiF1o8zAVv7vO4U2NFueyEQ95VjMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvU0lYV2p6TUJXX3U4N2hUWTBXNTdJUkQzbFdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJHAT1p1CVcVrI3gfW4d
98o3X/SSHTTBSavP8L0v0S3LI2el2UgTyZHUS5pWMVe0A1h38g0xCf5wNDrjs1gz
HgILU7OKao0jdTh4reo947Cc7UTlr/uIOkZx014cAlx6cE4JAwKwgqfZI79WMAFx
l1TfHJDv9hPf1CBWaJqW+r27BS6vrjcHdz8cF+i5ZuMHU0VchhWtkxLSMQ8x4Vhb
XJwOfFEWVSDz5YD6MzeKEm/QntsXUsd+iCMQRnf95bdNEoBnHb+z4qlLaUBdc1RS
Z3oWDqoba9ntLHmUOAnnPwdWkwHTJkLnxS8/aNK7NMa+u79HBvxVfMeEXs2LJmJ0
wnk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:53 2025 by rpki-client