Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/cR9iLq4KDoJbuSUu87KsJixrySw.roa
File: cR9iLq4KDoJbuSUu87KsJixrySw.roa (raw, json)
Hash identifier: s08e7xMJybYcn/7q9wKcjOHIV0qe9e/O/loza/7VWrY=
Subject key identifier: 71:1F:62:2E:AE:0A:0E:82:5B:B9:25:2E:F3:B2:AC:26:2C:6B:C9:2C
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EF30CCCBECC4A52DD5FD5E8E4B63D7943
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/cR9iLq4KDoJbuSUu87KsJixrySw.roa
Signing time: Thu 18 Apr 2024 21:11:26 +0000
ROA not before: Thu 18 Apr 2024 21:11:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:f1f3:8b1f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f3:0c:cc:be:cc:4a:52:dd:5f:d5:e8:e4:b6:3d:79:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 18 21:11:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=711f622eae0a0e825bb9252ef3b2ac262c6bc92c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:61:94:a1:9f:70:be:06:22:a0:ce:57:9e:28:
12:08:81:a1:a2:82:f7:33:a5:fb:51:01:c0:ed:54:
9b:d2:0a:34:83:b4:2c:45:c1:13:61:a3:c0:7c:61:
e4:f7:ac:78:07:8b:f1:d2:dc:75:1f:8e:e7:b0:31:
95:7e:83:15:6f:94:db:66:f8:b8:ac:16:12:35:3c:
1a:94:33:db:2c:5c:54:60:5e:61:e4:9f:12:5d:8b:
eb:ef:6e:26:05:b1:ed:66:42:51:6d:95:f3:6b:36:
2f:54:46:68:4e:f7:c3:cb:3f:72:f3:ac:1f:b7:3d:
21:59:83:af:92:38:c6:40:02:e4:6c:27:86:2a:65:
e3:cd:93:89:81:17:3d:ce:37:6b:02:70:5c:c8:4a:
5e:98:09:8a:a3:c7:a4:c3:e1:fc:ed:27:3b:73:63:
d4:7f:03:6d:c1:bb:b0:dd:6e:3a:80:68:af:4c:08:
db:9e:b8:75:1b:d2:39:af:9a:20:f9:31:a4:76:4f:
3b:5d:79:82:88:3e:2a:6a:bd:e6:34:91:5d:5e:de:
47:1d:bd:c7:21:ea:e6:e3:d6:3c:5d:ae:a1:e6:dd:
0f:61:c3:74:c5:85:e8:7e:de:69:9c:a3:f4:32:91:
d3:43:17:fc:a1:71:ef:dc:ed:43:aa:45:3b:c8:f4:
bb:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:1F:62:2E:AE:0A:0E:82:5B:B9:25:2E:F3:B2:AC:26:2C:6B:C9:2C
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/cR9iLq4KDoJbuSUu87KsJixrySw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
71:d5:74:7f:ae:ee:be:2e:b8:85:ad:a6:4e:75:f7:54:e6:06:
92:de:30:39:24:2a:84:91:59:89:91:05:61:f5:29:c3:20:4e:
40:49:12:26:99:0a:4e:37:51:59:0f:21:4f:07:c5:79:37:11:
5b:26:4f:6e:9f:97:c1:dc:bf:9f:02:f7:1d:d7:8f:77:98:2b:
5d:94:f2:ad:ec:c9:3a:33:d2:cd:f4:63:86:aa:e8:67:ef:04:
0f:ed:69:be:fb:96:d6:5c:3d:b4:11:3a:e3:2c:79:fa:a0:36:
c2:08:d0:4f:ad:2e:c8:39:d6:1a:b0:2c:55:b6:37:49:68:27:
ed:b8:b0:c9:c8:d0:0f:8a:08:89:05:96:80:5d:fc:99:8a:54:
64:69:6e:fd:5c:35:25:3f:dc:7b:77:b0:cf:bf:60:2a:5b:38:
88:d0:ef:08:d3:5c:59:1b:32:6d:74:fa:36:82:cd:c1:0c:cf:
8c:ab:6b:fc:13:0c:a5:d0:ae:f0:77:66:7c:61:3e:06:0b:1f:
a9:b5:cc:f9:89:48:ee:56:32:6e:e1:60:78:b8:3e:a4:66:a5:
66:32:bc:88:21:c4:64:48:57:f9:8c:b9:d1:09:85:02:2e:cf:
ac:2b:3a:d6:54:d4:78:3e:c9:88:13:4a:96:54:76:82:9b:0f:
55:b7:43:da
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7zDMy+zEpS3V/V6OS2PXlDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE4MjExMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTFmNjIyZWFlMGEwZTgyNWJiOTI1MmVmM2IyYWMyNjJjNmJjOTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWGUoZ9wvgYioM5XnigSCIGhooL3
M6X7UQHA7VSb0go0g7QsRcETYaPAfGHk96x4B4vx0tx1H47nsDGVfoMVb5TbZvi4
rBYSNTwalDPbLFxUYF5h5J8SXYvr724mBbHtZkJRbZXzazYvVEZoTvfDyz9y86wf
tz0hWYOvkjjGQALkbCeGKmXjzZOJgRc9zjdrAnBcyEpemAmKo8ekw+H87Sc7c2PU
fwNtwbuw3W46gGivTAjbnrh1G9I5r5og+TGkdk87XXmCiD4qar3mNJFdXt5HHb3H
Ierm49Y8Xa6h5t0PYcN0xYXoft5pnKP0MpHTQxf8oXHv3O1DqkU7yPS78QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHEfYi6uCg6CW7klLvOyrCYsa8ksMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvY1I5aUxxNEtEb0pidVNVdTg3S3NKaXhyeVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHHVdH+u7r4uuIWtpk51
91TmBpLeMDkkKoSRWYmRBWH1KcMgTkBJEiaZCk43UVkPIU8HxXk3EVsmT26fl8Hc
v58C9x3Xj3eYK12U8q3syToz0s30Y4aq6GfvBA/tab77ltZcPbQROuMsefqgNsII
0E+tLsg51hqwLFW2N0loJ+24sMnI0A+KCIkFloBd/JmKVGRpbv1cNSU/3Ht3sM+/
YCpbOIjQ7wjTXFkbMm10+jaCzcEMz4yra/wTDKXQrvB3ZnxhPgYLH6m1zPmJSO5W
Mm7hYHi4PqRmpWYyvIghxGRIV/mMudEJhQIuz6wrOtZU1Hg+yYgTSpZUdoKbD1W3
Q9o=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:08:07 2025 by rpki-client