Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/l8nnrpry41wRdw4mTxt_Lxmls1U.roa
File: l8nnrpry41wRdw4mTxt_Lxmls1U.roa (raw, json)
Hash identifier: zfpgtJrTdFbBzqk6nl5G4fioh0nhCRu9sE7TYRKiuOA=
Subject key identifier: 97:C9:E7:AE:9A:F2:E3:5C:11:77:0E:26:4F:1B:7F:2F:19:A5:B3:55
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EF41E8A73A49F231EB3C2815039A366A7
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/l8nnrpry41wRdw4mTxt_Lxmls1U.roa
Signing time: Fri 19 Apr 2024 02:10:25 +0000
ROA not before: Fri 19 Apr 2024 02:10:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:f1f3:8b1f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f4:1e:8a:73:a4:9f:23:1e:b3:c2:81:50:39:a3:66:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 19 02:10:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97c9e7ae9af2e35c11770e264f1b7f2f19a5b355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:47:85:9f:28:22:0e:d1:34:d8:5d:a2:ca:96:
e3:cc:b9:f4:c8:e4:6a:69:43:d7:4d:c9:79:fa:a6:
ef:3f:c7:31:23:6e:96:62:f4:a9:ae:82:4b:fc:53:
d7:f4:aa:79:2b:e6:26:d6:1f:48:54:c7:5c:0a:90:
13:13:64:67:ad:49:4b:3e:eb:52:75:82:47:32:df:
9c:52:c4:81:2c:1b:2a:1b:16:8f:d4:91:85:0f:25:
3f:d5:43:7a:3f:22:ee:d5:9e:03:dc:bc:fb:d4:4d:
cb:2f:ff:33:c2:db:a0:94:dc:8c:83:08:55:6e:44:
ba:91:35:e0:db:22:28:5b:b9:2f:56:d6:92:38:e7:
71:62:4f:6b:45:77:71:17:7a:52:82:f0:79:bc:67:
ad:d0:a9:b9:fe:5b:58:83:3b:cd:8f:ec:1e:1b:db:
71:b5:ba:a7:3a:f7:a4:ee:52:5d:41:22:5c:77:41:
ed:47:d7:42:a6:78:18:f6:8d:c1:1b:f6:44:8d:49:
68:50:7c:06:49:86:dd:3d:7b:a5:8e:62:9d:6d:e9:
68:95:71:38:b5:99:d5:25:76:a3:03:c0:f4:68:c8:
58:ed:b9:6c:ab:df:74:6e:e5:af:5a:21:2d:ff:ce:
5b:c1:19:d7:f8:97:cd:3a:4c:f3:40:fc:f6:eb:48:
95:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C9:E7:AE:9A:F2:E3:5C:11:77:0E:26:4F:1B:7F:2F:19:A5:B3:55
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/l8nnrpry41wRdw4mTxt_Lxmls1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
74:b6:8d:2d:44:50:2e:7d:16:20:34:08:4a:33:7d:60:d7:f3:
3f:e5:8a:da:9f:6e:69:9b:eb:d2:93:9d:df:c9:12:da:02:c3:
c6:27:d7:20:5a:34:78:d5:61:79:ce:b8:01:c7:d9:92:2b:87:
84:15:ab:18:94:14:67:2e:d7:88:6a:d9:fc:8c:4b:5f:6c:06:
f6:1d:13:43:7c:f2:41:8e:8b:c1:0f:b6:97:ae:b4:95:14:eb:
e5:63:d0:b3:20:3f:0b:a2:10:32:19:dd:79:e1:76:67:7d:21:
05:dc:83:bf:ed:16:aa:45:4d:02:d9:bf:48:71:55:2e:99:85:
09:f8:52:d0:7b:6b:46:64:83:28:5e:a6:51:26:d5:d3:2d:a5:
28:19:b7:5b:d6:de:c7:3f:51:dc:30:45:55:14:b7:36:f7:4f:
03:e5:73:eb:13:d7:0b:db:9f:4a:98:65:44:b3:db:50:8f:69:
c4:1a:a2:40:6a:51:c8:00:24:d5:ab:88:b4:36:21:85:0a:99:
00:cc:f4:0a:a2:93:46:63:65:26:fb:29:3f:f6:08:9f:cb:d6:
d7:61:f8:d7:77:bf:af:64:a1:8f:34:b9:01:50:38:c5:1c:17:
79:7b:86:c1:f9:e0:e7:d9:11:2f:da:aa:2a:e2:4f:d4:b5:bf:
6d:21:bd:90
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY70HopzpJ8jHrPCgVA5o2anMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE5MDIxMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2M5ZTdhZTlhZjJlMzVjMTE3NzBlMjY0ZjFiN2YyZjE5YTViMzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkeFnygiDtE02F2iypbjzLn0yORq
aUPXTcl5+qbvP8cxI26WYvSproJL/FPX9Kp5K+Ym1h9IVMdcCpATE2RnrUlLPutS
dYJHMt+cUsSBLBsqGxaP1JGFDyU/1UN6PyLu1Z4D3Lz71E3LL/8zwtuglNyMgwhV
bkS6kTXg2yIoW7kvVtaSOOdxYk9rRXdxF3pSgvB5vGet0Km5/ltYgzvNj+weG9tx
tbqnOvek7lJdQSJcd0HtR9dCpngY9o3BG/ZEjUloUHwGSYbdPXuljmKdbelolXE4
tZnVJXajA8D0aMhY7blsq990buWvWiEt/85bwRnX+JfNOkzzQPz260iVxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJfJ566a8uNcEXcOJk8bfy8ZpbNVMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvbDhubnJwcnk0MXdSZHc0bVR4dF9MeG1sczFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHS2jS1EUC59FiA0CEoz
fWDX8z/litqfbmmb69KTnd/JEtoCw8Yn1yBaNHjVYXnOuAHH2ZIrh4QVqxiUFGcu
14hq2fyMS19sBvYdE0N88kGOi8EPtpeutJUU6+Vj0LMgPwuiEDIZ3Xnhdmd9IQXc
g7/tFqpFTQLZv0hxVS6ZhQn4UtB7a0ZkgyheplEm1dMtpSgZt1vW3sc/UdwwRVUU
tzb3TwPlc+sT1wvbn0qYZUSz21CPacQaokBqUcgAJNWriLQ2IYUKmQDM9Aqik0Zj
ZSb7KT/2CJ/L1tdh+Nd3v69koY80uQFQOMUcF3l7hsH54OfZES/aqiriT9S1v20h
vZA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:44 2025 by rpki-client