Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/sydIRwe6VUDOaQc5q1jqq8DgeBg.roa
File: sydIRwe6VUDOaQc5q1jqq8DgeBg.roa (raw, json)
Hash identifier: pdn3opAQpM6K5H7U6RgzJYBV26JaQmKYQvIgLKB7Ils=
Subject key identifier: B3:27:48:47:07:BA:55:40:CE:69:07:39:AB:58:EA:AB:C0:E0:78:18
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EF3B0AD5FE83250B6A8730C377049951A
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/sydIRwe6VUDOaQc5q1jqq8DgeBg.roa
Signing time: Fri 19 Apr 2024 00:10:25 +0000
ROA not before: Fri 19 Apr 2024 00:10:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:f1f3:8b1f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f3:b0:ad:5f:e8:32:50:b6:a8:73:0c:37:70:49:95:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 19 00:10:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b327484707ba5540ce690739ab58eaabc0e07818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:cb:df:cb:6e:e2:75:0d:b1:bc:2b:b9:c2:99:
8a:de:b1:30:b7:37:fd:da:45:87:ac:ca:6d:a6:31:
28:c6:2c:5c:33:19:28:b5:e0:8c:f8:a8:55:10:17:
47:30:8f:4b:c0:7c:54:ac:77:d4:85:ae:17:3e:00:
f1:df:43:cc:ff:ad:d4:c1:6d:00:32:b5:b1:fe:e6:
97:ae:fd:ce:4b:f9:93:1b:c3:f9:06:ad:2c:31:47:
92:7b:bc:70:80:af:ae:2a:b4:25:02:16:50:fd:3f:
c3:70:b2:f7:e0:df:6d:df:69:30:19:9c:a0:a8:06:
f4:93:db:5c:36:8c:de:e9:26:fd:19:6c:ac:9c:16:
09:4d:91:73:a3:98:fb:ad:ea:56:75:34:ec:2c:98:
96:ea:20:62:bb:40:76:93:02:ee:6c:7f:19:2d:3a:
4b:7d:6e:69:50:d9:26:fd:e0:f1:2d:5d:11:4a:7a:
63:ad:b0:3d:4b:da:2b:db:38:46:71:c3:ab:91:7c:
d7:84:5d:8b:57:1c:0c:1b:58:9e:cf:ea:50:03:d5:
2c:b3:b6:f9:f5:65:07:c0:a3:40:4e:56:67:a0:cc:
05:78:30:16:3c:df:71:5e:48:e4:36:29:e5:1e:3b:
9b:f4:bf:e8:c7:7c:34:b8:54:d1:57:16:c6:f6:71:
8f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:27:48:47:07:BA:55:40:CE:69:07:39:AB:58:EA:AB:C0:E0:78:18
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/sydIRwe6VUDOaQc5q1jqq8DgeBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
07:27:57:7f:21:6b:7b:8f:a0:6e:7c:56:8a:54:b6:6b:21:6c:
91:09:1e:35:cf:e5:c0:3e:36:54:b7:d3:1c:bf:dd:d1:f4:41:
63:e4:07:c2:b2:8f:1e:85:a1:af:d1:c9:ec:e4:a0:5d:c3:55:
d5:ea:61:74:5b:66:b1:90:84:94:33:3d:ce:12:c5:67:68:bb:
0f:69:61:8b:8e:fc:87:48:96:23:98:8d:91:77:01:7e:b5:55:
b9:9e:11:17:0f:8f:af:84:d1:96:50:e9:27:10:fe:bf:04:65:
ff:1e:68:ba:d6:36:cd:4d:32:d1:0d:fe:b2:44:fb:92:fc:de:
96:7b:86:e9:5d:1b:1f:f7:3f:41:7c:38:35:c9:8d:f6:66:29:
e0:26:99:3b:08:6b:32:63:76:8a:e4:fe:1e:25:20:07:ad:81:
2a:19:43:7a:02:71:d7:ce:fe:88:b7:53:07:7f:4a:1e:19:91:
ef:2b:58:09:90:40:7c:44:8e:3f:23:97:97:5f:af:e2:79:14:
d4:80:70:37:b7:14:7b:09:5d:ae:81:29:9e:f5:ab:ad:6d:71:
c1:1e:33:e6:b7:8d:27:df:a6:d4:57:fa:62:42:0b:36:3f:3f:
a7:69:cf:18:2a:9a:50:e5:ad:0e:15:df:e4:a0:19:6b:e0:7f:
0e:ad:2f:b1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7zsK1f6DJQtqhzDDdwSZUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE5MDAxMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzI3NDg0NzA3YmE1NTQwY2U2OTA3MzlhYjU4ZWFhYmMwZTA3ODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsvfy27idQ2xvCu5wpmK3rEwtzf9
2kWHrMptpjEoxixcMxkoteCM+KhVEBdHMI9LwHxUrHfUha4XPgDx30PM/63UwW0A
MrWx/uaXrv3OS/mTG8P5Bq0sMUeSe7xwgK+uKrQlAhZQ/T/DcLL34N9t32kwGZyg
qAb0k9tcNoze6Sb9GWysnBYJTZFzo5j7repWdTTsLJiW6iBiu0B2kwLubH8ZLTpL
fW5pUNkm/eDxLV0RSnpjrbA9S9or2zhGccOrkXzXhF2LVxwMG1iez+pQA9Uss7b5
9WUHwKNATlZnoMwFeDAWPN9xXkjkNinlHjub9L/ox3w0uFTRVxbG9nGPbwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLMnSEcHulVAzmkHOatY6qvA4HgYMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvc3lkSVJ3ZTZWVURPYVFjNXExanFxOERnZUJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAcnV38ha3uPoG58VopU
tmshbJEJHjXP5cA+NlS30xy/3dH0QWPkB8Kyjx6Foa/RyezkoF3DVdXqYXRbZrGQ
hJQzPc4SxWdouw9pYYuO/IdIliOYjZF3AX61VbmeERcPj6+E0ZZQ6ScQ/r8EZf8e
aLrWNs1NMtEN/rJE+5L83pZ7huldGx/3P0F8ODXJjfZmKeAmmTsIazJjdork/h4l
IAetgSoZQ3oCcdfO/oi3Uwd/Sh4Zke8rWAmQQHxEjj8jl5dfr+J5FNSAcDe3FHsJ
Xa6BKZ71q61tccEeM+a3jSffptRX+mJCCzY/P6dpzxgqmlDlrQ4V3+SgGWvgfw6t
L7E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:00 2024 by rpki-client on console-ams.rpki-client.org