Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/vpqUiJ1BpeRBHr2k67NBmq8G6pw.roa
File: vpqUiJ1BpeRBHr2k67NBmq8G6pw.roa (raw, json)
Hash identifier: ZUIwA8EmGZDWXrvBNkm8JuAV5gG420E6QUAqWlNwhDs=
Subject key identifier: BE:9A:94:88:9D:41:A5:E4:41:1E:BD:A4:EB:B3:41:9A:AF:06:EA:9C
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EF4FB2EA92ACE8A7E205131B6ADD2DB3A
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/vpqUiJ1BpeRBHr2k67NBmq8G6pw.roa
Signing time: Fri 19 Apr 2024 06:11:25 +0000
ROA not before: Fri 19 Apr 2024 06:11:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:f1f3:8b1f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f4:fb:2e:a9:2a:ce:8a:7e:20:51:31:b6:ad:d2:db:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 19 06:11:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be9a94889d41a5e4411ebda4ebb3419aaf06ea9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:72:75:e1:5b:7d:e0:76:97:6d:6d:ec:45:02:
2a:85:64:23:60:c2:2a:34:38:26:ab:72:21:78:cd:
ec:a0:01:14:00:10:ae:03:a1:2f:f9:33:00:6b:f5:
91:65:af:cd:0d:e9:c5:65:d2:51:a6:b7:ac:f7:38:
61:d6:6a:45:eb:f3:7f:14:df:7b:7e:d6:67:6a:f3:
e2:ca:1f:e4:e6:48:77:12:a1:a2:3b:93:2e:b2:de:
02:8d:5a:af:88:31:10:23:e5:0c:ed:ed:a6:b2:6b:
db:37:cb:24:fd:03:b8:c6:e7:9e:b6:2d:62:d9:03:
51:60:8e:7f:0b:86:a4:de:93:3e:c6:b6:32:a9:7a:
0f:ad:21:eb:15:37:bd:76:ef:a8:7b:4b:1f:13:a5:
08:07:75:76:7b:ad:8c:3d:ee:99:0a:4f:d7:95:47:
a2:8e:a1:52:19:75:03:4d:80:a9:95:fd:15:ae:90:
62:25:86:24:39:05:bd:0b:38:ba:8b:40:32:ce:e3:
8b:a0:31:9d:31:27:15:55:80:04:ec:0a:f9:24:26:
c8:a5:80:dc:99:67:be:e9:0d:90:74:5f:72:1f:10:
9e:e2:08:e7:79:20:5d:09:56:fb:98:09:d4:45:1f:
fe:06:f2:0f:dd:94:1b:1b:8a:f1:36:2f:c0:55:db:
82:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:9A:94:88:9D:41:A5:E4:41:1E:BD:A4:EB:B3:41:9A:AF:06:EA:9C
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/vpqUiJ1BpeRBHr2k67NBmq8G6pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:f5:63:00:80:42:e4:6e:f1:39:d6:ff:46:e4:6c:fd:f3:21:
93:98:31:71:0b:3b:4f:70:4a:3a:32:a9:c1:8d:52:aa:c4:8d:
6f:e1:69:13:d1:b1:6b:7f:99:ba:ae:04:3f:49:fe:b2:de:c3:
42:aa:5c:31:85:0a:3f:65:08:1c:ae:b1:79:80:67:a9:61:57:
d4:aa:8f:e1:02:9c:7f:7f:18:57:c3:87:50:85:99:8c:c6:55:
c3:52:e2:cc:ee:67:99:6c:f5:97:ed:be:3a:0c:3b:3c:48:a4:
ab:d1:51:b3:ec:78:3d:e3:52:4c:3c:0d:7b:b8:26:dc:70:37:
92:af:d2:a0:63:52:ff:34:8a:ee:c9:2d:21:f0:31:a6:d5:63:
fd:26:48:15:76:da:2d:c3:b2:a7:d2:92:aa:17:f3:93:d3:cb:
dc:d5:0a:26:b9:e9:f2:25:24:13:37:43:c4:14:1e:d1:63:cf:
ed:d5:6c:57:c9:a0:53:5d:7a:ba:16:ec:e7:74:18:5d:c0:aa:
9b:f7:47:94:ee:c4:63:a8:72:12:dd:55:7e:f7:2d:29:dc:37:
58:b0:2c:02:c9:f0:0a:39:e8:bf:d3:98:8f:a2:55:91:37:65:
82:b3:88:36:43:30:1b:12:6d:3c:45:fd:9b:f5:c3:8b:23:a0:
b8:6e:a3:49
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY70+y6pKs6KfiBRMbat0ts6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE5MDYxMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTlhOTQ4ODlkNDFhNWU0NDExZWJkYTRlYmIzNDE5YWFmMDZlYTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8HJ14Vt94HaXbW3sRQIqhWQjYMIq
NDgmq3IheM3soAEUABCuA6Ev+TMAa/WRZa/NDenFZdJRpres9zhh1mpF6/N/FN97
ftZnavPiyh/k5kh3EqGiO5Must4CjVqviDEQI+UM7e2msmvbN8sk/QO4xueeti1i
2QNRYI5/C4ak3pM+xrYyqXoPrSHrFTe9du+oe0sfE6UIB3V2e62MPe6ZCk/XlUei
jqFSGXUDTYCplf0VrpBiJYYkOQW9Czi6i0AyzuOLoDGdMScVVYAE7Ar5JCbIpYDc
mWe+6Q2QdF9yHxCe4gjneSBdCVb7mAnURR/+BvIP3ZQbG4rxNi/AVduCmQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL6alIidQaXkQR69pOuzQZqvBuqcMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvdnBxVWlKMUJwZVJCSHIyazY3TkJtcThHNnB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA71YwCAQuRu8TnW/0bk
bP3zIZOYMXELO09wSjoyqcGNUqrEjW/haRPRsWt/mbquBD9J/rLew0KqXDGFCj9l
CByusXmAZ6lhV9Sqj+ECnH9/GFfDh1CFmYzGVcNS4szuZ5ls9ZftvjoMOzxIpKvR
UbPseD3jUkw8DXu4JtxwN5Kv0qBjUv80iu7JLSHwMabVY/0mSBV22i3DsqfSkqoX
85PTy9zVCia56fIlJBM3Q8QUHtFjz+3VbFfJoFNderoW7Od0GF3Aqpv3R5TuxGOo
chLdVX73LSncN1iwLALJ8Ao56L/TmI+iVZE3ZYKziDZDMBsSbTxF/Zv1w4sjoLhu
o0k=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:55 2025 by rpki-client