Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Q3CE9_VOeq5wCx-HFJX5UxfMhrI.roa
File: Q3CE9_VOeq5wCx-HFJX5UxfMhrI.roa (raw, json)
Hash identifier: KkejZhiRP9OXWqJiK7SkUPzABKw/dDispmlwpGQa1T0=
Subject key identifier: 43:70:84:F7:F5:4E:7A:AE:70:0B:1F:87:14:95:F9:53:17:CC:86:B2
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F80A62F1FB31C053B4C9DC83FC93B05E9
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Q3CE9_VOeq5wCx-HFJX5UxfMhrI.roa
Signing time: Thu 16 May 2024 09:05:25 +0000
ROA not before: Thu 16 May 2024 09:05:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:80a5:6f3d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:80:a6:2f:1f:b3:1c:05:3b:4c:9d:c8:3f:c9:3b:05:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 16 09:05:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=437084f7f54e7aae700b1f871495f95317cc86b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:35:31:d3:8b:71:c2:0a:b6:f4:f5:bb:15:32:
02:d4:a6:e1:e4:37:84:7d:9d:d0:9c:e0:5a:2e:e0:
f0:57:bf:6b:72:25:01:95:41:ae:31:4b:00:15:c7:
0a:be:68:9f:d8:38:14:f6:6a:ab:a1:57:56:ef:81:
3d:c8:83:34:1b:ba:c4:51:e3:c4:24:d1:79:9e:bb:
01:be:0b:fc:57:c0:8b:4e:6c:cd:06:ae:57:c2:10:
62:1f:f3:21:f8:66:d6:bc:f7:88:1b:0a:b1:db:ee:
65:d9:22:a2:04:5b:ff:79:84:22:37:2e:c4:a8:48:
4d:1b:c1:65:0f:ea:dd:25:6c:b4:ab:5a:66:74:74:
e9:a5:e2:11:d8:f4:d6:7b:18:73:42:db:aa:e4:20:
a4:0c:02:89:21:e3:dc:86:f8:ed:90:32:5a:d7:7c:
cd:2f:9e:ca:f9:0f:d3:22:7e:59:a3:78:4b:f0:b4:
98:77:17:a3:3b:55:8d:3e:08:08:cd:76:92:37:93:
6f:be:6f:ce:2a:1a:d1:fc:e2:aa:0f:c2:b8:2c:30:
d1:ea:bb:7c:d2:12:2e:22:af:ed:c9:94:43:c8:b2:
ad:2c:5c:6b:ae:fb:a9:11:91:05:2a:ba:38:f4:70:
2e:3c:ae:91:4c:06:92:02:e1:9f:c9:db:5d:02:63:
0c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:70:84:F7:F5:4E:7A:AE:70:0B:1F:87:14:95:F9:53:17:CC:86:B2
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/Q3CE9_VOeq5wCx-HFJX5UxfMhrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9f:4b:08:4a:98:a0:48:c9:a7:f5:ac:07:d2:80:2e:e9:4e:6e:
78:b7:f5:c4:bf:43:fc:a3:3d:f4:24:6c:01:b3:2a:09:8b:5a:
86:28:35:65:43:cc:38:0a:a9:a8:59:b7:98:f1:56:8e:2d:22:
da:09:8c:79:45:42:81:87:7d:3f:52:b7:73:3f:69:fc:bf:4e:
2f:c5:2d:28:df:95:5a:65:75:57:57:61:89:c1:1f:67:26:5c:
07:7e:4b:78:82:1d:0e:e4:66:1c:e2:3c:ae:c7:9b:89:8e:fd:
42:71:e2:f7:7b:32:0e:f4:2b:29:d4:e2:e3:ce:30:f7:88:b4:
8a:23:30:4d:b4:48:ea:6a:ad:b5:9f:50:e4:36:28:6e:cd:88:
05:ee:1c:15:23:1e:3b:47:10:0f:26:f4:c0:e0:4d:42:78:cc:
4b:6d:c2:1f:b1:a7:d1:4b:2c:0b:5a:3f:a5:b3:82:e0:de:0f:
f2:fd:2f:86:e3:ec:48:64:2e:a6:b9:50:70:b5:fc:8b:56:02:
53:be:3a:76:17:f4:c6:f6:85:1f:e7:74:1a:e3:f8:20:6c:ca:
0e:75:6b:54:ab:ec:53:70:e9:d4:47:9d:29:85:c6:25:bd:48:
ab:af:91:66:65:5f:da:d6:08:df:d0:8b:83:c8:fe:c4:58:57:
28:d1:0e:f1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+Api8fsxwFO0ydyD/JOwXpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE2MDkwNTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzcwODRmN2Y1NGU3YWFlNzAwYjFmODcxNDk1Zjk1MzE3Y2M4NmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzUx04txwgq29PW7FTIC1Kbh5DeE
fZ3QnOBaLuDwV79rciUBlUGuMUsAFccKvmif2DgU9mqroVdW74E9yIM0G7rEUePE
JNF5nrsBvgv8V8CLTmzNBq5XwhBiH/Mh+GbWvPeIGwqx2+5l2SKiBFv/eYQiNy7E
qEhNG8FlD+rdJWy0q1pmdHTppeIR2PTWexhzQtuq5CCkDAKJIePchvjtkDJa13zN
L57K+Q/TIn5Zo3hL8LSYdxejO1WNPggIzXaSN5Nvvm/OKhrR/OKqD8K4LDDR6rt8
0hIuIq/tyZRDyLKtLFxrrvupEZEFKro49HAuPK6RTAaSAuGfydtdAmMMuQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFENwhPf1TnqucAsfhxSV+VMXzIayMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvUTNDRTlfVk9lcTV3Q3gtSEZKWDVVeGZNaHJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ9LCEqYoEjJp/WsB9KA
LulObni39cS/Q/yjPfQkbAGzKgmLWoYoNWVDzDgKqahZt5jxVo4tItoJjHlFQoGH
fT9St3M/afy/Ti/FLSjflVpldVdXYYnBH2cmXAd+S3iCHQ7kZhziPK7Hm4mO/UJx
4vd7Mg70KynU4uPOMPeItIojME20SOpqrbWfUOQ2KG7NiAXuHBUjHjtHEA8m9MDg
TUJ4zEttwh+xp9FLLAtaP6WzguDeD/L9L4bj7EhkLqa5UHC1/ItWAlO+OnYX9Mb2
hR/ndBrj+CBsyg51a1Sr7FNw6dRHnSmFxiW9SKuvkWZlX9rWCN/Qi4PI/sRYVyjR
DvE=
-----END CERTIFICATE-----
Generated at Tue Apr 29 21:21:13 2025 by rpki-client