Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QE11FVnm4EfJKtimQ3yGqav7pTs.roa
File: QE11FVnm4EfJKtimQ3yGqav7pTs.roa (raw, json)
Hash identifier: NeX4HhTFQ9E+2s4AwkF9hAa09fsyV4QjRxHdulHkWTo=
Subject key identifier: 40:4D:75:15:59:E6:E0:47:C9:2A:D8:A6:43:7C:86:A9:AB:FB:A5:3B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DEE5907B634A45F6771B6E2B9926399B0
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QE11FVnm4EfJKtimQ3yGqav7pTs.roa
Signing time: Wed 28 Feb 2024 06:13:48 +0000
ROA not before: Wed 28 Feb 2024 06:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ee:59:07:b6:34:a4:5f:67:71:b6:e2:b9:92:63:99:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 28 06:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=404d751559e6e047c92ad8a6437c86a9abfba53b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c4:4f:8a:8e:69:98:59:99:0c:23:c9:c6:28:
bf:80:e3:59:bc:4d:fd:a0:7e:20:f8:20:e1:e7:44:
78:7d:0e:02:c9:1a:a3:17:1f:65:e1:b8:4e:ce:e2:
d6:e9:39:3a:e9:a2:6b:f1:54:8e:e7:95:b9:6c:b6:
27:40:90:33:19:10:9d:da:98:e5:10:64:5d:79:04:
61:4f:0b:9e:7d:64:36:eb:0b:13:5c:fc:d5:b8:e2:
81:7b:74:f8:97:4a:70:a7:ac:f2:f0:6d:e0:11:10:
51:09:ff:68:85:12:16:b5:42:8c:37:2f:ed:80:25:
c3:ba:e0:ba:fc:9c:70:74:f4:c5:a3:49:30:1f:4e:
aa:25:b8:b5:de:92:f3:bf:1b:65:35:c1:29:5e:f7:
d5:a6:2f:18:88:b8:95:cd:3f:19:4d:5a:f8:7d:5e:
05:8b:e0:30:80:e3:1c:23:ec:32:2e:72:0d:da:61:
51:ac:21:37:17:3e:e4:4f:82:ed:62:17:64:31:78:
27:92:6c:66:a8:80:c0:6f:d6:97:0b:a3:0f:40:0b:
85:0e:62:64:de:aa:52:97:49:f1:0f:d7:39:fe:d0:
a0:a1:ef:06:c3:5b:33:83:aa:a5:de:df:86:30:81:
62:f1:85:26:1c:54:bf:9e:e3:4d:3f:33:aa:20:23:
6a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:4D:75:15:59:E6:E0:47:C9:2A:D8:A6:43:7C:86:A9:AB:FB:A5:3B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QE11FVnm4EfJKtimQ3yGqav7pTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:df:a0:f7:bf:a9:ab:d3:c9:5f:70:51:28:a4:62:d0:cd:a1:
e7:94:00:1c:a2:19:59:62:55:c6:14:a7:9f:fd:da:10:a4:5c:
61:a1:b7:8e:3b:f8:b1:86:e1:b8:1c:0d:6c:f1:ef:5d:cc:c6:
65:6f:33:e4:18:64:62:10:06:bf:09:9b:e6:fc:76:63:b3:ab:
97:07:c8:68:65:d3:10:85:de:cb:58:77:7d:80:c6:0f:61:3d:
23:f3:10:dc:39:19:d0:a9:e8:8c:bf:21:a5:e5:c6:ec:6d:a9:
01:f3:cb:a3:a6:9d:8c:16:83:7d:a2:8b:97:27:07:38:17:7d:
46:0c:c2:ed:30:79:7b:69:f0:4e:4a:a6:59:8d:75:1a:f1:3a:
86:61:a4:7d:c5:78:65:71:b0:0f:c3:4c:c1:dd:ec:ce:e1:88:
51:be:37:bc:74:5d:73:d4:58:d0:20:09:a6:22:fd:26:1b:df:
19:f5:e2:03:0a:d7:5b:91:58:7f:41:6b:3f:7d:57:fc:93:76:
57:56:3a:fe:b9:54:3f:cb:e5:4f:1d:dd:e9:d6:49:db:a5:49:
14:6c:f7:46:9f:c2:55:39:a7:6b:57:c4:22:8a:f2:44:78:dd:
43:a3:2e:f6:43:35:02:cc:27:24:99:44:9b:8e:24:18:7e:ca:
90:85:e7:d3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3uWQe2NKRfZ3G24rmSY5mwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI4MDYxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDRkNzUxNTU5ZTZlMDQ3YzkyYWQ4YTY0MzdjODZhOWFiZmJhNTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksRPio5pmFmZDCPJxii/gONZvE39
oH4g+CDh50R4fQ4CyRqjFx9l4bhOzuLW6Tk66aJr8VSO55W5bLYnQJAzGRCd2pjl
EGRdeQRhTwuefWQ26wsTXPzVuOKBe3T4l0pwp6zy8G3gERBRCf9ohRIWtUKMNy/t
gCXDuuC6/JxwdPTFo0kwH06qJbi13pLzvxtlNcEpXvfVpi8YiLiVzT8ZTVr4fV4F
i+AwgOMcI+wyLnIN2mFRrCE3Fz7kT4LtYhdkMXgnkmxmqIDAb9aXC6MPQAuFDmJk
3qpSl0nxD9c5/tCgoe8Gw1szg6ql3t+GMIFi8YUmHFS/nuNNPzOqICNqlwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEBNdRVZ5uBHySrYpkN8hqmr+6U7MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUUUxMUZWbm00RWZKS3RpbVEzeUdxYXY3cFRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADvfoPe/qavTyV9wUSik
YtDNoeeUAByiGVliVcYUp5/92hCkXGGht447+LGG4bgcDWzx713MxmVvM+QYZGIQ
Br8Jm+b8dmOzq5cHyGhl0xCF3stYd32Axg9hPSPzENw5GdCp6Iy/IaXlxuxtqQHz
y6OmnYwWg32ii5cnBzgXfUYMwu0weXtp8E5KplmNdRrxOoZhpH3FeGVxsA/DTMHd
7M7hiFG+N7x0XXPUWNAgCaYi/SYb3xn14gMK11uRWH9Baz99V/yTdldWOv65VD/L
5U8d3enWSdulSRRs90afwlU5p2tXxCKK8kR43UOjLvZDNQLMJySZRJuOJBh+ypCF
59M=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:23:27 2025 by rpki-client