Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QJBLtG1hON3_iJSg5v641-AT5cU.roa
File: QJBLtG1hON3_iJSg5v641-AT5cU.roa (raw, json)
Hash identifier: Sr7GT3vuQ/V2+OxuszghyNzBkxdKF+Jt6JcEuO8Dlc8=
Subject key identifier: 40:90:4B:B4:6D:61:38:DD:FF:88:94:A0:E6:FE:B8:D7:E0:13:E5:C5
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D7AEAF745E397D3CCC975D6CDCCE2E43B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QJBLtG1hON3_iJSg5v641-AT5cU.roa
Signing time: Mon 05 Feb 2024 20:17:15 +0000
ROA not before: Mon 05 Feb 2024 20:17:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7a:ea:f7:45:e3:97:d3:cc:c9:75:d6:cd:cc:e2:e4:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 5 20:17:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40904bb46d6138ddff8894a0e6feb8d7e013e5c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a4:b0:62:fc:40:d6:ce:96:15:99:14:09:a3:
f8:7e:24:ce:78:80:b6:6b:c3:27:cf:49:b1:ac:0b:
32:de:7e:4c:4e:30:34:12:07:3f:31:e9:1d:17:f1:
78:87:44:4f:c1:08:ce:35:89:2a:1c:db:8c:e8:e0:
0d:06:4a:ea:df:6f:7d:51:a3:eb:4b:80:9b:82:5d:
23:6f:64:89:a6:02:25:92:3c:1b:73:ed:0b:00:60:
61:72:de:19:f7:ff:4f:6a:cb:e9:b2:04:d6:91:41:
a2:f3:3e:66:80:58:47:fc:36:58:54:df:ed:28:4a:
ac:8f:12:b3:39:7b:a0:02:25:ed:3b:5b:a2:ed:e8:
04:b6:4b:4b:ca:43:ef:ac:d0:74:b0:26:01:21:16:
0e:81:c5:38:bb:39:3d:9a:d7:70:c4:0d:2a:a0:47:
42:8c:6d:d5:6d:96:fe:44:d3:f6:09:5a:3a:f4:d0:
47:a3:78:d3:08:b2:6c:8a:19:53:14:46:df:e1:9c:
29:e4:35:6d:a3:b6:8f:1d:42:dc:9e:44:3d:95:74:
6f:27:59:a2:38:d9:f8:18:d8:3a:cf:e8:62:05:1b:
38:85:ec:3d:9a:d6:c7:65:2a:bd:37:fc:87:8a:1e:
05:7b:a8:79:41:4a:53:c6:65:f3:ee:b8:70:36:15:
2e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:90:4B:B4:6D:61:38:DD:FF:88:94:A0:E6:FE:B8:D7:E0:13:E5:C5
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QJBLtG1hON3_iJSg5v641-AT5cU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
10:5f:86:49:57:65:c3:fa:04:0a:da:fa:f3:e2:c3:20:f4:02:
95:36:5c:8f:20:d6:f8:81:b6:a3:59:90:84:bc:55:ab:f0:31:
e2:9e:05:28:1b:86:a8:8e:fa:5a:77:b1:32:f7:ac:b0:42:28:
5f:51:94:29:c7:ce:bd:9d:1c:14:9f:44:07:57:e6:71:5d:9a:
36:35:9f:0e:19:53:aa:4b:f8:5b:4e:ae:4c:d1:8c:5a:c3:db:
13:b0:b4:f8:59:25:53:67:aa:a4:f8:23:5b:47:a9:78:dd:2e:
f5:73:6f:81:17:11:80:d8:0a:40:6e:f4:35:e6:75:a9:ab:78:
a0:fe:7a:a2:20:92:ca:7f:8b:11:e0:a4:ef:26:17:9c:77:bf:
f5:f5:9e:b1:84:9b:83:91:83:c5:bf:10:04:62:25:8c:25:b5:
42:8f:a6:d9:98:a3:3a:97:fb:07:30:1b:43:c1:bd:31:f8:26:
6f:2d:e3:84:40:61:c0:58:70:7d:99:c4:c2:06:3d:0d:c4:7d:
64:59:1f:fd:eb:13:dc:a1:3f:ad:5b:6d:d9:a3:9e:20:71:71:
9f:91:71:f5:e9:0b:12:21:d7:7e:70:a8:7c:e1:57:94:71:11:
64:fa:10:f3:4d:1f:db:a0:a8:73:c5:46:94:07:65:99:9f:2d:
3d:82:dd:17
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY166vdF45fTzMl11s3M4uQ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA1MjAxNzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDkwNGJiNDZkNjEzOGRkZmY4ODk0YTBlNmZlYjhkN2UwMTNlNWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKSwYvxA1s6WFZkUCaP4fiTOeIC2
a8Mnz0mxrAsy3n5MTjA0Egc/MekdF/F4h0RPwQjONYkqHNuM6OANBkrq3299UaPr
S4Cbgl0jb2SJpgIlkjwbc+0LAGBhct4Z9/9PasvpsgTWkUGi8z5mgFhH/DZYVN/t
KEqsjxKzOXugAiXtO1ui7egEtktLykPvrNB0sCYBIRYOgcU4uzk9mtdwxA0qoEdC
jG3VbZb+RNP2CVo69NBHo3jTCLJsihlTFEbf4Zwp5DVto7aPHULcnkQ9lXRvJ1mi
ONn4GNg6z+hiBRs4hew9mtbHZSq9N/yHih4Fe6h5QUpTxmXz7rhwNhUutwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFECQS7RtYTjd/4iUoOb+uNfgE+XFMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUUpCTHRHMWhPTjNfaUpTZzV2NjQxLUFUNWNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABBfhklXZcP6BAra+vPi
wyD0ApU2XI8g1viBtqNZkIS8VavwMeKeBSgbhqiO+lp3sTL3rLBCKF9RlCnHzr2d
HBSfRAdX5nFdmjY1nw4ZU6pL+FtOrkzRjFrD2xOwtPhZJVNnqqT4I1tHqXjdLvVz
b4EXEYDYCkBu9DXmdamreKD+eqIgksp/ixHgpO8mF5x3v/X1nrGEm4ORg8W/EARi
JYwltUKPptmYozqX+wcwG0PBvTH4Jm8t44RAYcBYcH2ZxMIGPQ3EfWRZH/3rE9yh
P61bbdmjniBxcZ+RcfXpCxIh135wqHzhV5RxEWT6EPNNH9ugqHPFRpQHZZmfLT2C
3Rc=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:44:30 2025 by rpki-client