Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QZaXkqwHhBH6dGTSSVbyqY60c04.roa
File: QZaXkqwHhBH6dGTSSVbyqY60c04.roa (raw, json)
Hash identifier: d20a4WRkSL9G+IgUIfOhEj4BQZAmA57beT/zAatSI9A=
Subject key identifier: 41:96:97:92:AC:07:84:11:FA:74:64:D2:49:56:F2:A9:8E:B4:73:4E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EB83B8C7756F1EBBFD489D41A013117C9
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QZaXkqwHhBH6dGTSSVbyqY60c04.roa
Signing time: Sun 07 Apr 2024 11:04:54 +0000
ROA not before: Sun 07 Apr 2024 11:04:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:b83a:e1cd/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b8:3b:8c:77:56:f1:eb:bf:d4:89:d4:1a:01:31:17:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 7 11:04:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=41969792ac078411fa7464d24956f2a98eb4734e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b1:ca:8b:d0:9d:a2:06:64:7c:10:c3:14:d4:
32:de:c9:f4:62:2d:4d:19:f1:69:07:3e:7e:11:58:
07:92:98:3b:9d:3e:f3:67:f3:31:6c:b0:f1:d4:29:
bc:86:1e:d1:34:e0:0a:03:64:c2:1e:b2:47:d6:40:
81:93:2e:c4:56:53:d8:19:a1:de:ba:df:5e:be:8a:
b4:2d:d8:19:53:03:f4:14:10:a8:b8:42:cd:b3:7e:
34:07:24:ba:4b:e0:8e:ec:b2:91:40:bd:fa:ec:6d:
03:01:f0:74:32:64:89:5b:d7:27:00:65:ed:c9:fd:
19:ec:bd:52:ae:9f:7a:86:84:f0:ab:9d:a8:dc:55:
e4:42:9a:0f:69:a0:53:f2:99:7d:6e:a8:da:f4:01:
5a:68:c6:7d:9e:91:73:1b:79:b8:d2:a7:1d:69:5b:
bf:fc:f3:ce:db:6c:87:bf:40:9f:fe:3e:a7:58:23:
c4:74:15:db:a7:44:65:91:7e:91:51:d0:2d:1e:f8:
9f:17:ab:6b:d8:a8:a6:88:45:a8:9f:9a:73:c4:1a:
f5:68:6b:7a:f7:bf:b8:45:95:24:b2:5f:44:5d:b3:
7f:49:7f:41:00:b7:38:cd:04:89:e3:80:0f:eb:58:
4e:ec:1a:4b:ef:9d:57:7f:91:c6:6d:c5:c4:33:ea:
84:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:96:97:92:AC:07:84:11:FA:74:64:D2:49:56:F2:A9:8E:B4:73:4E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QZaXkqwHhBH6dGTSSVbyqY60c04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
68:68:fc:6d:a4:b7:b5:51:bc:b7:78:d4:2c:4c:57:53:8a:03:
ba:f9:46:15:ee:07:d7:c5:e8:9d:28:75:9c:4d:f8:3c:d3:8b:
f4:0d:38:ba:9d:28:05:1e:d8:77:57:23:5e:b7:6f:1b:b9:4d:
3f:ae:29:d8:d8:74:15:f2:1e:32:12:28:fa:cc:7c:97:72:b3:
e2:9e:55:36:c0:af:67:45:4d:02:1b:a2:4c:fb:99:68:e7:bd:
66:80:5c:f8:63:7a:dd:5f:0f:4c:7f:6b:f3:83:f6:f3:14:56:
27:bb:2e:3f:5e:cb:03:d0:48:02:50:46:29:00:58:38:9b:6e:
af:c7:f4:57:f5:6b:fe:5d:54:0d:8e:a5:61:68:d2:4b:45:79:
a9:e7:7e:c2:7d:91:11:9d:eb:a1:c6:96:9d:b7:35:c3:42:73:
ed:fc:23:95:be:11:8c:4d:30:5d:b4:7c:3e:b9:06:38:2e:56:
54:ec:fc:bd:84:ae:28:8f:73:bd:d5:ae:8b:1b:1c:64:73:da:
73:3d:8e:f7:dc:99:e0:c4:2b:a1:3f:f4:61:8f:a8:44:bd:7d:
c0:aa:f0:34:df:b7:7b:3e:d9:64:72:b7:eb:78:e8:1e:8d:f4:
c3:73:59:82:3c:09:cb:2c:76:b0:ce:b9:c1:00:c8:36:09:83:
35:be:1d:8a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY64O4x3VvHrv9SJ1BoBMRfJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA3MTEwNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTk2OTc5MmFjMDc4NDExZmE3NDY0ZDI0OTU2ZjJhOThlYjQ3MzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprHKi9CdogZkfBDDFNQy3sn0Yi1N
GfFpBz5+EVgHkpg7nT7zZ/MxbLDx1Cm8hh7RNOAKA2TCHrJH1kCBky7EVlPYGaHe
ut9evoq0LdgZUwP0FBCouELNs340ByS6S+CO7LKRQL367G0DAfB0MmSJW9cnAGXt
yf0Z7L1Srp96hoTwq52o3FXkQpoPaaBT8pl9bqja9AFaaMZ9npFzG3m40qcdaVu/
/PPO22yHv0Cf/j6nWCPEdBXbp0RlkX6RUdAtHvifF6tr2KimiEWon5pzxBr1aGt6
97+4RZUksl9EXbN/SX9BALc4zQSJ44AP61hO7BpL751Xf5HGbcXEM+qEwwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEGWl5KsB4QR+nRk0klW8qmOtHNOMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUVphWGtxd0hoQkg2ZEdUU1NWYnlxWTYwYzA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGho/G2kt7VRvLd41CxM
V1OKA7r5RhXuB9fF6J0odZxN+DzTi/QNOLqdKAUe2HdXI163bxu5TT+uKdjYdBXy
HjISKPrMfJdys+KeVTbAr2dFTQIbokz7mWjnvWaAXPhjet1fD0x/a/OD9vMUVie7
Lj9eywPQSAJQRikAWDibbq/H9Ff1a/5dVA2OpWFo0ktFeannfsJ9kRGd66HGlp23
NcNCc+38I5W+EYxNMF20fD65BjguVlTs/L2EriiPc73VrosbHGRz2nM9jvfcmeDE
K6E/9GGPqES9fcCq8DTft3s+2WRyt+t46B6N9MNzWYI8CcssdrDOucEAyDYJgzW+
HYo=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:53:03 2025 by rpki-client