Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QtkmXdt79RUE4jSsB6Mni2lf3lY.roa
File: QtkmXdt79RUE4jSsB6Mni2lf3lY.roa (raw, json)
Hash identifier: l98mvwUt0JnxdwSmt+O/WleV9kDkSMajhcCXrU/qq2U=
Subject key identifier: 42:D9:26:5D:DB:7B:F5:15:04:E2:34:AC:07:A3:27:8B:69:5F:DE:56
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C93218B16133EBB8132E33321B16D3C8A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QtkmXdt79RUE4jSsB6Mni2lf3lY.roa
Signing time: Fri 22 Dec 2023 20:04:58 +0000
ROA not before: Fri 22 Dec 2023 20:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:9320:df12/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:93:21:8b:16:13:3e:bb:81:32:e3:33:21:b1:6d:3c:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 22 20:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42d9265ddb7bf51504e234ac07a3278b695fde56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9d:61:be:e1:98:62:51:84:eb:bc:7e:2b:80:
07:4d:98:ef:78:63:94:1f:06:92:20:98:58:c9:f3:
9a:0a:4a:bd:be:ce:30:30:f2:45:d1:0a:a8:44:4f:
d5:03:de:f4:d3:35:44:5d:97:f9:01:86:e0:68:7d:
6f:fb:6c:fc:6e:1c:8d:fc:06:2d:be:e8:4e:ae:37:
3b:1c:2e:e6:a4:cb:a1:2d:59:db:f7:b6:13:29:03:
41:04:5e:c7:8e:d5:19:79:5e:e2:8a:70:97:7a:9e:
a1:e4:24:98:0a:d9:b8:be:7d:b2:ec:cb:25:95:1f:
fd:05:e7:dc:4e:9f:7e:ce:43:99:ca:7e:14:ca:3e:
75:94:57:3f:85:4a:93:d5:a5:22:07:76:57:ba:12:
4e:b4:cc:41:dc:0b:86:a3:f1:b0:b1:cb:f4:3a:fe:
98:74:f8:02:ce:b7:15:68:48:d1:64:2c:be:73:6d:
1f:21:a1:31:cc:80:c3:6f:6c:c3:9d:e2:b4:fc:35:
2a:44:2e:d6:4b:f4:e7:04:8a:e0:20:35:e2:09:0e:
74:bb:b5:d5:ab:f7:dd:10:dd:a0:dd:f7:f3:99:8d:
84:b5:48:61:73:bd:ea:12:17:40:82:66:ea:df:31:
2d:6b:e0:08:50:75:d9:e4:7a:43:13:25:9c:6b:52:
ad:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:D9:26:5D:DB:7B:F5:15:04:E2:34:AC:07:A3:27:8B:69:5F:DE:56
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QtkmXdt79RUE4jSsB6Mni2lf3lY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
35:73:7c:bb:4f:74:b2:2b:77:9b:70:33:47:95:4e:de:fd:d8:
ce:17:0c:48:33:87:c5:3d:25:27:a9:b3:88:80:ab:7f:86:29:
49:ef:be:1a:a9:78:89:54:8d:e6:ca:52:50:58:0b:cb:3b:46:
d2:eb:2c:11:95:d6:64:10:b1:17:61:19:19:0b:dd:aa:42:9a:
d6:a9:d8:2a:53:53:48:d8:7a:51:4a:0e:c7:b4:42:9b:62:8b:
da:fc:7d:a0:55:d9:7c:2b:7d:06:e1:3e:91:20:94:3c:3f:4c:
d8:89:14:de:64:40:ce:ab:62:4a:e5:5e:b4:cd:dc:5a:9c:8e:
5f:8a:d2:df:3a:34:54:49:ed:b8:6e:ce:d9:94:38:bd:8f:06:
53:db:b6:9c:04:09:98:43:c7:52:05:9a:5f:15:bd:a1:48:f9:
d5:f8:b9:af:5e:ef:03:9c:26:63:bd:e2:89:57:2b:7b:1c:b1:
06:79:19:1b:1f:37:09:fb:33:1c:89:ef:19:6d:6f:6d:91:43:
3a:c7:c9:c9:5c:c3:20:67:c8:45:d9:9f:68:b8:d2:67:cd:58:
3c:b5:ad:40:54:ae:60:5a:89:ef:f7:ee:2d:2c:f2:5f:a5:0b:
a4:67:5e:e5:60:45:0b:07:6b:96:db:5b:f7:e1:a8:df:fe:b5:
a4:09:45:07
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyTIYsWEz67gTLjMyGxbTyKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIyMjAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmQ5MjY1ZGRiN2JmNTE1MDRlMjM0YWMwN2EzMjc4YjY5NWZkZTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZ1hvuGYYlGE67x+K4AHTZjveGOU
HwaSIJhYyfOaCkq9vs4wMPJF0QqoRE/VA9700zVEXZf5AYbgaH1v+2z8bhyN/AYt
vuhOrjc7HC7mpMuhLVnb97YTKQNBBF7HjtUZeV7iinCXep6h5CSYCtm4vn2y7Msl
lR/9BefcTp9+zkOZyn4Uyj51lFc/hUqT1aUiB3ZXuhJOtMxB3AuGo/Gwscv0Ov6Y
dPgCzrcVaEjRZCy+c20fIaExzIDDb2zDneK0/DUqRC7WS/TnBIrgIDXiCQ50u7XV
q/fdEN2g3ffzmY2EtUhhc73qEhdAgmbq3zEta+AIUHXZ5HpDEyWca1KtXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFELZJl3be/UVBOI0rAejJ4tpX95WMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUXRrbVhkdDc5UlVFNGpTc0I2TW5pMmxmM2xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADVzfLtPdLIrd5twM0eV
Tt792M4XDEgzh8U9JSeps4iAq3+GKUnvvhqpeIlUjebKUlBYC8s7RtLrLBGV1mQQ
sRdhGRkL3apCmtap2CpTU0jYelFKDse0Qptii9r8faBV2XwrfQbhPpEglDw/TNiJ
FN5kQM6rYkrlXrTN3Fqcjl+K0t86NFRJ7bhuztmUOL2PBlPbtpwECZhDx1IFml8V
vaFI+dX4ua9e7wOcJmO94olXK3scsQZ5GRsfNwn7MxyJ7xltb22RQzrHyclcwyBn
yEXZn2i40mfNWDy1rUBUrmBaie/37i0s8l+lC6RnXuVgRQsHa5bbW/fhqN/+taQJ
RQc=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:06:38 2025 by rpki-client