Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qGD2v97WD5HcHjDoDhcO1XtviPw.roa
File: qGD2v97WD5HcHjDoDhcO1XtviPw.roa (raw, json)
Hash identifier: hW4IwCBiHzJvAF+A34865m/oz3KXKNfCa2PqD7iGi/U=
Subject key identifier: A8:60:F6:BF:DE:D6:0F:91:DC:1E:30:E8:0E:17:0E:D5:7B:6F:88:FC
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DFCB79E5E0BB466F386266BBF043D1ED7
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qGD2v97WD5HcHjDoDhcO1XtviPw.roa
Signing time: Sat 02 Mar 2024 01:11:48 +0000
ROA not before: Sat 02 Mar 2024 01:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fc:b7:9e:5e:0b:b4:66:f3:86:26:6b:bf:04:3d:1e:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 2 01:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a860f6bfded60f91dc1e30e80e170ed57b6f88fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:86:a7:89:4e:be:c5:a0:1b:c1:0d:e3:f1:8c:
8f:8c:d1:2e:9b:05:1e:68:49:63:d3:e6:ce:f9:82:
d0:9b:29:22:e6:84:ee:67:8a:62:c1:a5:30:b6:73:
c6:40:f6:e6:a0:53:f1:58:e4:05:71:09:bc:36:8b:
82:93:5e:3d:be:29:84:0b:60:eb:66:c1:27:e6:58:
6a:03:b0:b8:8c:e5:a7:38:f2:8a:83:18:f7:12:e1:
77:d7:dd:f1:d6:92:94:a7:e4:c4:ef:a0:4a:d6:a8:
58:96:ae:29:14:6f:c6:c3:86:7c:1a:5f:0a:ae:c3:
87:fd:97:1d:e2:a7:2d:4e:ac:9b:f3:9a:ac:f0:1f:
ef:b3:a3:44:f6:0e:6d:47:e0:7b:ce:80:38:45:06:
8f:4e:24:75:5a:21:7c:3d:81:3b:b4:c6:9d:2a:4e:
13:df:51:08:e6:72:7c:5a:33:21:5f:73:0a:0f:b0:
a6:0a:b8:1a:63:65:9f:80:88:8f:72:21:5b:a8:c7:
75:57:36:e1:da:40:9b:0c:8a:9f:06:65:d5:b8:67:
9d:78:90:8a:57:15:cc:e9:8f:db:77:b2:49:89:aa:
f9:d0:69:61:f8:5b:5f:22:af:79:fe:23:09:8a:2d:
e9:37:e2:1e:40:29:40:79:77:de:07:9d:4a:32:c6:
1c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:60:F6:BF:DE:D6:0F:91:DC:1E:30:E8:0E:17:0E:D5:7B:6F:88:FC
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qGD2v97WD5HcHjDoDhcO1XtviPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
27:f9:cd:0e:e8:4f:a3:0d:36:45:b4:77:5f:37:ff:bb:39:e2:
11:05:c2:02:5b:e4:b6:cf:a6:35:f9:1a:b5:88:ec:18:55:b8:
cf:6d:ce:14:e2:d8:53:3e:07:97:20:88:05:be:7b:19:6e:8e:
c7:fe:e4:02:2e:59:97:a1:30:26:41:31:3e:b8:c9:08:9e:25:
41:87:0d:c1:c4:30:b6:59:88:48:29:a0:5d:fd:ca:76:3d:10:
26:6f:43:40:8f:72:6b:89:d1:e3:14:d0:9a:97:27:e3:a7:1d:
c3:5b:7d:cf:49:4f:cd:50:44:04:0f:92:fb:f7:a9:b8:72:9d:
c2:c0:58:93:b9:7d:b0:06:e5:47:c8:24:a3:8d:34:7d:7f:70:
4e:38:ea:a7:86:6c:71:ae:b0:fc:62:ec:eb:0b:80:ff:3a:a9:
ee:1a:25:4c:ae:b9:f6:58:79:78:91:c3:02:fb:50:e0:db:bc:
1c:ad:4c:e9:ba:14:9e:4f:d8:ff:a4:67:0b:e5:72:66:a8:94:
64:cd:73:0e:ad:bb:e6:b1:fb:71:31:e6:b2:e2:70:69:f9:03:
13:58:3b:db:6d:cf:79:25:2f:36:ca:0c:88:16:8b:ba:a8:08:
59:80:49:af:02:64:fb:cf:4c:fd:2e:46:6b:67:e6:24:67:7d:
f2:52:97:48
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY38t55eC7Rm84Yma78EPR7XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAyMDExMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODYwZjZiZmRlZDYwZjkxZGMxZTMwZTgwZTE3MGVkNTdiNmY4OGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIaniU6+xaAbwQ3j8YyPjNEumwUe
aElj0+bO+YLQmyki5oTuZ4piwaUwtnPGQPbmoFPxWOQFcQm8NouCk149vimEC2Dr
ZsEn5lhqA7C4jOWnOPKKgxj3EuF3193x1pKUp+TE76BK1qhYlq4pFG/Gw4Z8Gl8K
rsOH/Zcd4qctTqyb85qs8B/vs6NE9g5tR+B7zoA4RQaPTiR1WiF8PYE7tMadKk4T
31EI5nJ8WjMhX3MKD7CmCrgaY2WfgIiPciFbqMd1Vzbh2kCbDIqfBmXVuGedeJCK
VxXM6Y/bd7JJiar50Glh+FtfIq95/iMJii3pN+IeQClAeXfeB51KMsYcKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKhg9r/e1g+R3B4w6A4XDtV7b4j8MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcUdEMnY5N1dENUhjSGpEb0RoY08xWHR2aVB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACf5zQ7oT6MNNkW0d183
/7s54hEFwgJb5LbPpjX5GrWI7BhVuM9tzhTi2FM+B5cgiAW+exlujsf+5AIuWZeh
MCZBMT64yQieJUGHDcHEMLZZiEgpoF39ynY9ECZvQ0CPcmuJ0eMU0JqXJ+OnHcNb
fc9JT81QRAQPkvv3qbhyncLAWJO5fbAG5UfIJKONNH1/cE446qeGbHGusPxi7OsL
gP86qe4aJUyuufZYeXiRwwL7UODbvBytTOm6FJ5P2P+kZwvlcmaolGTNcw6tu+ax
+3Ex5rLicGn5AxNYO9ttz3klLzbKDIgWi7qoCFmASa8CZPvPTP0uRmtn5iRnffJS
l0g=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:04:55 2025 by rpki-client