Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qrSZcwPl1uzTmZIpnWazoaVOe2k.roa
File: qrSZcwPl1uzTmZIpnWazoaVOe2k.roa (raw, json)
Hash identifier: NdoCY2NA/XCbeOvfDV7YnSdtKNGNgvsB2ee3VGF6B5g=
Subject key identifier: AA:B4:99:73:03:E5:D6:EC:D3:99:92:29:9D:66:B3:A1:A5:4E:7B:69
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E833B4BC85CC8DCD4F023888BE93AA432
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qrSZcwPl1uzTmZIpnWazoaVOe2k.roa
Signing time: Thu 28 Mar 2024 04:04:45 +0000
ROA not before: Thu 28 Mar 2024 04:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
2001:67c:64:ffff:0:18e:833b:66f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:83:3b:4b:c8:5c:c8:dc:d4:f0:23:88:8b:e9:3a:a4:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 28 04:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aab4997303e5d6ecd39992299d66b3a1a54e7b69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e4:29:e6:34:43:fa:7e:45:ae:b4:d3:ca:b9:
f7:34:e6:5d:b9:61:e1:23:d6:8c:fb:6e:38:c6:c9:
c1:a5:4a:05:30:ac:49:58:79:30:99:5f:f5:33:f2:
33:85:f4:ce:91:0b:5d:00:8b:c9:3e:24:b9:7a:ca:
86:db:ea:3c:f5:8b:8b:95:5f:79:49:f0:e8:63:74:
3b:e8:cb:ed:17:90:2d:e3:94:ea:dc:67:ac:2f:21:
8c:8c:31:76:7e:c6:73:9e:a9:2f:7e:83:e5:84:01:
f0:2c:cd:7a:15:b7:73:d1:d3:c5:0e:58:8a:31:14:
23:af:cc:6f:a0:10:36:19:df:27:c5:53:d0:bc:c5:
dd:4e:11:4e:e7:32:2c:1f:b5:59:a8:06:88:e5:86:
3d:89:2e:89:cb:1e:08:b6:22:b0:a4:c3:d7:e1:12:
c6:a4:e9:84:20:1c:7a:0a:45:ce:66:fc:0a:4b:fa:
69:58:eb:0b:71:d5:41:80:3a:42:d8:cf:c7:15:02:
bf:6f:2b:9d:73:67:0f:d8:29:64:e5:fd:81:4e:ed:
cf:ac:42:03:b7:fb:0a:92:bd:e4:83:09:33:4d:03:
a3:28:ba:19:a8:81:f8:db:89:16:07:b5:e5:67:68:
8a:90:b5:bc:0d:b3:34:db:8d:7e:27:ef:73:bd:51:
94:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:B4:99:73:03:E5:D6:EC:D3:99:92:29:9D:66:B3:A1:A5:4E:7B:69
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/qrSZcwPl1uzTmZIpnWazoaVOe2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
13:9d:f0:88:b6:15:12:b2:02:5d:c7:dd:1c:31:ee:ea:96:76:
58:39:38:34:93:7e:5a:a0:bd:9d:ed:8c:80:26:c7:61:a7:c3:
3d:f9:4d:17:7c:44:ae:b5:6f:27:21:ae:9a:f9:6c:a8:d5:3d:
a0:70:da:b3:50:cd:cf:87:14:15:ba:ed:83:0c:6b:f8:e1:e5:
9b:8e:00:6a:58:c1:a1:ff:f2:c7:05:c5:17:1e:28:05:73:5e:
fc:7b:69:ae:a3:f1:05:84:93:58:da:86:6d:27:13:05:0c:8e:
6a:c0:29:e0:f0:a2:db:f2:7c:61:b5:dd:08:c1:5f:1f:07:03:
03:64:53:ea:cb:5a:6c:ea:6f:c2:dc:c3:a0:53:71:5c:b1:6f:
4c:76:b2:db:50:60:33:f7:fb:63:02:bb:98:01:b1:da:35:b7:
98:57:11:05:6b:4c:fb:6f:a0:05:e7:bc:21:87:99:a0:df:47:
cf:dd:a6:e3:12:b4:77:50:ed:01:f3:a0:90:0f:45:95:a4:57:
38:ce:f1:12:93:8d:d5:ae:4e:c7:3b:67:e7:1a:c9:2a:cc:59:
99:0d:0e:47:b6:86:ca:f7:07:c3:ed:75:e3:48:cd:eb:cf:cc:
bc:93:97:fb:39:02:a0:2c:98:18:bc:17:53:7a:cc:58:52:a6:
cc:15:14:6a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6DO0vIXMjc1PAjiIvpOqQyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI4MDQwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWI0OTk3MzAzZTVkNmVjZDM5OTkyMjk5ZDY2YjNhMWE1NGU3YjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+Qp5jRD+n5FrrTTyrn3NOZduWHh
I9aM+244xsnBpUoFMKxJWHkwmV/1M/IzhfTOkQtdAIvJPiS5esqG2+o89YuLlV95
SfDoY3Q76MvtF5At45Tq3GesLyGMjDF2fsZznqkvfoPlhAHwLM16Fbdz0dPFDliK
MRQjr8xvoBA2Gd8nxVPQvMXdThFO5zIsH7VZqAaI5YY9iS6Jyx4ItiKwpMPX4RLG
pOmEIBx6CkXOZvwKS/ppWOsLcdVBgDpC2M/HFQK/byudc2cP2Clk5f2BTu3PrEID
t/sKkr3kgwkzTQOjKLoZqIH424kWB7XlZ2iKkLW8DbM0241+J+9zvVGUiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKq0mXMD5dbs05mSKZ1ms6GlTntpMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcXJTWmN3UGwxdXpUbVpJcG5XYXpvYVZPZTJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABOd8Ii2FRKyAl3H3Rwx
7uqWdlg5ODSTflqgvZ3tjIAmx2Gnwz35TRd8RK61bychrpr5bKjVPaBw2rNQzc+H
FBW67YMMa/jh5ZuOAGpYwaH/8scFxRceKAVzXvx7aa6j8QWEk1jahm0nEwUMjmrA
KeDwotvyfGG13QjBXx8HAwNkU+rLWmzqb8Lcw6BTcVyxb0x2sttQYDP3+2MCu5gB
sdo1t5hXEQVrTPtvoAXnvCGHmaDfR8/dpuMStHdQ7QHzoJAPRZWkVzjO8RKTjdWu
Tsc7Z+caySrMWZkNDke2hsr3B8PtdeNIzevPzLyTl/s5AqAsmBi8F1N6zFhSpswV
FGo=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:56:29 2025 by rpki-client