Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/QvMCQZ0dyslSNtui8AzpDwDqO-A.roa
File: QvMCQZ0dyslSNtui8AzpDwDqO-A.roa (raw, json)
Hash identifier: erW1ifzHCN/I+oRPGyNyPbK0mUWrr9P8ZCn8bFwNWI8=
Subject key identifier: 42:F3:02:41:9D:1D:CA:C9:52:36:DB:A2:F0:0C:E9:0F:00:EA:3B:E0
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A8BA3EB31BC55705F023A1937AA1B63B2
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/QvMCQZ0dyslSNtui8AzpDwDqO-A.roa
Signing time: Tue 12 Sep 2023 23:04:50 +0000
ROA not before: Tue 12 Sep 2023 23:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:8ba3:ac8d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8b:a3:eb:31:bc:55:70:5f:02:3a:19:37:aa:1b:63:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 12 23:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42f302419d1dcac95236dba2f00ce90f00ea3be0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c6:97:06:33:d0:98:73:a7:7f:d6:d8:e5:1e:
82:8d:21:81:2a:6f:b0:44:ac:40:2f:f6:1c:39:84:
31:de:49:8b:a6:15:0f:47:be:99:ed:32:fb:c7:0f:
b1:0f:dc:e8:6d:13:83:d5:14:22:6c:11:22:c2:65:
d7:b0:d2:f0:01:d7:25:d6:66:9e:23:ce:52:10:b5:
97:44:bf:af:cf:c5:07:81:65:64:77:b9:0b:c9:13:
8e:44:31:b6:a2:1a:91:b3:4b:04:8a:4c:98:34:ca:
82:5d:07:dc:82:0a:55:c1:2d:20:d4:51:f4:cc:c2:
48:a9:0c:66:c2:ae:0d:d1:ad:91:79:cd:f7:bb:9f:
70:9a:8b:94:f1:6f:96:49:2f:16:b8:f5:de:ab:79:
f9:a5:85:97:fe:05:2c:ff:90:89:e2:49:69:cb:4c:
f6:d8:73:d7:3d:9d:ba:f1:36:6a:29:ce:d0:a2:8c:
2d:a5:cb:f2:ca:10:aa:de:15:8d:79:4f:b7:54:55:
fa:f6:e2:b4:53:98:c0:7e:f8:f5:e6:0e:53:49:0d:
dd:c3:7b:d3:a9:e7:18:13:f9:b5:87:54:fd:95:72:
89:31:38:d4:cd:d9:21:aa:e1:27:12:c9:57:8a:25:
cd:d4:d2:41:31:8d:66:74:61:fd:4f:4d:ad:3f:5c:
c1:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:F3:02:41:9D:1D:CA:C9:52:36:DB:A2:F0:0C:E9:0F:00:EA:3B:E0
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/QvMCQZ0dyslSNtui8AzpDwDqO-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
28:7d:65:0f:47:82:79:4a:3b:57:a2:f3:99:fb:21:a1:19:19:
92:92:97:dc:b0:67:fc:d1:60:15:42:d0:45:97:d5:fa:7a:ac:
f8:46:d2:ae:7b:60:6c:de:c7:b2:c0:71:8f:44:9c:68:b2:f3:
c4:3d:78:43:e9:c5:21:58:82:ba:0c:0a:8e:a3:84:93:de:20:
26:0a:11:cb:22:37:e7:f4:dd:81:8b:60:da:91:4b:87:e9:07:
5c:2f:af:05:b4:e6:7f:f7:fa:c9:d4:af:7a:31:57:b3:7f:2b:
a4:24:7f:c4:df:39:ae:08:3a:26:c3:b0:c0:c5:ec:3e:4e:06:
87:41:19:69:64:83:2a:01:5d:f3:1e:54:83:2a:38:ab:f2:a1:
81:cb:da:02:13:1e:ef:d2:37:fa:60:d4:69:b2:55:a6:6f:6a:
f5:2e:44:d6:34:00:37:92:e7:8b:81:4e:31:e9:ab:22:12:46:
73:26:d2:cd:c3:01:18:2d:23:8e:db:b3:11:ce:d9:8a:a7:a1:
8d:c1:a8:94:24:72:09:cd:7b:a7:c8:ae:c7:f0:a2:e5:2a:87:
02:04:17:0a:d0:b0:ec:bf:3d:1d:a9:df:0c:4b:b0:50:6b:c2:
63:43:f6:fe:ce:33:b6:6f:67:a5:8e:8b:df:c0:17:49:56:b8:
6e:3e:da:53
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqLo+sxvFVwXwI6GTeqG2OyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTEyMjMwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmYzMDI0MTlkMWRjYWM5NTIzNmRiYTJmMDBjZTkwZjAwZWEzYmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8aXBjPQmHOnf9bY5R6CjSGBKm+w
RKxAL/YcOYQx3kmLphUPR76Z7TL7xw+xD9zobROD1RQibBEiwmXXsNLwAdcl1mae
I85SELWXRL+vz8UHgWVkd7kLyROORDG2ohqRs0sEikyYNMqCXQfcggpVwS0g1FH0
zMJIqQxmwq4N0a2Rec33u59wmouU8W+WSS8WuPXeq3n5pYWX/gUs/5CJ4klpy0z2
2HPXPZ268TZqKc7QoowtpcvyyhCq3hWNeU+3VFX69uK0U5jAfvj15g5TSQ3dw3vT
qecYE/m1h1T9lXKJMTjUzdkhquEnEslXiiXN1NJBMY1mdGH9T02tP1zBFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFELzAkGdHcrJUjbbovAM6Q8A6jvgMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvUXZNQ1FaMGR5c2xTTnR1aThBenBEd0RxTy1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACh9ZQ9HgnlKO1ei85n7
IaEZGZKSl9ywZ/zRYBVC0EWX1fp6rPhG0q57YGzex7LAcY9EnGiy88Q9eEPpxSFY
groMCo6jhJPeICYKEcsiN+f03YGLYNqRS4fpB1wvrwW05n/3+snUr3oxV7N/K6Qk
f8TfOa4IOibDsMDF7D5OBodBGWlkgyoBXfMeVIMqOKvyoYHL2gITHu/SN/pg1Gmy
VaZvavUuRNY0ADeS54uBTjHpqyISRnMm0s3DARgtI47bsxHO2YqnoY3BqJQkcgnN
e6fIrsfwouUqhwIEFwrQsOy/PR2p3wxLsFBrwmND9v7OM7ZvZ6WOi9/AF0lWuG4+
2lM=
-----END CERTIFICATE-----
Generated at Tue Jun 17 04:20:39 2025 by rpki-client