Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qtYkCr7wrDdhLDfjK6T4pbhYgjU.roa
File: qtYkCr7wrDdhLDfjK6T4pbhYgjU.roa (raw, json)
Hash identifier: uWxq20/efi80JejhiJ3eVffHFRo+4Gr4eZ76u8kboO4=
Subject key identifier: AA:D6:24:0A:BE:F0:AC:37:61:2C:37:E3:2B:A4:F8:A5:B8:58:82:35
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4B0DB6D59A3FE3BD43A34AF72EC906F0
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qtYkCr7wrDdhLDfjK6T4pbhYgjU.roa
Signing time: Thu 31 Aug 2023 10:05:04 +0000
ROA not before: Thu 31 Aug 2023 10:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:4b0d:92a3/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4b:0d:b6:d5:9a:3f:e3:bd:43:a3:4a:f7:2e:c9:06:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 31 10:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aad6240abef0ac37612c37e32ba4f8a5b8588235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7b:e6:e0:dd:a2:fa:c0:9e:67:3b:67:dd:17:
b7:49:ba:69:be:48:f0:6b:8d:ab:40:b0:57:c9:f3:
a8:24:e5:68:08:71:ed:46:63:51:ae:46:68:e7:8c:
c6:03:6d:16:cf:17:01:20:12:53:77:2c:41:6f:c9:
68:90:5d:22:50:e1:53:d8:6d:c4:20:eb:6c:5b:21:
2c:00:bd:0a:1e:c0:f5:be:49:a1:67:0d:26:d0:4a:
f9:b9:de:03:33:c6:54:e4:35:f7:9b:ba:86:9b:43:
ed:95:cf:4b:05:fa:01:dc:e4:8b:9b:ca:79:f2:83:
9d:22:33:29:4d:cc:1c:06:ca:08:16:4b:09:3c:f4:
79:8a:e7:40:ad:d1:ef:aa:1a:75:c4:e2:d4:c9:e3:
e6:1b:85:03:7b:5d:5e:56:c2:94:30:20:c4:b6:da:
59:71:dc:b6:16:45:7c:6d:c4:c5:b3:a5:8f:04:60:
82:58:83:84:b6:4b:f0:f5:7c:4f:17:0e:08:d7:44:
cf:5d:d6:2a:7e:91:a4:a9:48:d5:75:f6:c1:88:d7:
b9:be:15:a4:c9:e4:33:e9:cb:ae:3a:c4:79:00:7c:
61:ac:b3:d8:db:c9:5c:0f:87:42:8b:85:ab:ce:7e:
74:3d:0d:46:ae:81:f3:2c:73:7a:68:e2:a5:a0:d5:
54:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:D6:24:0A:BE:F0:AC:37:61:2C:37:E3:2B:A4:F8:A5:B8:58:82:35
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qtYkCr7wrDdhLDfjK6T4pbhYgjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2e:7e:a3:f8:e7:67:92:16:8b:8a:04:d8:b0:76:b9:3c:b1:1d:
51:83:5b:3a:a1:a4:90:f3:c1:ef:df:7b:77:32:2a:58:9a:2d:
3a:c6:cb:06:c3:1b:5b:3d:e9:da:3e:58:38:88:f2:7a:47:ca:
67:d0:47:89:bb:06:40:bb:1f:22:25:75:d4:7d:8f:fb:3e:0a:
66:dc:5d:be:e8:e2:e1:fb:ed:5a:1c:5e:db:58:6a:84:96:7c:
13:47:85:0e:d8:78:0b:c3:5a:c9:50:18:e0:7f:d4:5c:71:2f:
d2:67:17:3c:39:6d:39:33:9d:eb:33:78:57:fd:ed:85:11:8e:
84:9d:d1:bb:e7:4a:5d:86:09:8e:ce:e0:af:74:8b:5b:e8:8a:
d8:d4:a8:3a:28:19:9c:ff:cd:15:aa:9a:8b:e0:fe:f3:7c:4f:
2d:03:64:72:30:2f:8d:55:e1:62:ca:4d:7a:72:b5:9b:12:62:
0c:31:cb:0f:df:28:b3:63:61:36:07:ad:18:c2:14:8f:02:53:
cc:34:75:3e:e7:68:a6:5e:af:25:39:98:05:4c:07:d6:67:82:
d8:6f:0d:8d:e9:9b:62:d6:e5:70:3a:c6:57:74:25:16:6c:51:
c0:18:82:76:8a:47:46:ab:93:47:69:b5:c1:c9:c2:d7:c9:40:
76:be:99:0f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpLDbbVmj/jvUOjSvcuyQbwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMxMTAwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWQ2MjQwYWJlZjBhYzM3NjEyYzM3ZTMyYmE0ZjhhNWI4NTg4MjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoHvm4N2i+sCeZztn3Re3Sbppvkjw
a42rQLBXyfOoJOVoCHHtRmNRrkZo54zGA20WzxcBIBJTdyxBb8lokF0iUOFT2G3E
IOtsWyEsAL0KHsD1vkmhZw0m0Er5ud4DM8ZU5DX3m7qGm0Ptlc9LBfoB3OSLm8p5
8oOdIjMpTcwcBsoIFksJPPR5iudArdHvqhp1xOLUyePmG4UDe11eVsKUMCDEttpZ
cdy2FkV8bcTFs6WPBGCCWIOEtkvw9XxPFw4I10TPXdYqfpGkqUjVdfbBiNe5vhWk
yeQz6cuuOsR5AHxhrLPY28lcD4dCi4Wrzn50PQ1GroHzLHN6aOKloNVUuQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKrWJAq+8Kw3YSw34yuk+KW4WII1MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvcXRZa0NyN3dyRGRoTERmaks2VDRwYmhZZ2pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC5+o/jnZ5IWi4oE2LB2
uTyxHVGDWzqhpJDzwe/fe3cyKliaLTrGywbDG1s96do+WDiI8npHymfQR4m7BkC7
HyIlddR9j/s+CmbcXb7o4uH77VocXttYaoSWfBNHhQ7YeAvDWslQGOB/1FxxL9Jn
Fzw5bTkzneszeFf97YURjoSd0bvnSl2GCY7O4K90i1voitjUqDooGZz/zRWqmovg
/vN8Ty0DZHIwL41V4WLKTXpytZsSYgwxyw/fKLNjYTYHrRjCFI8CU8w0dT7naKZe
ryU5mAVMB9ZngthvDY3pm2LW5XA6xld0JRZsUcAYgnaKR0ark0dptcHJwtfJQHa+
mQ8=
-----END CERTIFICATE-----
Generated at Tue Jun 17 15:04:10 2025 by rpki-client