Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QPux3DAZl_tBAe_zdf6YFQIcqFY.roa
File: QPux3DAZl_tBAe_zdf6YFQIcqFY.roa (raw, json)
Hash identifier: da9Q6StKZQaa4Q39oNf4W1JPVnivWSQIktUEvEuxZ/k=
Subject key identifier: 40:FB:B1:DC:30:19:97:FB:41:01:EF:F3:75:FE:98:15:02:1C:A8:56
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D197FF186F2DFF872CDD36B2BE341BA26
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QPux3DAZl_tBAe_zdf6YFQIcqFY.roa
Signing time: Wed 17 Jan 2024 22:17:11 +0000
ROA not before: Wed 17 Jan 2024 22:17:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:19:7f:f1:86:f2:df:f8:72:cd:d3:6b:2b:e3:41:ba:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 17 22:17:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40fbb1dc301997fb4101eff375fe9815021ca856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ce:08:87:2a:9c:fb:e8:40:95:6b:a5:ce:35:
f2:b6:1d:d4:4c:62:e4:c0:7f:25:df:9c:f1:28:8b:
d1:c7:9e:9c:07:4a:b3:9c:67:a7:e5:7a:af:32:d3:
4d:46:af:46:c3:1c:a2:cc:c9:ec:f1:fe:cc:40:db:
20:ee:3b:ad:85:b5:4c:df:96:c6:8f:3c:5d:d9:37:
52:51:4a:8f:54:8d:19:08:59:85:d5:93:1f:28:6e:
48:e3:b4:97:13:af:8d:43:ee:5e:f0:9b:3a:f8:76:
0d:4c:8b:89:13:6a:5a:2f:64:db:32:f3:2b:d5:2c:
cd:8e:e7:90:11:18:eb:5a:7a:bf:8a:58:10:ba:cb:
c8:d1:76:e3:d0:e9:07:f2:15:87:40:64:90:e4:1c:
97:04:21:83:84:4a:fc:b7:e1:34:01:89:e5:19:a9:
19:84:c6:12:9b:95:f9:50:81:2e:4e:8c:17:3e:a0:
f8:0b:67:f7:0e:7c:80:00:bd:e6:ff:dc:5e:e6:b3:
7b:7e:2b:bc:bb:69:d3:b6:1a:61:ad:1a:3a:45:a7:
3a:08:fa:ca:68:8d:6d:d5:01:2f:0e:da:2c:8f:ff:
15:fb:3c:a3:21:80:24:1d:5c:de:df:bc:0f:a8:fc:
61:76:33:ba:85:9b:14:fe:94:e6:c0:fb:d8:aa:68:
d7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:FB:B1:DC:30:19:97:FB:41:01:EF:F3:75:FE:98:15:02:1C:A8:56
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QPux3DAZl_tBAe_zdf6YFQIcqFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
42:40:e2:9c:89:e2:cd:a2:2f:d9:b4:07:3f:48:73:4d:3b:71:
69:6b:3a:94:74:c6:2a:16:e8:e5:0d:60:ac:f0:b2:6d:42:65:
af:f6:86:a7:52:24:86:c4:e5:c3:60:d3:0e:ff:14:76:e1:3e:
3e:4d:4e:3e:67:e5:57:12:4e:79:c8:7a:7b:2a:9e:e5:20:91:
ed:98:f1:be:3b:2b:c9:09:6d:83:83:ab:b8:3b:ed:d5:92:b3:
f6:56:f7:47:4d:36:16:a4:3c:fe:42:63:de:34:2f:93:10:02:
c6:fd:39:e2:0e:8e:42:91:80:b0:0b:a3:85:2d:c8:8c:ef:26:
3d:30:0b:3d:09:c5:8b:07:50:5c:53:3b:ac:33:5a:a6:e7:7c:
1e:31:52:54:10:9e:9f:00:f2:08:ce:95:39:b0:6c:ca:80:2b:
a9:33:47:ed:c9:61:ae:ba:e1:0e:e2:e1:f9:ab:06:f4:b8:61:
fe:5b:b0:fd:90:c7:3b:45:4d:29:51:a7:7e:5e:f0:fc:ac:09:
26:ee:08:94:b9:dc:6b:36:13:de:c8:7a:60:da:f7:90:26:75:
44:ce:de:68:b3:42:99:f4:e5:38:9a:4a:80:f0:11:63:06:cd:
5b:78:dd:eb:09:ae:a7:ea:c8:80:a7:f5:e2:fa:84:fe:3b:1d:
47:6a:f4:7b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0Zf/GG8t/4cs3TayvjQbomMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE3MjIxNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGZiYjFkYzMwMTk5N2ZiNDEwMWVmZjM3NWZlOTgxNTAyMWNhODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhM4Ihyqc++hAlWulzjXyth3UTGLk
wH8l35zxKIvRx56cB0qznGen5XqvMtNNRq9GwxyizMns8f7MQNsg7juthbVM35bG
jzxd2TdSUUqPVI0ZCFmF1ZMfKG5I47SXE6+NQ+5e8Js6+HYNTIuJE2paL2TbMvMr
1SzNjueQERjrWnq/ilgQusvI0Xbj0OkH8hWHQGSQ5ByXBCGDhEr8t+E0AYnlGakZ
hMYSm5X5UIEuTowXPqD4C2f3DnyAAL3m/9xe5rN7fiu8u2nTthphrRo6Rac6CPrK
aI1t1QEvDtosj/8V+zyjIYAkHVze37wPqPxhdjO6hZsU/pTmwPvYqmjXwwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFED7sdwwGZf7QQHv83X+mBUCHKhWMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUVB1eDNEQVpsX3RCQWVfemRmNllGUUljcUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEJA4pyJ4s2iL9m0Bz9I
c007cWlrOpR0xioW6OUNYKzwsm1CZa/2hqdSJIbE5cNg0w7/FHbhPj5NTj5n5VcS
TnnIensqnuUgke2Y8b47K8kJbYODq7g77dWSs/ZW90dNNhakPP5CY940L5MQAsb9
OeIOjkKRgLALo4UtyIzvJj0wCz0JxYsHUFxTO6wzWqbnfB4xUlQQnp8A8gjOlTmw
bMqAK6kzR+3JYa664Q7i4fmrBvS4Yf5bsP2QxztFTSlRp35e8PysCSbuCJS53Gs2
E97IemDa95AmdUTO3mizQpn05TiaSoDwEWMGzVt43esJrqfqyICn9eL6hP47HUdq
9Hs=
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:55:50 2025 by rpki-client