Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QWjtoQao9wusPkKdaA1bbZgbWvU.roa
File: QWjtoQao9wusPkKdaA1bbZgbWvU.roa (raw, json)
Hash identifier: 2R7NTMSQp2iewzC296KlwVD70ssaixYmnyEu00UGqrc=
Subject key identifier: 41:68:ED:A1:06:A8:F7:0B:AC:3E:42:9D:68:0D:5B:6D:98:1B:5A:F5
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CBF24F0869B350B662CEB3762C47A6462
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QWjtoQao9wusPkKdaA1bbZgbWvU.roa
Signing time: Sun 31 Dec 2023 09:11:58 +0000
ROA not before: Sun 31 Dec 2023 09:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:bf:24:f0:86:9b:35:0b:66:2c:eb:37:62:c4:7a:64:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 31 09:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4168eda106a8f70bac3e429d680d5b6d981b5af5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:82:e8:b0:e6:21:4f:d4:a2:41:2c:2f:de:2d:
c2:ee:53:07:1a:4f:ca:b6:55:82:8b:8d:ba:ba:bd:
c7:72:5d:36:39:41:4d:89:48:c0:1a:95:5e:b1:bc:
64:65:db:82:a4:16:fb:f0:a1:59:90:18:65:ee:8c:
4c:6d:63:cc:52:67:bb:8a:25:83:e5:9d:17:81:ad:
83:1c:7f:11:b1:67:07:5e:5d:5d:31:a2:b4:eb:7c:
76:3d:33:b3:bf:f4:29:8b:76:f8:30:d8:87:db:26:
a9:fc:e4:61:10:09:8b:1e:13:58:7b:b8:83:2d:39:
64:81:62:0e:4c:26:8e:fb:87:13:36:04:10:c5:9f:
02:72:d9:fb:81:ca:95:32:8d:90:1e:6a:0b:d0:9d:
6d:e7:57:85:39:09:c9:74:21:c3:5c:e4:69:3e:19:
4c:f6:ab:e4:4a:35:3f:e1:7e:59:77:a3:35:9e:14:
4c:aa:22:bb:f4:48:9d:24:2b:ad:5a:aa:7b:7a:aa:
e1:da:0a:f8:7c:4b:74:a0:e1:74:cd:8f:bc:3a:d2:
0c:fe:53:2b:63:1b:f5:4e:2f:22:a4:19:54:e0:1c:
1d:06:1f:58:70:94:ab:85:da:b9:f1:29:d1:a9:65:
4e:bc:b9:e4:7b:f6:05:b7:e3:c1:41:bd:a9:0a:79:
20:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:68:ED:A1:06:A8:F7:0B:AC:3E:42:9D:68:0D:5B:6D:98:1B:5A:F5
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QWjtoQao9wusPkKdaA1bbZgbWvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:b5:9b:c8:d3:5b:5f:07:28:11:f2:63:c1:7a:6a:07:51:94:
21:8d:ba:53:27:51:4f:8b:b3:83:da:5a:be:2b:1e:c6:80:c0:
bc:3f:1f:2e:1a:8a:19:5d:63:3a:56:a6:fe:f5:13:c3:fc:a3:
1a:20:38:3e:86:94:12:3f:05:4f:aa:39:aa:00:8b:7c:3d:4f:
a0:a2:34:f2:e2:e3:fc:40:c6:d3:32:02:1f:ff:b1:07:d3:9b:
7a:a3:7b:cd:f7:98:f1:ff:44:bb:23:cc:1b:e3:a9:62:ca:8e:
e1:10:a5:90:7e:3d:5c:85:60:73:6c:75:f9:44:39:7d:82:ef:
66:26:45:0c:d1:f6:a8:c9:af:77:90:08:a1:df:03:9b:ca:b8:
9e:ca:a0:35:3b:4c:cf:bb:bf:bb:a5:47:01:9c:a8:d8:87:d0:
25:98:90:52:9f:75:b5:02:9b:3c:e8:09:95:79:b3:81:fc:12:
83:ad:30:f3:33:eb:88:c3:de:0f:52:29:ae:72:e2:8c:8a:cc:
33:ca:39:36:85:ab:90:0f:75:35:75:db:63:14:73:92:fc:ac:
2f:bf:bb:ab:ec:85:b8:2b:a8:84:83:e0:71:a9:4b:f4:bb:7c:
00:be:05:0e:24:3f:54:45:ed:3b:c8:df:24:74:2a:1a:1f:68:
80:74:78:ac
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYy/JPCGmzULZizrN2LEemRiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjMxMDkxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTY4ZWRhMTA2YThmNzBiYWMzZTQyOWQ2ODBkNWI2ZDk4MWI1YWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoLosOYhT9SiQSwv3i3C7lMHGk/K
tlWCi426ur3Hcl02OUFNiUjAGpVesbxkZduCpBb78KFZkBhl7oxMbWPMUme7iiWD
5Z0Xga2DHH8RsWcHXl1dMaK063x2PTOzv/Qpi3b4MNiH2yap/ORhEAmLHhNYe7iD
LTlkgWIOTCaO+4cTNgQQxZ8Cctn7gcqVMo2QHmoL0J1t51eFOQnJdCHDXORpPhlM
9qvkSjU/4X5Zd6M1nhRMqiK79EidJCutWqp7eqrh2gr4fEt0oOF0zY+8OtIM/lMr
Yxv1Ti8ipBlU4BwdBh9YcJSrhdq58SnRqWVOvLnke/YFt+PBQb2pCnkgzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEFo7aEGqPcLrD5CnWgNW22YG1r1MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUVdqdG9RYW85d3VzUGtLZGFBMWJiWmdiV3ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAK1m8jTW18HKBHyY8F6
agdRlCGNulMnUU+Ls4PaWr4rHsaAwLw/Hy4aihldYzpWpv71E8P8oxogOD6GlBI/
BU+qOaoAi3w9T6CiNPLi4/xAxtMyAh//sQfTm3qje833mPH/RLsjzBvjqWLKjuEQ
pZB+PVyFYHNsdflEOX2C72YmRQzR9qjJr3eQCKHfA5vKuJ7KoDU7TM+7v7ulRwGc
qNiH0CWYkFKfdbUCmzzoCZV5s4H8EoOtMPMz64jD3g9SKa5y4oyKzDPKOTaFq5AP
dTV122MUc5L8rC+/u6vshbgrqISD4HGpS/S7fAC+BQ4kP1RF7TvI3yR0KhofaIB0
eKw=
-----END CERTIFICATE-----
Generated at Sun Jun 8 19:14:38 2025 by rpki-client