Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QrY49b2TPtRMjtgoh1dtvODmBnY.roa
File: QrY49b2TPtRMjtgoh1dtvODmBnY.roa (raw, json)
Hash identifier: CUh9xnXO5ywEIJEl8w4Z2/8oJLnEWMVV2/G0D8eSb/o=
Subject key identifier: 42:B6:38:F5:BD:93:3E:D4:4C:8E:D8:28:87:57:6D:BC:E0:E6:06:76
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CF612415E7268AE82C110F1CE59149F80
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QrY49b2TPtRMjtgoh1dtvODmBnY.roa
Signing time: Thu 11 Jan 2024 01:10:40 +0000
ROA not before: Thu 11 Jan 2024 01:10:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f6:12:41:5e:72:68:ae:82:c1:10:f1:ce:59:14:9f:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 11 01:10:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42b638f5bd933ed44c8ed82887576dbce0e60676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:92:7c:8b:26:c6:80:62:e2:5f:16:b1:d1:00:
8c:2e:22:4a:ef:2d:1a:a6:63:bf:3d:5f:d0:2d:e1:
ab:46:e8:00:5a:57:f0:51:49:4a:fb:2c:57:96:d3:
bc:2a:7e:1a:a7:5b:a9:8d:6b:7a:9e:95:3e:f3:22:
01:48:1b:88:6e:df:65:47:c5:58:cb:47:42:ad:1e:
05:81:53:71:68:da:94:6d:67:08:12:68:61:97:f2:
94:99:84:5b:6e:e2:34:2c:9c:e9:b2:a6:14:0b:99:
b2:fd:7f:5c:f2:ea:eb:5b:78:fc:44:3f:cc:da:ec:
bb:34:38:04:86:e3:3a:15:a7:04:9a:c0:32:87:f7:
d1:13:2a:bf:aa:8f:d2:f0:6d:f6:ce:d6:ca:28:74:
f1:e8:79:ed:94:f2:00:fc:35:82:2d:aa:ef:a4:b4:
ff:9a:92:8c:f9:70:ac:15:6d:3a:d0:95:1f:7e:26:
6d:b5:a0:ea:18:24:f2:61:0a:25:3a:48:5e:80:3e:
45:15:df:ad:e8:b2:f5:30:d2:39:ca:18:18:2b:ad:
46:1c:e6:60:5d:d3:52:5c:21:06:ad:ed:4e:f7:52:
d5:c3:db:60:82:a0:20:e0:2c:fd:6e:92:ba:ad:8d:
9d:73:c3:70:79:c2:f2:30:37:d5:2a:2a:55:15:5d:
87:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:B6:38:F5:BD:93:3E:D4:4C:8E:D8:28:87:57:6D:BC:E0:E6:06:76
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/QrY49b2TPtRMjtgoh1dtvODmBnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
55:19:9d:f6:ff:ac:f8:79:1a:12:dc:c6:55:db:1b:1f:92:09:
58:58:26:e6:c2:5e:92:6e:46:44:20:10:02:4a:f5:09:56:ad:
dc:a5:6a:f3:d7:60:6e:6b:6e:39:db:bd:eb:db:dd:51:d8:81:
77:9f:65:39:1d:6a:ab:16:92:57:8c:da:5b:14:fd:4c:4e:7a:
d3:99:1c:7f:5b:c5:39:1c:18:9e:cd:71:de:9f:d6:a6:64:ad:
8a:99:ea:cb:29:74:4c:fc:3c:51:b0:d0:8d:cb:93:79:69:61:
8f:44:27:3d:d9:75:fb:2d:4c:05:16:03:a1:12:39:9e:35:0f:
74:43:5d:6d:e4:97:0e:26:3b:f0:94:cb:52:25:85:dd:bd:7e:
d1:13:93:47:6c:a9:10:63:93:b4:72:67:7e:2c:e8:ae:c8:a1:
7a:a6:ef:9d:f5:0c:af:c1:2c:c9:eb:3b:0a:3f:45:39:68:8c:
22:c6:cf:3f:0e:be:bd:5e:2f:66:4c:4d:de:0b:7b:e8:78:7b:
bd:48:c8:d4:e1:fa:ec:08:a7:3a:90:71:52:d9:05:b5:5c:1c:
62:9e:c7:ac:ce:64:30:1c:15:32:fe:7f:e9:02:7c:e1:84:80:
c2:5d:2e:75:75:c2:cc:f9:c6:1b:a7:bd:f8:9b:fe:46:25:28:
7a:a2:5b:ff
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYz2EkFecmiugsEQ8c5ZFJ+AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTExMDExMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmI2MzhmNWJkOTMzZWQ0NGM4ZWQ4Mjg4NzU3NmRiY2UwZTYwNjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA55J8iybGgGLiXxax0QCMLiJK7y0a
pmO/PV/QLeGrRugAWlfwUUlK+yxXltO8Kn4ap1upjWt6npU+8yIBSBuIbt9lR8VY
y0dCrR4FgVNxaNqUbWcIEmhhl/KUmYRbbuI0LJzpsqYUC5my/X9c8urrW3j8RD/M
2uy7NDgEhuM6FacEmsAyh/fREyq/qo/S8G32ztbKKHTx6HntlPIA/DWCLarvpLT/
mpKM+XCsFW060JUffiZttaDqGCTyYQolOkhegD5FFd+t6LL1MNI5yhgYK61GHOZg
XdNSXCEGre1O91LVw9tggqAg4Cz9bpK6rY2dc8NwecLyMDfVKipVFV2HwQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEK2OPW9kz7UTI7YKIdXbbzg5gZ2MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUXJZNDliMlRQdFJNanRnb2gxZHR2T0RtQm5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFUZnfb/rPh5GhLcxlXb
Gx+SCVhYJubCXpJuRkQgEAJK9QlWrdylavPXYG5rbjnbvevb3VHYgXefZTkdaqsW
kleM2lsU/UxOetOZHH9bxTkcGJ7Ncd6f1qZkrYqZ6sspdEz8PFGw0I3Lk3lpYY9E
Jz3ZdfstTAUWA6ESOZ41D3RDXW3klw4mO/CUy1Ilhd29ftETk0dsqRBjk7RyZ34s
6K7IoXqm7531DK/BLMnrOwo/RTlojCLGzz8Ovr1eL2ZMTd4Le+h4e71IyNTh+uwI
pzqQcVLZBbVcHGKex6zOZDAcFTL+f+kCfOGEgMJdLnV1wsz5xhunvfib/kYlKHqi
W/8=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:55:11 2025 by rpki-client