Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Qx1xGDgYR-HYccqhdzfYSMoTH1o.roa
File: Qx1xGDgYR-HYccqhdzfYSMoTH1o.roa (raw, json)
Hash identifier: emsQH1ntKaX1ikNb8o+5oh6/peb7yjEPAOg4DzJii8M=
Subject key identifier: 43:1D:71:18:38:18:47:E1:D8:71:CA:A1:77:37:D8:48:CA:13:1F:5A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D0C68A3F254B43945D31B8DC803571F86
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Qx1xGDgYR-HYccqhdzfYSMoTH1o.roa
Signing time: Mon 15 Jan 2024 09:16:40 +0000
ROA not before: Mon 15 Jan 2024 09:16:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0c:68:a3:f2:54:b4:39:45:d3:1b:8d:c8:03:57:1f:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 15 09:16:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=431d7118381847e1d871caa17737d848ca131f5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:32:15:a8:c3:22:fb:a0:1b:22:e7:30:8d:82:
c9:7f:cc:49:f0:a7:03:0a:f2:03:3e:d4:7a:5f:1a:
fa:68:ce:95:40:e9:99:5b:12:5b:4f:be:ca:4a:dc:
41:15:3d:df:41:fc:4d:9e:45:e5:29:78:c7:b9:e0:
b1:26:cd:7b:77:97:46:3c:8e:d7:f9:3c:ca:59:96:
9a:41:0e:ef:ee:9a:f5:af:5b:62:17:7b:64:f0:25:
bf:10:a6:3b:26:42:e2:2c:b3:fe:45:9c:63:83:e7:
a7:3b:2f:85:10:6d:7a:0d:b7:d6:ef:8a:5e:e2:99:
85:7d:eb:65:c8:64:42:93:c2:eb:a7:f9:ca:bd:7c:
a2:25:5b:85:ba:8b:c9:3e:05:22:1f:57:e1:e5:70:
ca:d1:e4:e0:3c:28:81:ef:93:0e:13:4e:bc:77:f3:
e6:70:cf:4c:e8:28:12:8d:2b:88:10:06:ec:c1:c4:
f3:cc:c3:b6:0d:d5:e0:f1:9f:01:60:30:43:b4:b5:
48:68:e9:35:ef:eb:61:29:ba:07:d4:e4:31:44:95:
a7:2f:03:a9:03:7f:f1:6f:2c:d2:0f:d9:5e:67:ec:
0a:12:c1:0a:73:4b:45:2a:10:d3:50:18:83:90:9d:
de:2e:7d:aa:bd:70:a2:5c:86:bc:ac:97:6c:56:f0:
90:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:1D:71:18:38:18:47:E1:D8:71:CA:A1:77:37:D8:48:CA:13:1F:5A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Qx1xGDgYR-HYccqhdzfYSMoTH1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
19:fe:30:8d:0c:7a:1d:ea:e2:2c:27:ce:33:f0:8b:2c:6b:c2:
97:f4:54:49:19:1c:64:01:cb:d3:5a:5d:f0:ea:9b:a8:3f:49:
ab:38:30:b5:93:d6:4b:af:55:a7:25:14:88:48:04:e0:f8:e2:
92:2b:24:7f:85:1d:17:52:cd:d7:b7:52:dc:3d:10:2f:15:a8:
de:b6:9a:0b:15:f7:8c:27:e7:85:d1:9e:3e:ff:ba:e5:9e:90:
0f:7b:43:ae:29:03:e4:65:71:5e:e8:3a:c4:49:b2:04:f3:b4:
f0:b5:1d:a6:7c:95:b2:20:b1:d3:2f:8f:9a:25:b9:1c:5a:e1:
d7:e2:14:f0:94:e0:71:cb:93:1a:67:04:ed:41:9f:f9:ea:aa:
05:04:29:f7:10:e6:30:f5:31:c9:02:43:77:97:fc:84:2b:06:
7f:de:96:91:3b:78:5e:4a:3e:3d:26:c9:6a:70:a8:46:2b:6b:
84:cb:c8:67:10:68:fe:82:cf:5b:cd:2b:76:04:5f:16:18:94:
41:66:eb:a2:22:8d:b9:1f:a0:d0:33:54:4a:7f:ea:c1:3d:29:
6d:d4:47:1f:4a:0b:2e:7e:b1:9d:74:1e:c7:ea:9f:4c:5f:62:
48:03:cd:42:e3:a1:1b:40:1b:ee:e3:31:8f:5e:f8:c1:fa:a5:
ae:56:b6:56
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0MaKPyVLQ5RdMbjcgDVx+GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE1MDkxNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzFkNzExODM4MTg0N2UxZDg3MWNhYTE3NzM3ZDg0OGNhMTMxZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5zIVqMMi+6AbIucwjYLJf8xJ8KcD
CvIDPtR6Xxr6aM6VQOmZWxJbT77KStxBFT3fQfxNnkXlKXjHueCxJs17d5dGPI7X
+TzKWZaaQQ7v7pr1r1tiF3tk8CW/EKY7JkLiLLP+RZxjg+enOy+FEG16DbfW74pe
4pmFfetlyGRCk8Lrp/nKvXyiJVuFuovJPgUiH1fh5XDK0eTgPCiB75MOE068d/Pm
cM9M6CgSjSuIEAbswcTzzMO2DdXg8Z8BYDBDtLVIaOk17+thKboH1OQxRJWnLwOp
A3/xbyzSD9leZ+wKEsEKc0tFKhDTUBiDkJ3eLn2qvXCiXIa8rJdsVvCQ2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEMdcRg4GEfh2HHKoXc32EjKEx9aMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUXgxeEdEZ1lSLUhZY2NxaGR6ZllTTW9USDFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABn+MI0Meh3q4iwnzjPw
iyxrwpf0VEkZHGQBy9NaXfDqm6g/Sas4MLWT1kuvVaclFIhIBOD44pIrJH+FHRdS
zde3Utw9EC8VqN62mgsV94wn54XRnj7/uuWekA97Q64pA+RlcV7oOsRJsgTztPC1
HaZ8lbIgsdMvj5oluRxa4dfiFPCU4HHLkxpnBO1Bn/nqqgUEKfcQ5jD1MckCQ3eX
/IQrBn/elpE7eF5KPj0myWpwqEYra4TLyGcQaP6Cz1vNK3YEXxYYlEFm66Iijbkf
oNAzVEp/6sE9KW3URx9KCy5+sZ10Hsfqn0xfYkgDzULjoRtAG+7jMY9e+MH6pa5W
tlY=
-----END CERTIFICATE-----
Generated at Sun Jun 8 16:40:51 2025 by rpki-client