Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/QLFjCx8jEralbNpPr4_TP7I_9GU.roa
File: QLFjCx8jEralbNpPr4_TP7I_9GU.roa (raw, json)
Hash identifier: Dk0HChyVnat2CaS4es4vgpRvk0nEO+394MvhmobrVVY=
Subject key identifier: 40:B1:63:0B:1F:23:12:B6:A5:6C:DA:4F:AF:8F:D3:3F:B2:3F:F4:65
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6ACFF6561EEE9A036EB5CFFED42CE1C7
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/QLFjCx8jEralbNpPr4_TP7I_9GU.roa
Signing time: Wed 06 Sep 2023 14:05:28 +0000
ROA not before: Wed 06 Sep 2023 14:05:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:6acf:2814/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6a:cf:f6:56:1e:ee:9a:03:6e:b5:cf:fe:d4:2c:e1:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 6 14:05:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40b1630b1f2312b6a56cda4faf8fd33fb23ff465
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:40:5e:fd:2b:67:53:9d:2a:56:74:90:8f:18:
3b:b9:ff:ed:64:21:95:ce:fd:c2:bf:19:5a:c2:44:
94:db:84:b8:20:b0:51:5c:2e:fa:3b:0d:ac:9d:4d:
dc:d7:59:eb:16:4e:28:6f:41:7a:7c:b4:f8:de:38:
97:df:19:00:bd:4a:e5:c0:14:9c:15:cb:a4:40:e7:
42:7b:be:9c:9f:a7:9e:e9:fb:f5:80:d7:f4:14:7e:
d5:2e:e9:06:94:cf:cd:45:3d:ea:df:e5:90:c4:c5:
56:f2:10:7f:7e:ac:37:ed:08:ae:ac:75:5c:8c:e1:
c0:eb:39:19:4a:5a:30:22:32:38:6c:c1:f1:5e:df:
59:d3:98:55:8e:eb:94:30:3d:6e:ef:e3:9b:4c:2e:
67:41:c8:49:91:a3:1c:00:21:94:65:c3:f6:ff:1a:
b3:b7:6c:73:d1:43:44:9d:c1:b9:d9:60:24:a7:b4:
27:5b:30:fc:60:7e:a5:34:1d:a7:52:91:b8:02:49:
99:1c:07:6e:59:33:6a:b5:07:e8:94:b8:c8:d1:bc:
34:dd:d8:3c:ab:d1:90:23:92:f6:9c:4c:9e:2d:df:
20:c3:f3:db:da:5e:ab:cd:cd:34:ce:e3:fd:9d:d3:
01:4a:22:a5:91:21:71:f5:29:4c:7e:fc:2b:fa:24:
a1:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:B1:63:0B:1F:23:12:B6:A5:6C:DA:4F:AF:8F:D3:3F:B2:3F:F4:65
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/QLFjCx8jEralbNpPr4_TP7I_9GU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
04:a8:17:de:71:9f:68:e0:77:51:aa:27:00:55:d3:e5:60:b2:
de:5c:c1:69:8e:85:7a:df:04:7c:65:da:3b:a4:45:c4:6c:7b:
a3:e7:e6:42:f1:4f:87:cc:36:12:7c:ab:ad:07:fa:95:7b:5d:
40:70:a7:ad:b4:f0:01:59:05:df:97:a0:ae:22:20:cd:29:29:
da:5d:58:2b:0e:48:4d:ce:b3:dc:cb:da:d7:ad:b5:94:22:75:
19:cb:8c:fb:89:73:ac:87:c1:c4:3b:59:af:35:51:01:d8:2d:
75:fc:22:cb:e6:a6:83:cd:91:3e:6e:fa:f0:18:7b:b8:99:db:
c5:9a:86:21:df:ee:c2:5d:9d:b7:89:1c:93:60:06:92:47:2f:
9b:48:c9:a4:f8:ad:be:12:b2:fb:97:3b:86:68:42:38:30:3e:
ef:8b:7c:08:54:a3:23:db:59:f4:d5:00:8c:8d:71:82:62:91:
f4:89:03:47:9d:a0:27:43:08:2a:a8:00:79:b1:ae:8b:b6:f6:
82:4e:06:e6:f1:0d:cc:3a:95:4c:2f:c9:72:96:20:11:b2:ea:
ee:09:a5:2a:b4:d5:2f:f5:d3:70:91:00:33:1c:e3:ba:f6:dd:
a0:0f:78:6b:d1:ac:4f:a5:3c:9f:b3:62:f5:9f:ce:03:23:b1:
be:18:2f:1c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpqz/ZWHu6aA261z/7ULOHHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA2MTQwNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGIxNjMwYjFmMjMxMmI2YTU2Y2RhNGZhZjhmZDMzZmIyM2ZmNDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkBe/StnU50qVnSQjxg7uf/tZCGV
zv3CvxlawkSU24S4ILBRXC76Ow2snU3c11nrFk4ob0F6fLT43jiX3xkAvUrlwBSc
FcukQOdCe76cn6ee6fv1gNf0FH7VLukGlM/NRT3q3+WQxMVW8hB/fqw37QiurHVc
jOHA6zkZSlowIjI4bMHxXt9Z05hVjuuUMD1u7+ObTC5nQchJkaMcACGUZcP2/xqz
t2xz0UNEncG52WAkp7QnWzD8YH6lNB2nUpG4AkmZHAduWTNqtQfolLjI0bw03dg8
q9GQI5L2nEyeLd8gw/Pb2l6rzc00zuP9ndMBSiKlkSFx9SlMfvwr+iShqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFECxYwsfIxK2pWzaT6+P0z+yP/RlMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvUUxGakN4OGpFcmFsYk5wUHI0X1RQN0lfOUdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAASoF95xn2jgd1GqJwBV
0+Vgst5cwWmOhXrfBHxl2jukRcRse6Pn5kLxT4fMNhJ8q60H+pV7XUBwp6208AFZ
Bd+XoK4iIM0pKdpdWCsOSE3Os9zL2tettZQidRnLjPuJc6yHwcQ7Wa81UQHYLXX8
IsvmpoPNkT5u+vAYe7iZ28WahiHf7sJdnbeJHJNgBpJHL5tIyaT4rb4SsvuXO4Zo
QjgwPu+LfAhUoyPbWfTVAIyNcYJikfSJA0edoCdDCCqoAHmxrou29oJOBubxDcw6
lUwvyXKWIBGy6u4JpSq01S/103CRADMc47r23aAPeGvRrE+lPJ+zYvWfzgMjsb4Y
Lxw=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:32:20 2025 by rpki-client