Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qqIO-20glWnjpVfkSK3JtDTTVQ0.roa
File: qqIO-20glWnjpVfkSK3JtDTTVQ0.roa (raw, json)
Hash identifier: inFuu8ZR8NJU4oJgDINvIDs7VGUFFr5IlWMqxYw09pA=
Subject key identifier: AA:A2:0E:FB:6D:20:95:69:E3:A5:57:E4:48:AD:C9:B4:34:D3:55:0D
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A50D8DEA7160792621D9A49E63363727C
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qqIO-20glWnjpVfkSK3JtDTTVQ0.roa
Signing time: Fri 01 Sep 2023 13:05:04 +0000
ROA not before: Fri 01 Sep 2023 13:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:50d8:283e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:50:d8:de:a7:16:07:92:62:1d:9a:49:e6:33:63:72:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 1 13:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aaa20efb6d209569e3a557e448adc9b434d3550d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:bf:f9:71:47:c9:d1:d9:3b:a7:48:cf:82:ec:
7f:59:23:85:be:39:a6:fd:1c:8b:75:be:1e:d3:a2:
de:22:7c:ca:dc:28:a2:ab:79:b4:eb:97:33:0a:79:
14:8c:79:52:73:1f:06:10:05:f3:40:7f:56:19:25:
cf:98:69:0d:70:9f:42:b5:6b:f6:b3:bd:04:2c:5d:
af:07:77:52:ef:64:5c:f5:f5:e1:6d:9b:cf:aa:59:
66:86:0e:c4:84:dd:b3:56:e8:82:c7:d5:12:0f:76:
df:18:43:b5:c4:1d:ed:b2:a4:85:1b:95:67:fb:fb:
c6:92:0c:a5:43:12:11:99:71:77:f8:c9:19:ab:0e:
83:d3:25:81:d9:9a:9f:1d:9f:ba:3c:18:78:6e:5e:
46:ba:dd:46:c2:e4:ad:d8:06:bc:c3:85:f3:fc:06:
3d:19:62:9e:76:bb:21:60:f3:6e:f1:de:99:aa:b9:
4a:26:06:10:6d:37:2a:e2:fc:64:a6:ce:c4:b1:88:
d3:9e:01:a5:a6:42:8e:31:88:4c:b6:b7:49:22:6e:
2a:bc:3f:ff:c5:bc:04:52:bd:c6:f0:9f:98:51:2d:
8d:51:ee:53:9e:9b:d5:c6:df:7f:21:bd:b6:0a:d4:
a6:74:c7:09:eb:c5:5f:d2:ed:6c:4a:db:12:01:8b:
49:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:A2:0E:FB:6D:20:95:69:E3:A5:57:E4:48:AD:C9:B4:34:D3:55:0D
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qqIO-20glWnjpVfkSK3JtDTTVQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
24:1f:9b:05:9c:53:5d:32:4e:b8:88:ee:a2:88:ce:94:46:21:
04:1a:4e:10:d7:48:e7:ac:1e:94:7a:b4:cd:f9:25:f2:d6:43:
fd:cc:f6:b5:09:9a:58:1c:8e:3d:7e:a3:0e:ba:a4:1c:65:82:
61:99:3a:c6:36:55:f0:c7:ba:22:c6:a8:c7:d8:61:1c:f0:46:
57:5b:a3:35:97:76:3f:c1:04:ab:c2:81:96:ec:69:75:e6:5a:
f3:46:7e:10:20:ed:6b:25:94:07:c3:5d:08:41:d8:d4:3b:1a:
fe:36:2d:94:7e:47:5e:82:45:00:46:21:a8:78:67:79:27:78:
2e:86:f8:c5:f8:04:3d:19:c8:90:a9:32:06:1f:d2:82:71:e4:
78:37:ce:cf:21:d5:5e:71:48:2c:82:57:60:e3:4d:b0:f4:c8:
cd:9e:a4:66:21:13:e3:94:60:84:ac:72:3d:0c:53:13:ca:0e:
50:41:b4:e5:9d:b3:3d:3b:f6:d3:49:b3:aa:70:0f:ae:d7:fb:
5f:09:b2:fc:a4:92:59:42:f7:7b:5c:7a:e9:1f:4e:54:f4:25:
53:db:1d:4c:58:97:a9:65:b9:13:ce:1c:e1:37:ba:ef:e6:1e:
a9:37:4c:d4:de:96:3c:0d:73:98:0f:c4:d5:26:71:25:2d:c2:
47:5e:2f:17
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpQ2N6nFgeSYh2aSeYzY3J8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTAxMTMwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWEyMGVmYjZkMjA5NTY5ZTNhNTU3ZTQ0OGFkYzliNDM0ZDM1NTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmb/5cUfJ0dk7p0jPgux/WSOFvjmm
/RyLdb4e06LeInzK3Ciiq3m065czCnkUjHlScx8GEAXzQH9WGSXPmGkNcJ9CtWv2
s70ELF2vB3dS72Rc9fXhbZvPqllmhg7EhN2zVuiCx9USD3bfGEO1xB3tsqSFG5Vn
+/vGkgylQxIRmXF3+MkZqw6D0yWB2ZqfHZ+6PBh4bl5Gut1GwuSt2Aa8w4Xz/AY9
GWKedrshYPNu8d6ZqrlKJgYQbTcq4vxkps7EsYjTngGlpkKOMYhMtrdJIm4qvD//
xbwEUr3G8J+YUS2NUe5TnpvVxt9/Ib22CtSmdMcJ68Vf0u1sStsSAYtJRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKqiDvttIJVp46VX5EitybQ001UNMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvcXFJTy0yMGdsV25qcFZma1NLM0p0RFRUVlEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACQfmwWcU10yTriI7qKI
zpRGIQQaThDXSOesHpR6tM35JfLWQ/3M9rUJmlgcjj1+ow66pBxlgmGZOsY2VfDH
uiLGqMfYYRzwRldbozWXdj/BBKvCgZbsaXXmWvNGfhAg7WsllAfDXQhB2NQ7Gv42
LZR+R16CRQBGIah4Z3kneC6G+MX4BD0ZyJCpMgYf0oJx5Hg3zs8h1V5xSCyCV2Dj
TbD0yM2epGYhE+OUYISscj0MUxPKDlBBtOWdsz079tNJs6pwD67X+18JsvykkllC
93tceukfTlT0JVPbHUxYl6lluRPOHOE3uu/mHqk3TNTeljwNc5gPxNUmcSUtwkde
Lxc=
-----END CERTIFICATE-----
Generated at Mon May 12 23:26:41 2025 by rpki-client