Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0qcJpaCN3aKcjNMpz8U3vWZMoJE.roa
File: 0qcJpaCN3aKcjNMpz8U3vWZMoJE.roa (raw, json)
Hash identifier: b/bK2lCbaLEnu+FvB+g7+2C/A9jSsicPz5lL1EpGobo=
Subject key identifier: D2:A7:09:A5:A0:8D:DD:A2:9C:8C:D3:29:CF:C5:37:BD:66:4C:A0:91
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01857FE43B63A0FBAEA6D27F8745963C4C01
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0qcJpaCN3aKcjNMpz8U3vWZMoJE.roa
Signing time: Thu 05 Jan 2023 03:05:41 +0000
ROA not before: Thu 05 Jan 2023 03:05:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:7fe4:285/128 maxlen: 128
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7f:e4:3b:63:a0:fb:ae:a6:d2:7f:87:45:96:3c:4c:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 5 03:05:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2a709a5a08ddda29c8cd329cfc537bd664ca091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:82:e5:83:9c:9a:3f:2b:90:df:f7:ca:c7:a5:
e1:de:08:6d:89:7f:7a:cd:00:0c:cf:a1:e6:aa:23:
01:69:7e:6f:2b:46:36:51:0a:c0:54:fa:e1:43:c8:
42:ee:db:7c:bd:63:e9:84:2e:52:02:1a:dc:90:3c:
d2:bb:07:77:be:58:e5:a2:bd:9c:68:e6:2a:0f:de:
19:26:b9:16:27:3f:82:8f:fd:de:82:13:9d:5f:95:
55:f2:7a:69:72:12:bd:73:7a:9f:d0:c0:f2:31:b8:
0c:8e:ec:58:51:a8:41:65:a1:de:0d:09:04:52:9d:
ed:51:c5:ef:ab:47:00:c7:3e:d8:ff:eb:55:88:9c:
9d:db:f8:9e:fc:49:fe:b8:98:05:05:83:16:c6:33:
85:64:f8:26:b3:56:0c:d3:57:1e:0f:09:36:fc:1b:
de:4b:be:62:b9:28:ca:bb:62:99:e5:08:cf:5c:9d:
ca:74:2c:b9:d8:5b:2a:a7:58:0f:0a:bc:8b:8d:e7:
a5:88:d3:96:fa:43:d3:63:05:09:85:20:fa:97:d4:
66:d9:77:0c:ea:84:c5:28:59:c1:24:f0:3b:dd:c3:
1c:bc:9b:a0:55:cd:85:da:82:c4:0a:a9:08:2f:c5:
3a:75:81:e6:df:ce:ce:5c:fc:56:24:e6:cb:59:06:
fd:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:A7:09:A5:A0:8D:DD:A2:9C:8C:D3:29:CF:C5:37:BD:66:4C:A0:91
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0qcJpaCN3aKcjNMpz8U3vWZMoJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a4:df:36:50:1e:cb:bb:e4:d6:60:72:f7:6d:d1:25:4d:00:89:
8c:09:11:44:95:2f:4b:4a:72:da:ef:cf:f8:83:b7:84:b9:d4:
f4:04:25:a7:2c:06:31:07:ad:b5:48:16:d4:71:5f:ac:69:80:
71:d2:7f:a3:85:2b:49:cf:72:f4:20:bb:87:61:8e:29:79:1a:
02:f6:33:9e:90:b3:e3:51:9e:87:fb:c5:53:04:85:0b:be:98:
3c:22:d7:5b:67:fb:a2:90:b0:9d:a6:bb:f6:6b:cd:66:0f:12:
da:9f:cb:b9:b5:ff:03:99:91:d1:be:38:41:5c:58:a2:f5:20:
fe:2c:34:5b:a4:44:ca:35:06:95:7d:8d:0a:8c:a8:90:9f:cd:
64:04:99:8a:a0:57:f3:d1:a6:b9:da:90:06:43:62:4e:60:81:
f1:05:93:67:92:b8:ac:5e:ee:87:57:6b:c9:0f:1f:26:fd:56:
e4:28:20:f0:73:b2:1b:d4:46:a3:4b:89:be:85:85:39:05:32:
c8:b8:d1:ce:97:82:55:af:75:ba:19:e8:3a:54:5e:99:94:2b:
5c:70:4c:d8:91:01:a1:c6:51:d5:a7:20:f5:b5:05:90:7c:04:
a4:a8:38:53:3b:ef:e7:b7:bd:ca:be:43:f5:47:3d:a4:85:1f:
05:d9:cb:81
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYV/5DtjoPuuptJ/h0WWPEwBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA1MDMwNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmE3MDlhNWEwOGRkZGEyOWM4Y2QzMjljZmM1MzdiZDY2NGNhMDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoLlg5yaPyuQ3/fKx6Xh3ghtiX96
zQAMz6HmqiMBaX5vK0Y2UQrAVPrhQ8hC7tt8vWPphC5SAhrckDzSuwd3vljlor2c
aOYqD94ZJrkWJz+Cj/3eghOdX5VV8nppchK9c3qf0MDyMbgMjuxYUahBZaHeDQkE
Up3tUcXvq0cAxz7Y/+tViJyd2/ie/En+uJgFBYMWxjOFZPgms1YM01ceDwk2/Bve
S75iuSjKu2KZ5QjPXJ3KdCy52Fsqp1gPCryLjeeliNOW+kPTYwUJhSD6l9Rm2XcM
6oTFKFnBJPA73cMcvJugVc2F2oLECqkIL8U6dYHm387OXPxWJObLWQb9UwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNKnCaWgjd2inIzTKc/FN71mTKCRMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMHFjSnBhQ04zYUtjak5NcHo4VTN2V1pNb0pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKTfNlAey7vk1mBy923R
JU0AiYwJEUSVL0tKctrvz/iDt4S51PQEJacsBjEHrbVIFtRxX6xpgHHSf6OFK0nP
cvQgu4dhjil5GgL2M56Qs+NRnof7xVMEhQu+mDwi11tn+6KQsJ2mu/ZrzWYPEtqf
y7m1/wOZkdG+OEFcWKL1IP4sNFukRMo1BpV9jQqMqJCfzWQEmYqgV/PRprnakAZD
Yk5ggfEFk2eSuKxe7odXa8kPHyb9VuQoIPBzshvURqNLib6FhTkFMsi40c6XglWv
dboZ6DpUXpmUK1xwTNiRAaHGUdWnIPW1BZB8BKSoOFM77+e3vcq+Q/VHPaSFHwXZ
y4E=
-----END CERTIFICATE-----
Generated at Thu May 1 20:55:45 2025 by rpki-client