Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DqzKGQoUYnBlKCBU7QZPEPxw710.roa
File: DqzKGQoUYnBlKCBU7QZPEPxw710.roa (raw, json)
Hash identifier: JHWMKeyoxWkXe3A41mUHiz3El3wqod4soIl85j45Ahw=
Subject key identifier: 0E:AC:CA:19:0A:14:62:70:65:28:20:54:ED:06:4F:10:FC:70:EF:5D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01870F7484736EA6504339C1F4AD6C254152
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DqzKGQoUYnBlKCBU7QZPEPxw710.roa
Signing time: Thu 23 Mar 2023 17:11:46 +0000
ROA not before: Thu 23 Mar 2023 17:11:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0f:74:84:73:6e:a6:50:43:39:c1:f4:ad:6c:25:41:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 23 17:11:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0eacca190a14627065282054ed064f10fc70ef5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a0:51:7d:9c:ac:59:28:c0:b4:49:24:64:6c:
3f:56:43:41:9c:bf:50:73:46:34:68:36:00:70:c6:
f9:75:4d:b9:14:e3:3c:24:bf:3b:db:9a:ca:d1:c5:
2e:10:86:d1:66:54:1c:09:11:ea:c3:46:b0:e2:6a:
e2:a5:95:c8:45:b4:61:f8:63:f3:e6:c6:02:1f:fc:
f8:25:88:43:da:a8:4d:e1:ce:34:30:0d:6b:10:dc:
f7:f1:a3:f2:9e:67:b3:12:1c:f1:b8:96:f9:25:2d:
44:52:f7:43:77:62:f4:fa:f7:70:bf:3d:d5:cc:bc:
f1:69:19:03:34:49:70:c9:73:1d:82:db:0a:a5:be:
fe:81:f1:90:59:d5:8f:7e:4e:7f:ca:e8:85:cc:4f:
72:24:82:c7:f5:f3:07:ab:2b:cd:38:02:53:7f:c5:
1b:93:d2:29:5e:19:73:38:e1:1e:be:b3:e4:0b:a5:
a9:03:9c:a6:81:be:09:89:61:9b:27:32:3c:ae:57:
8c:cc:81:99:8e:0e:25:b8:02:a9:49:78:22:81:36:
7c:82:27:2c:93:12:40:f2:a9:81:07:6e:df:bf:0e:
c0:76:26:83:59:5b:b0:b2:28:d8:10:96:4b:f0:bb:
23:8f:1a:8c:c1:88:b6:dd:30:33:f5:05:48:d3:5b:
9e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:AC:CA:19:0A:14:62:70:65:28:20:54:ED:06:4F:10:FC:70:EF:5D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DqzKGQoUYnBlKCBU7QZPEPxw710.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b1:36:ab:ce:d4:6f:65:bb:43:20:3b:c9:59:65:af:ed:cb:22:
85:5a:5c:05:e6:53:a8:85:f2:d2:da:ac:fc:93:a4:36:b5:b7:
44:1c:2f:e5:08:ad:26:8a:e4:85:60:8d:a7:d7:6b:e4:80:d1:
3c:af:c2:4e:ee:1a:10:51:c7:53:b0:13:51:0b:76:37:f7:1f:
9d:6b:3b:0e:2d:5e:34:77:7f:fa:19:20:e5:47:f5:bf:56:1f:
46:78:41:c6:93:67:d7:51:13:60:f1:d2:a5:fe:ac:3c:a2:bb:
ae:ca:44:88:44:b8:1f:28:23:bf:33:f1:6c:4f:db:55:81:f3:
03:78:fa:71:68:34:0c:b7:05:d7:ca:c9:b0:18:f9:e4:f9:ea:
56:24:a5:2a:02:b8:96:75:37:bd:79:03:f2:d6:16:89:32:53:
7a:19:fb:0f:dd:df:a0:47:93:7b:d3:91:81:c8:10:5f:ec:ee:
af:4e:d7:c1:5c:09:c0:c6:7f:98:50:35:10:2c:d8:40:8d:ee:
c8:e6:da:de:d5:ea:d9:21:3e:11:60:37:7a:20:96:c0:d3:d6:
e6:74:b5:18:80:38:a2:05:cc:cb:02:bd:4a:5c:3a:99:c3:db:
54:47:46:e9:f4:31:74:67:15:f9:42:78:77:6f:17:d0:ca:bf:
a1:78:12:dc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcPdIRzbqZQQznB9K1sJUFSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzIzMTcxMTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWFjY2ExOTBhMTQ2MjcwNjUyODIwNTRlZDA2NGYxMGZjNzBlZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKBRfZysWSjAtEkkZGw/VkNBnL9Q
c0Y0aDYAcMb5dU25FOM8JL8725rK0cUuEIbRZlQcCRHqw0aw4mripZXIRbRh+GPz
5sYCH/z4JYhD2qhN4c40MA1rENz38aPynmezEhzxuJb5JS1EUvdDd2L0+vdwvz3V
zLzxaRkDNElwyXMdgtsKpb7+gfGQWdWPfk5/yuiFzE9yJILH9fMHqyvNOAJTf8Ub
k9IpXhlzOOEevrPkC6WpA5ymgb4JiWGbJzI8rleMzIGZjg4luAKpSXgigTZ8gics
kxJA8qmBB27fvw7AdiaDWVuwsijYEJZL8LsjjxqMwYi23TAz9QVI01ueAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA6syhkKFGJwZSggVO0GTxD8cO9dMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRHF6S0dRb1VZbkJsS0NCVTdRWlBFUHh3NzEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALE2q87Ub2W7QyA7yVll
r+3LIoVaXAXmU6iF8tLarPyTpDa1t0QcL+UIrSaK5IVgjafXa+SA0Tyvwk7uGhBR
x1OwE1ELdjf3H51rOw4tXjR3f/oZIOVH9b9WH0Z4QcaTZ9dRE2Dx0qX+rDyiu67K
RIhEuB8oI78z8WxP21WB8wN4+nFoNAy3BdfKybAY+eT56lYkpSoCuJZ1N715A/LW
FokyU3oZ+w/d36BHk3vTkYHIEF/s7q9O18FcCcDGf5hQNRAs2ECN7sjm2t7V6tkh
PhFgN3oglsDT1uZ0tRiAOKIFzMsCvUpcOpnD21RHRun0MXRnFflCeHdvF9DKv6F4
Etw=
-----END CERTIFICATE-----
Generated at Thu May 1 22:55:49 2025 by rpki-client