Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/GqKLL5SHmxDW1JLpo6-udIC9Prw.roa
File: GqKLL5SHmxDW1JLpo6-udIC9Prw.roa (raw, json)
Hash identifier: CzPNofM4se5v8ZcQkw7bC5JP0eg63UcIXNJWdyC9Q/U=
Subject key identifier: 1A:A2:8B:2F:94:87:9B:10:D6:D4:92:E9:A3:AF:AE:74:80:BD:3E:BC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01855A1F5987AEB7DE2B87FB27E7B4B3980C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/GqKLL5SHmxDW1JLpo6-udIC9Prw.roa
Signing time: Wed 28 Dec 2022 19:04:42 +0000
ROA not before: Wed 28 Dec 2022 19:04:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:185:5a1e:d863/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5a:1f:59:87:ae:b7:de:2b:87:fb:27:e7:b4:b3:98:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 28 19:04:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1aa28b2f94879b10d6d492e9a3afae7480bd3ebc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ac:44:76:2d:83:64:84:46:90:46:74:86:8b:
12:ed:b4:ae:ea:76:55:9c:49:f1:dc:0c:b0:de:9e:
4b:15:b4:50:ff:82:86:9a:c8:c6:cb:15:30:b0:85:
b9:60:4c:c7:3a:13:6d:00:a7:8f:9f:c6:ed:d5:1a:
89:a0:bf:7d:5f:34:da:38:78:61:ed:e5:21:8b:a3:
7e:25:48:6f:b0:ba:d4:7c:32:3c:7d:4f:23:ab:c7:
ef:e9:96:c6:ea:c8:31:7a:97:55:00:76:ec:1e:47:
91:a2:fe:9b:be:1c:46:13:36:74:b5:67:71:c7:c0:
91:60:7b:56:4c:3f:82:52:45:c8:a0:09:e7:08:2a:
0c:ad:29:62:24:35:61:c6:c8:85:19:3a:46:2a:8b:
68:52:82:af:b3:02:f1:40:6a:15:b0:3a:99:28:08:
c4:17:c2:59:6b:6a:51:12:ee:36:42:f0:f1:fd:80:
2b:56:f5:2a:2d:e9:26:02:a1:84:9b:26:17:0c:57:
cf:c1:86:4b:07:bd:01:18:9e:03:4e:7f:37:13:cd:
c8:21:2d:6e:31:c8:58:93:d8:62:8c:ac:a0:ff:b2:
40:fa:6e:81:ca:02:e8:c9:c0:7c:b6:d4:07:17:cd:
0f:90:6e:14:d8:66:17:fd:66:cb:8a:b2:6a:2d:1d:
19:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:A2:8B:2F:94:87:9B:10:D6:D4:92:E9:A3:AF:AE:74:80:BD:3E:BC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/GqKLL5SHmxDW1JLpo6-udIC9Prw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9a:bb:88:94:18:27:05:e7:b8:83:65:7d:a8:30:d0:0b:75:94:
e3:63:8a:d6:ce:1b:ea:6d:55:71:b2:10:68:41:37:dc:92:f3:
9e:98:4f:d5:a5:b5:d7:3f:78:ed:fc:47:1f:47:95:dc:6a:b8:
8f:a6:b3:92:43:cb:fe:4a:c7:18:d1:bb:98:ea:95:dc:f9:7b:
c5:d1:e5:92:d2:11:59:1b:7c:b5:a8:d8:23:9a:22:1c:1c:b0:
74:45:bd:11:b5:97:e9:28:24:e9:ee:72:92:3c:b1:bf:61:74:
65:ca:dc:7b:8d:9a:34:3e:5a:e5:1a:8a:69:b6:60:6b:05:43:
e0:fa:fb:4a:11:92:d4:1c:50:27:4c:af:00:ff:85:c9:ae:59:
ca:b7:1d:7f:07:aa:0b:2f:00:4c:95:40:92:80:00:7f:c3:2f:
2a:eb:85:1a:d0:ca:aa:77:63:7f:0d:c9:79:59:1a:b2:50:b1:
96:c6:82:d4:87:f5:9c:29:87:37:9e:ac:1e:64:f5:a1:49:0e:
e3:05:07:a3:39:b8:5f:78:f0:bc:d9:f1:90:8c:26:94:e2:63:
4a:c3:c3:50:7a:56:5d:c4:c8:4c:a7:ef:02:f9:53:cd:f3:38:
af:0f:dd:1e:a6:7f:88:80:69:38:9c:9e:18:ad:8a:bd:24:ed:
09:bc:e8:44
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVaH1mHrrfeK4f7J+e0s5gMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI4MTkwNDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWEyOGIyZjk0ODc5YjEwZDZkNDkyZTlhM2FmYWU3NDgwYmQzZWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqxEdi2DZIRGkEZ0hosS7bSu6nZV
nEnx3Ayw3p5LFbRQ/4KGmsjGyxUwsIW5YEzHOhNtAKePn8bt1RqJoL99XzTaOHhh
7eUhi6N+JUhvsLrUfDI8fU8jq8fv6ZbG6sgxepdVAHbsHkeRov6bvhxGEzZ0tWdx
x8CRYHtWTD+CUkXIoAnnCCoMrSliJDVhxsiFGTpGKotoUoKvswLxQGoVsDqZKAjE
F8JZa2pREu42QvDx/YArVvUqLekmAqGEmyYXDFfPwYZLB70BGJ4DTn83E83IIS1u
MchYk9hijKyg/7JA+m6BygLoycB8ttQHF80PkG4U2GYX/WbLirJqLR0ZoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBqiiy+Uh5sQ1tSS6aOvrnSAvT68MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvR3FLTEw1U0hteERXMUpMcG82LXVkSUM5UHJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJq7iJQYJwXnuINlfagw
0At1lONjitbOG+ptVXGyEGhBN9yS856YT9Wltdc/eO38Rx9HldxquI+ms5JDy/5K
xxjRu5jqldz5e8XR5ZLSEVkbfLWo2COaIhwcsHRFvRG1l+koJOnucpI8sb9hdGXK
3HuNmjQ+WuUaimm2YGsFQ+D6+0oRktQcUCdMrwD/hcmuWcq3HX8HqgsvAEyVQJKA
AH/DLyrrhRrQyqp3Y38NyXlZGrJQsZbGgtSH9ZwphzeerB5k9aFJDuMFB6M5uF94
8LzZ8ZCMJpTiY0rDw1B6Vl3EyEyn7wL5U83zOK8P3R6mf4iAaTicnhitir0k7Qm8
6EQ=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:37:21 2025 by rpki-client