Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Q3C4H_kzEgRF3j-WyJavKirbpl0.roa
File: Q3C4H_kzEgRF3j-WyJavKirbpl0.roa (raw, json)
Hash identifier: DQLdNCl/n+gP9eey1E/1+fjgp8KKZJ6zA8191WTtwlc=
Subject key identifier: 43:70:B8:1F:F9:33:12:04:45:DE:3F:96:C8:96:AF:2A:2A:DB:A6:5D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185CC837086F92BA17D1CE6346F84F490D1
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Q3C4H_kzEgRF3j-WyJavKirbpl0.roa
Signing time: Fri 20 Jan 2023 00:10:44 +0000
ROA not before: Fri 20 Jan 2023 00:10:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:cc:83:70:86:f9:2b:a1:7d:1c:e6:34:6f:84:f4:90:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 20 00:10:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4370b81ff933120445de3f96c896af2a2adba65d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:90:68:ec:16:cd:aa:b8:6a:2f:e9:66:43:21:
48:77:70:e0:90:a2:61:0a:27:22:9a:98:ee:9c:27:
94:01:1f:a4:ed:ee:c0:9b:55:91:bc:8d:8b:ba:fa:
5c:88:1c:d8:91:7d:88:32:43:e9:8a:1b:f5:9d:e6:
c1:89:80:0a:e3:48:b7:1d:cd:e7:36:43:bd:4a:37:
15:98:03:cb:95:98:18:23:fd:1c:af:d5:fc:bc:46:
85:77:f8:65:cc:dc:b2:89:c6:f6:18:5e:5f:d9:ac:
f3:37:3e:83:58:14:76:53:9d:ab:fb:9d:48:aa:09:
c7:28:da:50:d4:04:e7:7f:b5:6f:f2:fd:68:ab:63:
4f:e6:80:7e:6e:5d:40:75:f3:b6:74:67:19:85:80:
d8:d6:53:16:1a:59:b1:ef:31:81:da:8f:b1:ff:42:
d2:fa:99:78:a9:44:08:f4:9f:9f:ab:c0:93:c4:cc:
cb:0d:50:80:9d:6c:75:11:4b:77:96:8b:b2:5d:d6:
45:ef:83:79:8f:96:5b:d3:20:dc:5e:c6:e1:1a:87:
9b:18:c3:25:9d:d9:3e:50:90:a1:0a:e6:a5:87:2b:
1a:16:3a:91:ca:fc:a5:44:f6:3a:d6:fb:f0:46:3d:
e2:10:7e:cb:f6:ab:eb:b1:73:01:3c:b0:91:9a:3f:
2b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:70:B8:1F:F9:33:12:04:45:DE:3F:96:C8:96:AF:2A:2A:DB:A6:5D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Q3C4H_kzEgRF3j-WyJavKirbpl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:1b:1d:e3:d3:27:d3:02:3f:fd:80:93:c0:0d:31:c9:af:1e:
5e:09:e1:f5:52:ea:83:8e:28:79:24:00:99:fd:4a:aa:77:dd:
2c:f3:cd:c6:42:51:86:38:04:22:c3:cb:75:46:d0:f3:d3:8a:
fc:b1:78:ad:f9:6d:d3:39:e7:de:53:12:d3:bd:a8:cd:78:c6:
40:d3:34:20:cd:08:c3:53:81:35:8c:71:6c:3c:14:02:9d:11:
3e:8a:a9:68:04:70:e3:a9:4c:29:48:1f:50:ab:62:71:bc:b1:
79:57:4d:24:b0:0c:03:d4:23:e8:27:97:a3:b2:4a:b2:2d:48:
01:a3:62:c2:2c:09:2a:11:a1:22:32:7c:fd:15:21:f8:b4:2b:
09:34:1a:d0:86:b7:d0:10:f8:51:05:8d:98:26:a3:11:40:65:
b2:43:8c:5f:72:22:3e:4a:ee:db:9b:bc:9e:b2:0f:63:4d:92:
f1:c0:52:5f:20:33:d0:d9:86:06:21:3b:0a:6f:ae:03:13:68:
62:3a:30:01:f5:f5:03:c9:c5:ba:b8:49:75:ad:3b:98:63:03:
de:15:b2:6c:25:a4:a2:23:b3:b4:9d:0c:0d:9d:71:ad:84:16:
83:f0:ad:f0:08:c1:9c:ae:25:6e:26:c2:d0:96:b8:b1:71:00:
96:83:71:1f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXMg3CG+SuhfRzmNG+E9JDRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTIwMDAxMDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzcwYjgxZmY5MzMxMjA0NDVkZTNmOTZjODk2YWYyYTJhZGJhNjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJBo7BbNqrhqL+lmQyFId3DgkKJh
CicimpjunCeUAR+k7e7Am1WRvI2LuvpciBzYkX2IMkPpihv1nebBiYAK40i3Hc3n
NkO9SjcVmAPLlZgYI/0cr9X8vEaFd/hlzNyyicb2GF5f2azzNz6DWBR2U52r+51I
qgnHKNpQ1ATnf7Vv8v1oq2NP5oB+bl1AdfO2dGcZhYDY1lMWGlmx7zGB2o+x/0LS
+pl4qUQI9J+fq8CTxMzLDVCAnWx1EUt3louyXdZF74N5j5Zb0yDcXsbhGoebGMMl
ndk+UJChCualhysaFjqRyvylRPY61vvwRj3iEH7L9qvrsXMBPLCRmj8rvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFENwuB/5MxIERd4/lsiWryoq26ZdMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUTNDNEhfa3pFZ1JGM2otV3lKYXZLaXJicGwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGYbHePTJ9MCP/2Ak8AN
McmvHl4J4fVS6oOOKHkkAJn9Sqp33SzzzcZCUYY4BCLDy3VG0PPTivyxeK35bdM5
595TEtO9qM14xkDTNCDNCMNTgTWMcWw8FAKdET6KqWgEcOOpTClIH1CrYnG8sXlX
TSSwDAPUI+gnl6OySrItSAGjYsIsCSoRoSIyfP0VIfi0Kwk0GtCGt9AQ+FEFjZgm
oxFAZbJDjF9yIj5K7tubvJ6yD2NNkvHAUl8gM9DZhgYhOwpvrgMTaGI6MAH19QPJ
xbq4SXWtO5hjA94VsmwlpKIjs7SdDA2dca2EFoPwrfAIwZyuJW4mwtCWuLFxAJaD
cR8=
-----END CERTIFICATE-----
Generated at Thu May 1 08:27:43 2025 by rpki-client