Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Q5W4EY7Yj17jggS1u0n1kCiKxKU.roa
File: Q5W4EY7Yj17jggS1u0n1kCiKxKU.roa (raw, json)
Hash identifier: rLzYDrht7hOLtx1UwB6B8abXjxOZvcBpA8ZZ7NR5Zls=
Subject key identifier: 43:95:B8:11:8E:D8:8F:5E:E3:82:04:B5:BB:49:F5:90:28:8A:C4:A5
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0181E872723C74F797F0FB106ABF56A6C898
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Q5W4EY7Yj17jggS1u0n1kCiKxKU.roa
Signing time: Sun 10 Jul 2022 14:10:23 +0000
ROA not before: Sun 10 Jul 2022 14:10:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:e8:72:72:3c:74:f7:97:f0:fb:10:6a:bf:56:a6:c8:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 10 14:10:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4395b8118ed88f5ee38204b5bb49f590288ac4a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ed:cb:45:c9:bd:7d:d6:85:37:32:26:3a:d5:
5f:e8:8c:18:fe:a1:be:00:9b:74:3d:bb:9e:21:9c:
b2:c0:b7:fe:f9:3a:86:58:30:c0:22:75:79:d5:eb:
7e:56:68:06:a4:be:d0:78:2e:c7:6c:82:bb:05:dd:
29:7f:3f:99:29:57:ef:8c:3c:ee:6e:bf:80:0b:c1:
6b:9b:eb:36:91:6d:2d:18:46:5f:b1:31:51:07:1c:
03:2d:98:b4:7a:e3:9a:e4:b9:65:58:54:c6:34:02:
b5:49:12:43:2c:40:27:a8:2b:8e:6a:5e:e6:0d:0b:
05:d4:ab:6d:36:a4:7a:9f:88:53:81:6b:d9:2c:f8:
ac:b4:92:7d:07:5f:ea:2b:ab:77:28:d4:1f:5d:55:
53:ef:73:e7:ac:1a:f1:76:d3:70:52:de:75:0e:87:
43:c7:41:b9:88:a4:44:42:5c:dc:17:c1:81:4e:1d:
b5:d6:f3:52:7a:38:e9:2d:2a:99:c5:2a:7f:e7:df:
c7:8f:85:5a:0b:34:cd:b7:8a:6f:0d:c4:54:0b:b7:
ae:27:a7:9e:69:90:cf:2e:bb:4a:09:9f:d1:82:49:
0a:ef:74:99:9d:00:a7:76:36:a3:0e:44:f1:e7:c0:
ec:9f:54:1b:60:31:be:0b:37:a1:b4:81:f4:72:9b:
96:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:95:B8:11:8E:D8:8F:5E:E3:82:04:B5:BB:49:F5:90:28:8A:C4:A5
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Q5W4EY7Yj17jggS1u0n1kCiKxKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7d:70:71:90:fc:e9:74:be:e6:80:99:29:6f:11:e2:e5:9c:04:
c1:27:19:14:20:08:47:ea:4a:e9:db:87:76:16:91:58:9e:c8:
55:58:ca:f7:c2:de:be:4d:08:fb:e7:d6:f8:95:58:d1:d7:cc:
73:11:0e:ac:f0:3e:38:31:d9:99:a9:b3:c8:de:93:69:13:56:
44:ed:16:fa:26:17:61:80:38:78:df:f2:45:d7:f9:35:70:cc:
f4:41:86:6d:09:e9:e7:44:53:8c:e0:76:22:35:eb:2b:c2:a6:
4f:d2:17:2a:31:e3:af:5b:4b:d2:87:ab:47:7d:62:65:5f:1b:
2f:04:02:ec:ba:91:ca:3c:1c:bf:8a:d4:15:d2:c3:46:bb:f8:
a9:92:3e:42:5e:60:29:b4:af:12:d3:2d:47:91:02:4a:22:ae:
47:46:c7:3b:a9:08:ba:06:bd:e9:2b:21:7c:b0:d9:02:90:32:
e4:af:81:bf:7b:e2:5c:06:4d:ab:e2:4a:0c:be:f3:8d:db:c8:
33:fb:fa:46:03:4a:f7:c5:94:c0:b0:51:58:16:27:0b:b4:d0:
68:da:dc:50:8a:91:49:96:b8:32:52:9f:4d:1a:90:46:66:a1:
59:6a:ac:f1:40:b0:e3:3e:fc:e4:44:6b:c8:da:58:57:d5:e9:
8b:f5:0d:7a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYHocnI8dPeX8PsQar9WpsiYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwNzEwMTQxMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mzk1YjgxMThlZDg4ZjVlZTM4MjA0YjViYjQ5ZjU5MDI4OGFjNGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+3LRcm9fdaFNzImOtVf6IwY/qG+
AJt0PbueIZyywLf++TqGWDDAInV51et+VmgGpL7QeC7HbIK7Bd0pfz+ZKVfvjDzu
br+AC8Frm+s2kW0tGEZfsTFRBxwDLZi0euOa5LllWFTGNAK1SRJDLEAnqCuOal7m
DQsF1KttNqR6n4hTgWvZLPistJJ9B1/qK6t3KNQfXVVT73PnrBrxdtNwUt51DodD
x0G5iKREQlzcF8GBTh211vNSejjpLSqZxSp/59/Hj4VaCzTNt4pvDcRUC7euJ6ee
aZDPLrtKCZ/RgkkK73SZnQCndjajDkTx58Dsn1QbYDG+CzehtIH0cpuWpQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEOVuBGO2I9e44IEtbtJ9ZAoisSlMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUTVXNEVZN1lqMTdqZ2dTMXUwbjFrQ2lLeEtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH1wcZD86XS+5oCZKW8R
4uWcBMEnGRQgCEfqSunbh3YWkVieyFVYyvfC3r5NCPvn1viVWNHXzHMRDqzwPjgx
2Zmps8jek2kTVkTtFvomF2GAOHjf8kXX+TVwzPRBhm0J6edEU4zgdiI16yvCpk/S
Fyox469bS9KHq0d9YmVfGy8EAuy6kco8HL+K1BXSw0a7+KmSPkJeYCm0rxLTLUeR
AkoirkdGxzupCLoGvekrIXyw2QKQMuSvgb974lwGTaviSgy+843byDP7+kYDSvfF
lMCwUVgWJwu00Gja3FCKkUmWuDJSn00akEZmoVlqrPFAsOM+/OREa8jaWFfV6Yv1
DXo=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:42:15 2025 by rpki-client