Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Q9g8uZ7A2w3sTSXQgzeqER-7rfQ.roa
File: Q9g8uZ7A2w3sTSXQgzeqER-7rfQ.roa (raw, json)
Hash identifier: 0htlWbHSB12yUQt7XR3PHBPNJYrhf2x4pwhC7z0/o04=
Subject key identifier: 43:D8:3C:B9:9E:C0:DB:0D:EC:4D:25:D0:83:37:AA:11:1F:BB:AD:F4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 6AE8021E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Q9g8uZ7A2w3sTSXQgzeqER-7rfQ.roa
Signing time: Tue 15 Feb 2022 20:20:16 +0000
ROA not before: Tue 15 Feb 2022 20:20:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1793589790 (0x6ae8021e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 15 20:20:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43d83cb99ec0db0dec4d25d08337aa111fbbadf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:66:0b:db:40:5e:73:6b:b2:68:ef:8f:98:43:
d1:f6:b3:cd:41:fd:35:4a:cd:77:64:b1:41:2c:83:
64:c6:38:70:40:89:ba:5b:9e:41:13:ed:59:87:02:
ec:78:18:91:46:63:a4:e8:da:ee:db:5a:78:16:71:
d1:7c:b9:1a:c8:c7:36:03:26:a7:8b:df:34:2d:c7:
aa:ff:e7:d5:81:99:b9:b6:84:b3:6f:48:fb:b2:d5:
22:8c:1d:32:7f:e8:59:bc:54:15:3d:0f:6e:a0:50:
b0:d2:2f:97:6e:1a:80:2f:45:40:e4:8f:40:ee:9f:
27:47:93:99:b8:b2:d2:da:5f:85:97:de:f3:99:e8:
09:3a:dc:b3:6c:59:43:41:9d:d9:71:3d:c6:b3:f2:
58:eb:86:a9:53:ca:2e:4e:26:91:0f:15:d2:de:10:
46:34:e4:6e:25:df:c9:68:11:82:6a:a0:99:eb:1d:
5c:d1:1b:8b:06:60:ee:fc:bc:e1:27:ef:58:33:e2:
4d:24:15:db:8f:f2:df:1f:1c:bb:7e:8a:5d:dc:7b:
82:16:c3:1d:a2:00:ce:70:8f:9b:e3:06:55:22:de:
02:0e:09:f0:ce:65:1e:b9:a1:eb:fa:9f:b6:e7:10:
20:da:b6:6f:d8:98:3b:db:2e:7f:e1:71:65:d7:ca:
46:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D8:3C:B9:9E:C0:DB:0D:EC:4D:25:D0:83:37:AA:11:1F:BB:AD:F4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Q9g8uZ7A2w3sTSXQgzeqER-7rfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a6:34:87:9b:72:2a:95:d9:e5:aa:25:af:17:1a:21:85:0c:1e:
5f:f6:44:d0:44:d8:27:c3:fd:38:52:be:50:97:80:95:2c:82:
e0:8e:ce:07:a0:cd:be:1b:67:c1:4f:8d:ef:7e:1c:2f:85:44:
1f:3d:9a:99:64:5b:1c:d2:6a:56:45:a5:fa:b5:68:e3:06:84:
10:6b:51:d8:08:a5:9c:3b:ca:33:53:ba:30:e4:9a:4f:48:4d:
56:cd:35:42:df:b0:7d:9f:b2:61:78:f5:00:25:16:6f:3d:c6:
c3:c0:6e:64:40:fa:4b:e6:27:07:f1:93:c7:a7:53:76:b8:96:
fb:3c:03:8c:44:59:06:09:01:b7:60:40:bc:5f:d0:1d:ad:d5:
b4:04:e6:f5:7e:97:bb:75:eb:f3:2e:0d:20:f2:e2:4e:85:7e:
14:36:27:9e:9b:45:66:8d:f7:ab:9a:e7:9b:e2:fd:08:dd:c5:
80:3e:88:4a:75:eb:c0:53:49:b8:63:e1:09:5f:96:15:5b:83:
43:4f:22:6b:ff:5d:41:5f:72:8d:82:22:fb:c5:0f:fe:77:40:
81:28:cc:85:f6:66:d3:57:f8:da:20:b1:67:2e:0b:d1:15:75:
e2:86:8f:26:5b:80:88:01:13:33:00:0b:6d:75:88:5b:ce:c6:
38:b0:13:15
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEaugCHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDIx
NTIwMjAxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDNkODNjYjk5ZWMw
ZGIwZGVjNGQyNWQwODMzN2FhMTExZmJiYWRmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMhmC9tAXnNrsmjvj5hD0fazzUH9NUrNd2SxQSyDZMY4cECJ
ulueQRPtWYcC7HgYkUZjpOja7ttaeBZx0Xy5GsjHNgMmp4vfNC3Hqv/n1YGZubaE
s29I+7LVIowdMn/oWbxUFT0PbqBQsNIvl24agC9FQOSPQO6fJ0eTmbiy0tpfhZfe
85noCTrcs2xZQ0Gd2XE9xrPyWOuGqVPKLk4mkQ8V0t4QRjTkbiXfyWgRgmqgmesd
XNEbiwZg7vy84SfvWDPiTSQV24/y3x8cu36KXdx7ghbDHaIAznCPm+MGVSLeAg4J
8M5lHrmh6/qftucQINq2b9iYO9suf+FxZdfKRscCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRD2Dy5nsDbDexNJdCDN6oRH7ut9DAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L1E5Zzh1WjdBMnczc1RTWFFnemVxRVItN3JmUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQCmNIebciqV2eWqJa8XGiGFDB5f9kTQRNgnw/04
Ur5Ql4CVLILgjs4HoM2+G2fBT43vfhwvhUQfPZqZZFsc0mpWRaX6tWjjBoQQa1HY
CKWcO8ozU7ow5JpPSE1WzTVC37B9n7JhePUAJRZvPcbDwG5kQPpL5icH8ZPHp1N2
uJb7PAOMRFkGCQG3YEC8X9AdrdW0BOb1fpe7devzLg0g8uJOhX4UNieem0Vmjfer
mueb4v0I3cWAPohKdevAU0m4Y+EJX5YVW4NDTyJr/11BX3KNgiL7xQ/+d0CBKMyF
9mbTV/jaILFnLgvRFXXiho8mW4CIARMzAAttdYhbzsY4sBMV
-----END CERTIFICATE-----
Generated at Fri May 2 03:56:19 2025 by rpki-client