Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QHMXVFhX3K4AVYS1ZvG7Z-Bq9PA.roa
File: QHMXVFhX3K4AVYS1ZvG7Z-Bq9PA.roa (raw, json)
Hash identifier: x3aT2RshuePkrv1kpMlIIaQ8D3h/YEEhtfNeSDqY2xI=
Subject key identifier: 40:73:17:54:58:57:DC:AE:00:55:84:B5:66:F1:BB:67:E0:6A:F4:F0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01846A4429801449330232BF21DBB3BA89AD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QHMXVFhX3K4AVYS1ZvG7Z-Bq9PA.roa
Signing time: Sat 12 Nov 2022 05:16:02 +0000
ROA not before: Sat 12 Nov 2022 05:16:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:184:51c3:ad7c/128 maxlen: 128
2001:67c:64:ffff:0:184:3fbd:71f7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:184:4250:a4df/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:6a:44:29:80:14:49:33:02:32:bf:21:db:b3:ba:89:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Nov 12 05:16:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=407317545857dcae005584b566f1bb67e06af4f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c7:fb:7f:f6:06:37:fe:9e:cc:01:cc:c7:4b:
ce:b4:7b:e2:d5:57:0e:3d:6e:1b:9d:83:0c:8a:87:
31:1f:37:03:73:51:ae:27:b3:28:37:ed:d8:01:e7:
74:e1:ea:c7:b5:b6:d4:1c:5e:67:c8:b4:98:ea:e2:
dc:c2:84:f4:87:b3:07:95:20:6b:7e:ae:45:2d:f9:
be:16:23:8c:4e:4b:90:bc:29:b5:b0:43:56:22:65:
c5:21:61:43:34:52:ef:a3:53:8a:c9:a5:e8:fa:a9:
4c:8e:a3:d4:12:34:4f:9c:e7:f1:25:a8:2a:b1:e4:
1f:1c:20:d3:89:0f:69:99:57:8f:09:44:78:a5:b6:
6e:d5:4d:c8:83:f7:0f:dd:c3:fe:98:78:fa:d3:18:
c0:ed:b2:6e:43:ef:30:03:5e:04:27:c6:41:3c:2a:
a9:0d:be:a0:10:2b:08:55:99:81:9e:58:68:72:da:
38:25:ac:68:9b:6b:e6:b0:2e:e1:42:1a:94:29:45:
b5:b7:c6:6e:1d:12:ca:8d:5d:e5:42:62:ff:66:de:
2d:1f:77:56:1c:0d:be:17:cd:04:8b:e9:87:29:34:
d3:4e:06:a1:71:d9:7d:fb:6b:fb:1a:36:d2:32:0a:
ef:50:d3:85:76:68:32:57:04:79:c5:dd:74:c7:a8:
6e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:73:17:54:58:57:DC:AE:00:55:84:B5:66:F1:BB:67:E0:6A:F4:F0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QHMXVFhX3K4AVYS1ZvG7Z-Bq9PA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:9f:3f:4c:51:17:4d:88:c4:38:d2:07:e5:1f:c0:be:a1:0a:
9b:95:8f:38:96:74:dc:48:cd:81:01:4a:f3:d1:3f:b5:f8:b6:
f6:d5:9a:55:8a:12:c0:43:e7:a0:1a:e4:df:c0:f2:dd:46:50:
a6:88:6b:99:eb:33:14:af:84:86:74:ab:df:f8:28:7a:57:7b:
4c:5e:44:74:27:bc:33:4a:74:b5:3f:f4:d6:3e:04:10:ae:f4:
83:8d:73:59:2b:c3:27:c1:ca:c8:08:bc:23:c2:9c:d5:45:2f:
25:51:70:08:d9:2e:02:bc:3f:ef:37:d9:a5:93:04:3f:43:12:
de:3a:ab:72:6b:1d:15:0f:8e:63:b0:71:9d:a5:92:36:be:fb:
fc:25:39:7e:71:1e:71:ce:ed:a4:3d:95:c6:a1:31:4c:08:50:
19:df:77:8e:ee:dc:0f:d4:c4:f2:07:21:b6:3b:03:7b:00:6c:
0d:67:d7:6d:0c:60:f5:c3:c3:2c:2f:e8:b0:63:29:3b:26:43:
d0:1f:22:1e:94:af:0f:b0:c7:12:97:47:12:41:a0:17:32:a7:
42:75:02:2a:69:43:e9:c1:dc:94:bf:48:2d:1e:69:cf:ec:5b:
f9:bb:bf:de:62:26:30:05:49:e1:6a:a9:33:37:f6:6c:dc:37:
f8:9f:f9:7c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYRqRCmAFEkzAjK/IduzuomtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMTEyMDUxNjAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDczMTc1NDU4NTdkY2FlMDA1NTg0YjU2NmYxYmI2N2UwNmFmNGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMf7f/YGN/6ezAHMx0vOtHvi1VcO
PW4bnYMMiocxHzcDc1GuJ7MoN+3YAed04erHtbbUHF5nyLSY6uLcwoT0h7MHlSBr
fq5FLfm+FiOMTkuQvCm1sENWImXFIWFDNFLvo1OKyaXo+qlMjqPUEjRPnOfxJagq
seQfHCDTiQ9pmVePCUR4pbZu1U3Ig/cP3cP+mHj60xjA7bJuQ+8wA14EJ8ZBPCqp
Db6gECsIVZmBnlhocto4Jaxom2vmsC7hQhqUKUW1t8ZuHRLKjV3lQmL/Zt4tH3dW
HA2+F80Ei+mHKTTTTgahcdl9+2v7GjbSMgrvUNOFdmgyVwR5xd10x6huNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEBzF1RYV9yuAFWEtWbxu2fgavTwMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUUhNWFZGaFgzSzRBVllTMVp2RzdaLUJxOVBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF+fP0xRF02IxDjSB+Uf
wL6hCpuVjziWdNxIzYEBSvPRP7X4tvbVmlWKEsBD56Aa5N/A8t1GUKaIa5nrMxSv
hIZ0q9/4KHpXe0xeRHQnvDNKdLU/9NY+BBCu9IONc1krwyfBysgIvCPCnNVFLyVR
cAjZLgK8P+832aWTBD9DEt46q3JrHRUPjmOwcZ2lkja++/wlOX5xHnHO7aQ9lcah
MUwIUBnfd47u3A/UxPIHIbY7A3sAbA1n120MYPXDwywv6LBjKTsmQ9AfIh6Urw+w
xxKXRxJBoBcyp0J1AippQ+nB3JS/SC0eac/sW/m7v95iJjAFSeFqqTM39mzcN/if
+Xw=
-----END CERTIFICATE-----
Generated at Thu May 1 11:13:47 2025 by rpki-client