Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QOJZvczlRK9NUNhIZ5DKrWNRWrM.roa
File: QOJZvczlRK9NUNhIZ5DKrWNRWrM.roa (raw, json)
Hash identifier: oPTCS0y3SIWjOeBsi33xtJP6LOeKR/F77hkQcyUrT5o=
Subject key identifier: 40:E2:59:BD:CC:E5:44:AF:4D:50:D8:48:67:90:CA:AD:63:51:5A:B3
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0188386BBD6902EAE9F3A825E24E06AA0EA3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QOJZvczlRK9NUNhIZ5DKrWNRWrM.roa
Signing time: Sat 20 May 2023 09:09:24 +0000
ROA not before: Sat 20 May 2023 09:09:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:38:6b:bd:69:02:ea:e9:f3:a8:25:e2:4e:06:aa:0e:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 20 09:09:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40e259bdcce544af4d50d8486790caad63515ab3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9d:19:0a:80:e1:13:d6:98:5f:5a:61:77:c8:
3c:3e:e1:46:a6:89:ab:72:be:85:70:b4:b5:58:4e:
43:e6:4c:65:82:55:0b:10:78:e1:5f:3a:dc:d8:97:
5e:39:a0:2d:2c:7f:42:f9:05:35:f9:10:e3:76:d7:
46:91:9b:32:b9:2b:a7:32:e8:cf:e2:2d:f5:9a:f1:
6c:f5:0f:83:9c:9c:7e:2b:3e:d1:1a:e5:bc:bc:43:
c6:07:82:2d:e5:0e:4f:2d:5c:e6:ce:2e:0e:34:df:
96:1e:35:9f:98:56:4b:3c:c6:70:f2:6c:1f:47:e2:
c6:a5:41:2d:5e:e7:e9:25:b8:9b:d5:a5:f5:2c:08:
45:b5:b3:7c:e3:b5:92:69:4a:01:ce:74:ef:4c:5c:
bf:ed:ba:f6:22:ae:d0:ef:f0:f4:5e:74:49:2b:f4:
46:2c:fd:8a:ae:69:e1:8f:c1:ec:0b:d1:f0:a9:42:
4d:83:cf:5a:64:fe:8e:5e:51:76:72:9b:28:73:0e:
0c:cc:ea:28:b4:8f:ab:0e:57:bf:f7:7d:73:bf:24:
ba:ad:1a:57:1d:c5:14:5a:9b:2a:db:cf:1d:70:e6:
5e:aa:89:9a:f7:05:3b:a0:e3:fc:8b:85:91:fb:4e:
a8:db:c2:31:12:2f:01:65:64:6f:d0:35:65:91:d6:
96:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E2:59:BD:CC:E5:44:AF:4D:50:D8:48:67:90:CA:AD:63:51:5A:B3
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QOJZvczlRK9NUNhIZ5DKrWNRWrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a0:4c:c5:01:48:90:dd:f0:2e:40:8c:22:f2:fc:5c:7a:77:c9:
7f:8f:ee:60:1a:1b:ae:cd:7a:e6:7f:3b:d3:3c:5d:1f:79:a8:
81:4d:db:3e:d1:a2:67:a4:86:7b:8e:2a:8a:cd:c7:6f:a0:22:
72:99:b8:29:03:52:de:c4:41:f9:69:90:ac:30:c6:6c:4f:27:
54:7b:eb:b1:f8:11:a7:93:ce:f3:41:80:6f:93:9f:a1:8a:e0:
84:19:08:89:d1:5e:7c:ce:31:71:e4:1f:40:52:c3:39:ea:59:
91:1b:f2:79:4b:71:94:bf:99:22:34:80:b6:9b:2b:d4:75:63:
7b:dc:b5:b4:f0:a4:05:b9:8d:4f:34:2e:f8:b3:46:c0:b9:7c:
22:bb:28:74:5d:d9:41:e8:5c:99:47:1f:79:98:2c:2c:4c:df:
e2:4d:ed:e0:af:a3:f7:e0:9d:68:fd:e4:b7:72:f3:79:41:81:
5b:8e:dd:b8:98:fc:a5:c4:6b:61:49:1e:25:91:12:9a:ab:23:
a8:a4:f9:84:86:a9:1c:92:7c:65:52:82:26:fd:60:15:10:ce:
4e:5b:2f:d5:58:3c:c8:db:1d:42:35:f5:f7:42:b8:8a:17:c5:
fb:87:9a:d6:c4:f7:15:16:b5:65:2c:d7:00:51:bc:72:17:ac:
7d:b2:59:07
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYg4a71pAurp86gl4k4Gqg6jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTIwMDkwOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGUyNTliZGNjZTU0NGFmNGQ1MGQ4NDg2NzkwY2FhZDYzNTE1YWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJ0ZCoDhE9aYX1phd8g8PuFGpomr
cr6FcLS1WE5D5kxlglULEHjhXzrc2JdeOaAtLH9C+QU1+RDjdtdGkZsyuSunMujP
4i31mvFs9Q+DnJx+Kz7RGuW8vEPGB4It5Q5PLVzmzi4ONN+WHjWfmFZLPMZw8mwf
R+LGpUEtXufpJbib1aX1LAhFtbN847WSaUoBznTvTFy/7br2Iq7Q7/D0XnRJK/RG
LP2Krmnhj8HsC9HwqUJNg89aZP6OXlF2cpsocw4MzOootI+rDle/931zvyS6rRpX
HcUUWpsq288dcOZeqoma9wU7oOP8i4WR+06o28IxEi8BZWRv0DVlkdaWdwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEDiWb3M5USvTVDYSGeQyq1jUVqzMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUU9KWnZjemxSSzlOVU5oSVo1REtyV05SV3JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKBMxQFIkN3wLkCMIvL8
XHp3yX+P7mAaG67NeuZ/O9M8XR95qIFN2z7RomekhnuOKorNx2+gInKZuCkDUt7E
QflpkKwwxmxPJ1R767H4EaeTzvNBgG+Tn6GK4IQZCInRXnzOMXHkH0BSwznqWZEb
8nlLcZS/mSI0gLabK9R1Y3vctbTwpAW5jU80LvizRsC5fCK7KHRd2UHoXJlHH3mY
LCxM3+JN7eCvo/fgnWj95Ldy83lBgVuO3biY/KXEa2FJHiWREpqrI6ik+YSGqRyS
fGVSgib9YBUQzk5bL9VYPMjbHUI19fdCuIoXxfuHmtbE9xUWtWUs1wBRvHIXrH2y
WQc=
-----END CERTIFICATE-----
Generated at Fri May 2 04:02:05 2025 by rpki-client