Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QOn2Pm-ah0-Th7urRaLC6tpGHlw.roa
File: QOn2Pm-ah0-Th7urRaLC6tpGHlw.roa (raw, json)
Hash identifier: ZGrb9Ly7NZEsakYPwpvBJL7TU4BZdi/+27kdxxMcsWk=
Subject key identifier: 40:E9:F6:3E:6F:9A:87:4F:93:87:BB:AB:45:A2:C2:EA:DA:46:1E:5C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189E1EA08ED7DDC8A19B67C01504797BE5D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QOn2Pm-ah0-Th7urRaLC6tpGHlw.roa
Signing time: Fri 11 Aug 2023 00:05:58 +0000
ROA not before: Fri 11 Aug 2023 00:05:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:e1e9:b26f/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e1:ea:08:ed:7d:dc:8a:19:b6:7c:01:50:47:97:be:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 11 00:05:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40e9f63e6f9a874f9387bbab45a2c2eada461e5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:2e:e4:78:3b:8c:e7:2a:3e:04:fa:f9:07:cd:
6f:81:a3:95:6d:9e:45:92:b2:2e:bc:73:84:d7:c0:
51:4b:49:65:53:3a:f1:77:46:e2:3e:b0:56:e8:c9:
77:e0:20:eb:64:23:cf:f8:b4:0a:47:f5:f9:33:e8:
01:a8:09:ca:67:83:61:af:13:d7:2b:0e:89:8a:38:
41:1b:81:97:6c:fb:26:50:8a:25:03:d5:bb:a2:aa:
08:75:b3:e1:ed:e4:46:d6:f2:93:98:6f:25:7d:3f:
48:85:ec:b0:03:1f:66:5f:5a:bd:c7:eb:e8:2a:cc:
3f:f7:74:ed:a1:19:6b:f0:1d:c3:de:8f:ab:19:01:
a8:69:c7:21:7a:21:0c:90:07:86:82:e1:41:54:72:
48:d8:52:b8:c3:f4:b1:cb:74:82:6c:a1:76:a9:c6:
1b:39:8f:32:9d:ae:13:7a:cc:c5:19:71:69:2a:4a:
8d:a1:c1:a1:28:49:69:35:7c:31:8a:80:25:f1:9b:
ed:b4:9c:45:5b:85:9e:52:11:86:2d:c9:87:35:9f:
02:50:e7:86:f0:f7:da:60:5a:de:bb:a3:0c:c0:8c:
ca:b5:f8:58:5f:39:08:d0:ff:2c:45:ee:be:45:e4:
8f:19:84:52:e4:01:48:54:23:e6:59:5b:28:5c:54:
22:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E9:F6:3E:6F:9A:87:4F:93:87:BB:AB:45:A2:C2:EA:DA:46:1E:5C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QOn2Pm-ah0-Th7urRaLC6tpGHlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:6e:e4:00:f4:52:47:e2:e5:56:92:f0:0b:5b:15:bd:15:67:
44:59:09:f8:0e:73:60:37:d1:c1:d1:dc:1a:f9:80:43:c7:4e:
10:eb:86:81:9a:84:52:40:d3:a6:09:be:4c:3c:b0:6b:7b:6a:
68:0a:be:85:44:f5:24:74:c5:c4:d5:3e:ba:1e:43:00:b5:7c:
6e:58:ce:4c:ea:58:3e:35:76:53:b4:4a:bd:81:1b:b4:bb:27:
18:38:07:44:05:d3:f6:74:fe:2a:32:e6:61:0f:d9:41:5b:34:
19:f9:30:71:7f:48:e7:39:2a:20:37:89:15:4c:1a:b4:e5:2c:
b4:19:fa:0b:fe:3e:a6:3b:36:b9:07:cd:5f:01:ad:60:3d:cd:
af:f4:12:7a:78:a9:b1:ac:3b:cf:e8:7a:4d:12:38:23:49:25:
d4:fc:41:14:cd:b8:26:a3:be:02:ee:3b:fd:25:d7:14:22:38:
a0:6e:f6:93:d2:94:ed:ae:41:67:e4:d0:8a:6d:2d:d2:b8:bf:
67:85:01:ce:c1:7f:6d:6d:61:a4:4e:00:8d:88:26:ef:c2:c9:
46:b9:17:71:66:0f:8c:ca:ba:75:df:79:cb:b3:d0:3e:ec:6a:
85:c8:1f:a9:fa:67:57:05:d4:bc:2d:3a:55:21:55:8b:02:5e:
10:31:c0:fa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnh6gjtfdyKGbZ8AVBHl75dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODExMDAwNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGU5ZjYzZTZmOWE4NzRmOTM4N2JiYWI0NWEyYzJlYWRhNDYxZTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhS7keDuM5yo+BPr5B81vgaOVbZ5F
krIuvHOE18BRS0llUzrxd0biPrBW6Ml34CDrZCPP+LQKR/X5M+gBqAnKZ4NhrxPX
Kw6JijhBG4GXbPsmUIolA9W7oqoIdbPh7eRG1vKTmG8lfT9IheywAx9mX1q9x+vo
Ksw/93TtoRlr8B3D3o+rGQGoaccheiEMkAeGguFBVHJI2FK4w/Sxy3SCbKF2qcYb
OY8yna4TeszFGXFpKkqNocGhKElpNXwxioAl8ZvttJxFW4WeUhGGLcmHNZ8CUOeG
8PfaYFreu6MMwIzKtfhYXzkI0P8sRe6+ReSPGYRS5AFIVCPmWVsoXFQivQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEDp9j5vmodPk4e7q0WiwuraRh5cMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUU9uMlBtLWFoMC1UaDd1clJhTEM2dHBHSGx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAJu5AD0Ukfi5VaS8Atb
Fb0VZ0RZCfgOc2A30cHR3Br5gEPHThDrhoGahFJA06YJvkw8sGt7amgKvoVE9SR0
xcTVProeQwC1fG5YzkzqWD41dlO0Sr2BG7S7Jxg4B0QF0/Z0/ioy5mEP2UFbNBn5
MHF/SOc5KiA3iRVMGrTlLLQZ+gv+PqY7NrkHzV8BrWA9za/0Enp4qbGsO8/oek0S
OCNJJdT8QRTNuCajvgLuO/0l1xQiOKBu9pPSlO2uQWfk0IptLdK4v2eFAc7Bf21t
YaROAI2IJu/CyUa5F3FmD4zKunXfecuz0D7saoXIH6n6Z1cF1LwtOlUhVYsCXhAx
wPo=
-----END CERTIFICATE-----
Generated at Thu May 1 00:41:00 2025 by rpki-client