Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QR84p-qaiCPCOirS6LyW4KuuKl0.roa
File: QR84p-qaiCPCOirS6LyW4KuuKl0.roa (raw, json)
Hash identifier: S4A0ntSkBSBwMhqguSxKdW0K7uEzPZ+W50MPLHP5E9A=
Subject key identifier: 41:1F:38:A7:EA:9A:88:23:C2:3A:2A:D2:E8:BC:96:E0:AB:AE:2A:5D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189E10D648CE5217B35423EBA20F3F1FDA8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QR84p-qaiCPCOirS6LyW4KuuKl0.roa
Signing time: Thu 10 Aug 2023 20:04:58 +0000
ROA not before: Thu 10 Aug 2023 20:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:189:e10c:d278/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e1:0d:64:8c:e5:21:7b:35:42:3e:ba:20:f3:f1:fd:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 10 20:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=411f38a7ea9a8823c23a2ad2e8bc96e0abae2a5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f3:02:3b:2b:9b:8d:35:3c:1a:f8:10:c3:44:
8a:00:9c:bc:1a:71:a7:58:78:e5:fb:23:39:39:7e:
49:19:aa:0c:5b:9d:21:d5:87:be:21:18:a9:79:1d:
65:4e:b8:33:0f:33:a0:52:52:53:ec:c6:2f:07:16:
1d:72:83:a5:f2:0a:f5:57:92:1f:88:88:56:37:d2:
13:f9:23:03:d7:58:1b:90:2f:39:ef:69:ce:a0:11:
64:e3:f8:e5:b4:c4:d8:b8:a2:90:33:e7:f5:15:ad:
46:04:77:16:69:25:a2:20:7b:18:ab:e0:d1:1f:f1:
a4:2c:c9:2c:49:cb:97:17:2c:da:00:7b:39:ba:87:
1f:31:46:46:86:ab:84:31:9b:bc:e5:da:bc:9b:6d:
db:9a:40:9d:65:fd:32:ab:11:62:97:da:34:63:af:
6b:2a:45:71:68:09:6b:45:b4:89:b4:96:46:ce:27:
ee:d0:3c:5c:cf:29:25:b2:44:ea:f4:f6:9b:8b:81:
6e:37:81:fd:25:00:9b:25:0a:2d:d9:47:53:22:db:
0f:dd:d4:35:66:a4:4a:18:e0:f5:b0:3b:7b:ac:6c:
9c:65:28:b9:ca:89:70:0d:ae:32:46:38:41:73:08:
e0:d5:b4:34:2f:7b:46:35:b9:e5:95:46:8b:2e:2f:
f8:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:1F:38:A7:EA:9A:88:23:C2:3A:2A:D2:E8:BC:96:E0:AB:AE:2A:5D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QR84p-qaiCPCOirS6LyW4KuuKl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
85:9d:0a:d4:e3:8c:d9:c7:10:41:26:47:ce:9e:ec:77:44:e4:
79:60:2b:aa:c4:f4:7e:4f:32:5d:e0:2f:a3:44:9c:65:13:12:
69:d0:35:93:94:e4:d1:90:6d:5c:1d:ea:94:b7:80:bd:34:8d:
34:1d:d1:a3:ec:15:38:3a:db:8a:b5:a3:d1:09:b0:d0:64:76:
20:8d:5a:fb:91:5d:a8:fa:9b:24:01:ba:69:10:c2:c3:97:3e:
a9:84:f6:a7:b0:69:e4:ac:3b:53:a7:24:e3:54:16:58:a5:2c:
80:f6:97:86:3a:ad:7f:ad:5e:0a:e8:5c:6e:6f:e9:33:d9:17:
0c:af:6b:b1:0a:37:1c:3d:84:33:7c:aa:62:a3:60:a9:18:fd:
02:50:03:cb:b2:0a:ca:dd:fb:d5:e0:a0:27:7a:56:e6:80:ba:
a8:c5:66:ee:22:44:98:46:4b:43:d7:99:a6:24:ec:a0:cb:f1:
8d:05:61:68:8b:38:d6:ae:78:28:6c:51:42:76:3a:93:b4:d0:
cd:7e:80:b9:e5:3e:ae:9c:de:bf:9d:36:4a:68:49:62:18:ec:
9c:0a:ec:7b:f7:18:4b:eb:7e:4a:cd:8a:65:a2:10:aa:bc:6c:
6d:07:a4:71:5a:3a:28:e0:2f:5a:79:02:08:4e:d9:1c:ab:fc:
4e:e4:13:9d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnhDWSM5SF7NUI+uiDz8f2oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODEwMjAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTFmMzhhN2VhOWE4ODIzYzIzYTJhZDJlOGJjOTZlMGFiYWUyYTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvMCOyubjTU8GvgQw0SKAJy8GnGn
WHjl+yM5OX5JGaoMW50h1Ye+IRipeR1lTrgzDzOgUlJT7MYvBxYdcoOl8gr1V5If
iIhWN9IT+SMD11gbkC8572nOoBFk4/jltMTYuKKQM+f1Fa1GBHcWaSWiIHsYq+DR
H/GkLMksScuXFyzaAHs5uocfMUZGhquEMZu85dq8m23bmkCdZf0yqxFil9o0Y69r
KkVxaAlrRbSJtJZGzifu0DxczyklskTq9Pabi4FuN4H9JQCbJQot2UdTItsP3dQ1
ZqRKGOD1sDt7rGycZSi5yolwDa4yRjhBcwjg1bQ0L3tGNbnllUaLLi/4IQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEEfOKfqmogjwjoq0ui8luCrripdMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUVI4NHAtcWFpQ1BDT2lyUzZMeVc0S3V1S2wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIWdCtTjjNnHEEEmR86e
7HdE5HlgK6rE9H5PMl3gL6NEnGUTEmnQNZOU5NGQbVwd6pS3gL00jTQd0aPsFTg6
24q1o9EJsNBkdiCNWvuRXaj6myQBumkQwsOXPqmE9qewaeSsO1OnJONUFlilLID2
l4Y6rX+tXgroXG5v6TPZFwyva7EKNxw9hDN8qmKjYKkY/QJQA8uyCsrd+9XgoCd6
VuaAuqjFZu4iRJhGS0PXmaYk7KDL8Y0FYWiLONaueChsUUJ2OpO00M1+gLnlPq6c
3r+dNkpoSWIY7JwK7Hv3GEvrfkrNimWiEKq8bG0HpHFaOijgL1p5AghO2Ryr/E7k
E50=
-----END CERTIFICATE-----
Generated at Thu May 1 00:09:14 2025 by rpki-client