Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QYYQOs-yI2bThwKyDYY-xJiECQo.roa
File: QYYQOs-yI2bThwKyDYY-xJiECQo.roa (raw, json)
Hash identifier: LNNL1i2njHU/Nz17Jh0DcfagIOZnTk8sUxcPoaXXcAI=
Subject key identifier: 41:86:10:3A:CF:B2:23:66:D3:87:02:B2:0D:86:3E:C4:98:84:09:0A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018685EAAE0B545A9F57E36912BB4E6A52FC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QYYQOs-yI2bThwKyDYY-xJiECQo.roa
Signing time: Sat 25 Feb 2023 00:13:15 +0000
ROA not before: Sat 25 Feb 2023 00:13:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:85:ea:ae:0b:54:5a:9f:57:e3:69:12:bb:4e:6a:52:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 25 00:13:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4186103acfb22366d38702b20d863ec49884090a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5e:49:34:17:b6:31:1e:d5:aa:bb:96:2d:32:
00:b1:f1:88:30:0f:53:91:00:0b:cd:7b:9f:5f:be:
62:a5:9f:a5:07:fb:37:b2:a1:52:7d:54:17:22:0d:
40:c8:76:85:90:f9:f0:d3:82:f9:92:f4:b2:d1:ec:
de:54:7a:7c:7b:17:3e:af:5c:fa:d2:f3:82:b0:85:
a1:d2:a0:51:d4:ea:72:8e:05:d3:e9:85:d4:b1:6b:
b5:f4:1a:2a:7e:86:7d:15:01:90:2a:67:a8:24:8d:
7e:73:f8:62:78:a1:9b:f4:ec:d0:a6:bd:8e:45:c3:
58:d4:cb:9c:42:67:ae:f3:83:78:d7:9e:7f:5a:50:
33:54:39:5a:4b:1e:1c:fb:98:02:3d:3f:92:d6:3d:
3f:c4:2c:1d:67:94:f5:dd:e1:91:04:3a:14:93:69:
b0:44:f7:4b:26:58:e2:71:60:14:03:e2:d0:38:ce:
dd:91:08:70:fb:c6:cd:92:44:43:22:23:be:de:a7:
87:0c:7e:0d:7f:d9:52:65:ac:40:c1:7c:11:e8:83:
e9:2e:90:22:fa:6c:53:e2:99:40:b1:fe:11:96:05:
8d:b3:56:f9:1c:f2:8d:49:45:f2:52:a1:35:91:f8:
15:00:f1:4f:6e:1e:d1:6e:4a:24:9f:3a:8f:10:32:
a0:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:86:10:3A:CF:B2:23:66:D3:87:02:B2:0D:86:3E:C4:98:84:09:0A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QYYQOs-yI2bThwKyDYY-xJiECQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
86:08:2f:88:b8:d3:92:ad:8f:a2:95:3b:c4:87:c1:f0:2d:2b:
b4:4b:4e:a5:43:71:4a:0c:c7:73:b2:94:88:aa:fa:63:14:a8:
ff:bc:2f:f4:73:1e:0c:1f:ed:0c:49:bc:10:63:28:b7:e0:0d:
20:bc:27:48:af:a7:d9:69:4e:3e:4a:a8:4f:39:97:00:bd:80:
07:de:31:a6:a1:22:8c:fc:fc:ea:81:35:e4:5a:e9:5f:cf:3a:
8b:b2:13:de:f5:5b:f7:d4:6e:3a:de:6e:73:18:d6:be:03:0f:
ec:92:f0:1b:aa:69:1b:1d:27:02:6f:54:10:ee:d4:eb:5e:b2:
12:c4:84:03:4e:f6:35:39:c9:b1:ac:de:6a:2b:f2:16:04:67:
67:d5:59:cb:93:51:91:c1:a2:51:cf:46:c7:04:60:a1:66:85:
ab:c2:88:c3:bf:c9:aa:aa:93:c2:04:e5:64:cc:a8:1b:af:54:
8d:b2:98:d8:cb:94:9e:5f:54:22:54:ed:10:dc:36:e2:47:e6:
7a:65:eb:de:a8:ad:cd:a9:be:79:d8:52:cb:b2:ae:81:08:d8:
1d:af:6e:6c:28:15:2d:10:db:01:e4:d3:41:a6:81:b6:c5:40:
2e:24:85:ac:f7:7f:84:f4:41:2a:7b:8d:6a:4a:70:b1:fc:53:
4b:07:b6:95
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaF6q4LVFqfV+NpErtOalL8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI1MDAxMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTg2MTAzYWNmYjIyMzY2ZDM4NzAyYjIwZDg2M2VjNDk4ODQwOTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo15JNBe2MR7VqruWLTIAsfGIMA9T
kQALzXufX75ipZ+lB/s3sqFSfVQXIg1AyHaFkPnw04L5kvSy0ezeVHp8exc+r1z6
0vOCsIWh0qBR1OpyjgXT6YXUsWu19BoqfoZ9FQGQKmeoJI1+c/hieKGb9OzQpr2O
RcNY1MucQmeu84N4155/WlAzVDlaSx4c+5gCPT+S1j0/xCwdZ5T13eGRBDoUk2mw
RPdLJljicWAUA+LQOM7dkQhw+8bNkkRDIiO+3qeHDH4Nf9lSZaxAwXwR6IPpLpAi
+mxT4plAsf4RlgWNs1b5HPKNSUXyUqE1kfgVAPFPbh7RbkoknzqPEDKgtQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEGGEDrPsiNm04cCsg2GPsSYhAkKMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUVlZUU9zLXlJMmJUaHdLeURZWS14SmlFQ1FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIYIL4i405Ktj6KVO8SH
wfAtK7RLTqVDcUoMx3OylIiq+mMUqP+8L/RzHgwf7QxJvBBjKLfgDSC8J0ivp9lp
Tj5KqE85lwC9gAfeMaahIoz8/OqBNeRa6V/POouyE971W/fUbjrebnMY1r4DD+yS
8BuqaRsdJwJvVBDu1OteshLEhANO9jU5ybGs3mor8hYEZ2fVWcuTUZHBolHPRscE
YKFmhavCiMO/yaqqk8IE5WTMqBuvVI2ymNjLlJ5fVCJU7RDcNuJH5npl696orc2p
vnnYUsuyroEI2B2vbmwoFS0Q2wHk00GmgbbFQC4khaz3f4T0QSp7jWpKcLH8U0sH
tpU=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:40:53 2025 by rpki-client