Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QZkhbmLp8ylwU7hRKxjgLFCobqI.roa
File: QZkhbmLp8ylwU7hRKxjgLFCobqI.roa (raw, json)
Hash identifier: lWTuGhE1EaXhd2SnydA4g7jh3jeP24jcm7JJRT7CqLs=
Subject key identifier: 41:99:21:6E:62:E9:F3:29:70:53:B8:51:2B:18:E0:2C:50:A8:6E:A2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01898A93756495344C40BAEB57D46D5E890B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QZkhbmLp8ylwU7hRKxjgLFCobqI.roa
Signing time: Tue 25 Jul 2023 01:04:26 +0000
ROA not before: Tue 25 Jul 2023 01:04:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:189:8a93:6c4a/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8a:93:75:64:95:34:4c:40:ba:eb:57:d4:6d:5e:89:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 25 01:04:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4199216e62e9f3297053b8512b18e02c50a86ea2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9d:03:71:86:db:bc:27:46:00:d7:52:0a:b0:
b9:18:9c:ca:6a:be:88:de:1f:76:93:e8:79:88:89:
2d:5e:9a:fd:65:e9:19:9f:aa:02:7b:76:f9:b9:2d:
26:f5:f8:7f:7e:55:c0:02:99:9b:11:a9:57:8e:68:
6e:ec:7f:7a:3d:73:2f:6d:83:c8:2d:7a:ef:68:44:
b4:e7:ee:d3:f4:22:0a:9c:e3:f5:d9:54:8f:73:3a:
6d:78:72:e5:73:ab:a0:90:de:f4:97:66:0b:bf:df:
b4:3d:d6:0f:c8:ff:f8:36:46:aa:b4:64:55:cc:f5:
e3:78:2f:ac:d0:00:fd:8f:0f:f3:c3:7e:9b:2d:d1:
77:1e:cd:9f:da:04:d9:5a:df:7b:85:03:ce:21:7a:
15:81:90:a4:9f:22:85:70:c3:be:f5:e8:a7:7c:96:
a7:e8:94:c9:86:1f:cf:c4:d5:b4:84:3c:ff:61:47:
d8:24:65:1c:1c:19:46:cb:39:20:83:17:4e:3a:42:
9a:e0:2d:ce:1d:00:cc:d6:4b:ff:08:65:4b:2c:d0:
62:3c:7d:3a:63:33:6e:15:be:c9:2c:4d:3c:a2:af:
87:8f:f9:af:d2:34:b9:8f:bb:82:a0:ae:45:e0:6e:
8c:8e:17:dc:1a:df:73:db:c9:74:07:64:82:54:4c:
dd:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:99:21:6E:62:E9:F3:29:70:53:B8:51:2B:18:E0:2C:50:A8:6E:A2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QZkhbmLp8ylwU7hRKxjgLFCobqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7c:63:6c:2d:45:44:f7:0e:15:e9:dd:01:98:a9:ce:2a:01:84:
b1:d9:21:21:b0:98:d7:60:dc:34:21:86:c6:d3:be:c2:86:47:
71:47:4f:c4:ca:82:66:78:03:9e:22:7b:e5:52:95:d8:92:a3:
c7:15:35:82:10:35:26:2d:89:9c:da:cf:c6:c6:80:fa:ab:b4:
01:1a:a6:e2:01:32:b9:be:29:3f:60:4d:39:02:2e:ea:73:0f:
5e:39:e4:56:7b:c4:d6:01:3b:b8:c4:db:e7:3c:6a:0f:91:8f:
0c:ad:2e:8a:87:59:06:58:09:f2:f8:35:85:75:81:07:ed:5e:
b7:d2:96:17:08:30:e8:ae:1f:8f:21:14:75:57:d0:4e:1f:9e:
b1:75:9e:68:57:70:bc:d6:1d:5f:4c:bd:ae:81:7a:1e:70:b2:
6f:92:ed:72:fd:50:c2:75:1a:19:64:9b:0b:c7:9f:8e:9f:72:
7e:8a:5d:93:3c:31:2c:94:bf:27:55:42:a1:6e:35:e3:00:c8:
2a:6c:b7:bf:5a:db:8d:86:84:d5:22:88:a0:a8:43:cd:81:77:
b3:a3:74:ff:f6:bb:90:8a:46:22:b7:31:2f:e9:c7:f7:c6:8d:
72:5f:fa:b2:70:40:df:b1:e6:b1:51:2c:3c:9b:28:48:ae:94:
0e:43:75:74
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmKk3VklTRMQLrrV9RtXokLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzI1MDEwNDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTk5MjE2ZTYyZTlmMzI5NzA1M2I4NTEyYjE4ZTAyYzUwYTg2ZWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ0DcYbbvCdGANdSCrC5GJzKar6I
3h92k+h5iIktXpr9ZekZn6oCe3b5uS0m9fh/flXAApmbEalXjmhu7H96PXMvbYPI
LXrvaES05+7T9CIKnOP12VSPczpteHLlc6ugkN70l2YLv9+0PdYPyP/4NkaqtGRV
zPXjeC+s0AD9jw/zw36bLdF3Hs2f2gTZWt97hQPOIXoVgZCknyKFcMO+9einfJan
6JTJhh/PxNW0hDz/YUfYJGUcHBlGyzkggxdOOkKa4C3OHQDM1kv/CGVLLNBiPH06
YzNuFb7JLE08oq+Hj/mv0jS5j7uCoK5F4G6MjhfcGt9z28l0B2SCVEzdhwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEGZIW5i6fMpcFO4USsY4CxQqG6iMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUVpraGJtTHA4eWx3VTdoUkt4amdMRkNvYnFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHxjbC1FRPcOFendAZip
zioBhLHZISGwmNdg3DQhhsbTvsKGR3FHT8TKgmZ4A54ie+VSldiSo8cVNYIQNSYt
iZzaz8bGgPqrtAEapuIBMrm+KT9gTTkCLupzD1455FZ7xNYBO7jE2+c8ag+Rjwyt
LoqHWQZYCfL4NYV1gQftXrfSlhcIMOiuH48hFHVX0E4fnrF1nmhXcLzWHV9Mva6B
eh5wsm+S7XL9UMJ1GhlkmwvHn46fcn6KXZM8MSyUvydVQqFuNeMAyCpst79a242G
hNUiiKCoQ82Bd7OjdP/2u5CKRiK3MS/px/fGjXJf+rJwQN+x5rFRLDybKEiulA5D
dXQ=
-----END CERTIFICATE-----
Generated at Sat May 3 14:01:31 2025 by rpki-client