Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QZosoNor740C5_yGy7dcBRHsEXE.roa
File: QZosoNor740C5_yGy7dcBRHsEXE.roa (raw, json)
Hash identifier: 9Tbchn8bEHI0CLY/sm+Q2ApzJONMvcVP083ExOQLdY8=
Subject key identifier: 41:9A:2C:A0:DA:2B:EF:8D:02:E7:FC:86:CB:B7:5C:05:11:EC:11:71
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187DEF13B6C5FEC7AFCD92BE2D4738092E0
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QZosoNor740C5_yGy7dcBRHsEXE.roa
Signing time: Wed 03 May 2023 00:09:24 +0000
ROA not before: Wed 03 May 2023 00:09:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:de:f1:3b:6c:5f:ec:7a:fc:d9:2b:e2:d4:73:80:92:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 3 00:09:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=419a2ca0da2bef8d02e7fc86cbb75c0511ec1171
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:78:8f:79:b3:7c:4a:2e:d9:06:b5:e5:fa:1f:
7e:ef:76:3b:43:a0:07:11:65:48:52:2c:a9:04:12:
56:b5:43:2b:e8:10:24:f0:4c:44:38:fd:bc:e6:c4:
a0:59:64:59:5e:8d:b6:29:50:f1:1c:04:c8:f4:23:
57:78:6f:02:d1:c4:17:33:8a:95:58:be:3a:47:ed:
78:6e:05:19:44:87:99:d1:47:60:e6:82:cb:d0:3e:
1b:17:3d:4d:f3:33:3c:6f:b3:01:08:59:a5:82:b5:
25:04:2a:82:3b:a9:40:28:f4:f0:41:ce:22:b5:10:
d1:4b:09:ea:6f:3e:03:c0:33:4e:49:cf:5f:47:e5:
26:d2:27:5d:66:ca:ff:11:f2:bd:98:06:c1:8a:83:
dc:07:da:95:fe:61:1c:a2:6f:23:6f:d7:06:45:a6:
6b:f3:20:6b:a4:f2:09:03:f3:27:6d:54:c1:55:83:
ca:9b:80:80:a0:8c:f5:4a:e6:33:a8:ea:ad:d9:d4:
70:82:f2:be:0e:d3:91:1a:c8:21:a5:8c:e3:7a:8b:
90:f7:31:d2:da:09:85:89:10:da:15:dd:54:cb:15:
fa:b3:cf:36:3a:77:2f:79:8a:ab:af:2c:c4:ef:b5:
d9:55:58:1b:69:e8:44:d1:e7:a3:75:c6:13:64:d5:
2f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:9A:2C:A0:DA:2B:EF:8D:02:E7:FC:86:CB:B7:5C:05:11:EC:11:71
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QZosoNor740C5_yGy7dcBRHsEXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:e7:59:0b:ee:bb:fe:9d:e4:2a:a3:50:62:8f:a9:c3:63:74:
ae:0c:e4:0f:6e:20:d4:92:37:2b:af:2b:51:a3:55:79:ab:6b:
25:3b:ee:b1:d9:5a:e1:55:e7:69:91:83:e7:58:ab:9b:2f:6c:
c7:ac:fd:86:2c:f7:6e:05:0d:97:18:72:3d:b2:f1:c3:41:c7:
02:80:51:00:b7:29:7b:d4:8c:85:e9:f7:e4:e4:0a:86:28:da:
52:d9:72:47:6a:ca:9d:f6:60:67:2a:8b:67:f2:f4:b2:08:3f:
93:52:84:dc:ed:db:f8:b3:62:eb:ca:d3:37:59:02:d4:69:3a:
e6:9e:11:6f:b9:1d:74:c8:fd:7a:79:d4:68:88:49:c7:3c:d1:
62:67:29:c9:96:1f:a7:e3:80:df:64:89:97:79:28:14:c0:ea:
6e:0f:ee:2e:ba:e9:b5:8b:40:cd:f5:77:2e:98:2e:d1:5b:5e:
f5:bf:75:60:5d:23:be:e4:de:bb:f3:6f:21:51:05:86:5d:72:
d8:c8:0e:21:e8:0f:1d:d7:4b:96:a1:f4:e9:38:8c:ac:60:59:
04:b8:f9:c5:4c:6b:8b:0f:f5:7b:12:1a:7d:b5:16:15:87:cb:
b6:f8:aa:9d:aa:63:04:63:0d:de:1c:b8:53:5a:c1:55:bd:bc:
d8:ea:9a:9c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfe8TtsX+x6/Nkr4tRzgJLgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTAzMDAwOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTlhMmNhMGRhMmJlZjhkMDJlN2ZjODZjYmI3NWMwNTExZWMxMTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuniPebN8Si7ZBrXl+h9+73Y7Q6AH
EWVIUiypBBJWtUMr6BAk8ExEOP285sSgWWRZXo22KVDxHATI9CNXeG8C0cQXM4qV
WL46R+14bgUZRIeZ0Udg5oLL0D4bFz1N8zM8b7MBCFmlgrUlBCqCO6lAKPTwQc4i
tRDRSwnqbz4DwDNOSc9fR+Um0iddZsr/EfK9mAbBioPcB9qV/mEcom8jb9cGRaZr
8yBrpPIJA/MnbVTBVYPKm4CAoIz1SuYzqOqt2dRwgvK+DtORGsghpYzjeouQ9zHS
2gmFiRDaFd1UyxX6s882OncveYqrryzE77XZVVgbaehE0eejdcYTZNUvlQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEGaLKDaK++NAuf8hsu3XAUR7BFxMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUVpvc29Ob3I3NDBDNV95R3k3ZGNCUkhzRVhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFjnWQvuu/6d5CqjUGKP
qcNjdK4M5A9uINSSNyuvK1GjVXmrayU77rHZWuFV52mRg+dYq5svbMes/YYs924F
DZcYcj2y8cNBxwKAUQC3KXvUjIXp9+TkCoYo2lLZckdqyp32YGcqi2fy9LIIP5NS
hNzt2/izYuvK0zdZAtRpOuaeEW+5HXTI/Xp51GiIScc80WJnKcmWH6fjgN9kiZd5
KBTA6m4P7i666bWLQM31dy6YLtFbXvW/dWBdI77k3rvzbyFRBYZdctjIDiHoDx3X
S5ah9Ok4jKxgWQS4+cVMa4sP9XsSGn21FhWHy7b4qp2qYwRjDd4cuFNawVW9vNjq
mpw=
-----END CERTIFICATE-----
Generated at Fri May 2 18:59:29 2025 by rpki-client