Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Q_hZ_JsOZxfbCIMsOxUzgF5TA8Y.roa
File: Q_hZ_JsOZxfbCIMsOxUzgF5TA8Y.roa (raw, json)
Hash identifier: mY/+NiGdrt7h1V63DsxynK0PHW3dRXC4DSr7w4kpcJ4=
Subject key identifier: 43:F8:59:FC:9B:0E:67:17:DB:08:83:2C:3B:15:33:80:5E:53:03:C6
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 6F107A67
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Q_hZ_JsOZxfbCIMsOxUzgF5TA8Y.roa
Signing time: Wed 02 Mar 2022 14:10:57 +0000
ROA not before: Wed 02 Mar 2022 14:10:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64:ffff:0:17f:20ac:a2bd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1863350887 (0x6f107a67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 2 14:10:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43f859fc9b0e6717db08832c3b1533805e5303c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ba:97:9d:0c:b2:83:7b:40:33:1b:5d:a9:f1:
9c:eb:24:5a:3a:e2:40:7f:04:25:91:d5:e8:b2:a4:
ef:b0:9d:a5:12:ab:97:ab:6c:fb:31:e9:2a:ab:09:
25:c0:7a:d4:1c:22:69:c4:d0:6f:6f:07:f5:09:4b:
ba:53:f2:7d:38:61:5b:94:c9:fc:c0:23:33:73:67:
78:0a:fd:e1:d9:ce:a5:88:62:fa:aa:ff:ad:3d:42:
c3:a2:cf:41:9c:c5:be:1b:a4:59:2a:84:96:1e:c4:
c8:98:ae:f3:9b:37:d7:c6:0e:b0:2a:d4:a0:6b:fc:
0a:db:e7:8a:24:dd:c1:f7:32:c6:9c:c9:2e:31:7f:
22:82:c2:11:c5:dd:85:3a:24:c5:e1:bf:a5:b3:16:
af:1f:12:9c:b2:89:ce:6e:9d:b7:7a:f9:f7:cd:8a:
5c:50:00:88:37:14:d7:ec:d4:67:c7:68:4c:37:f9:
c0:3d:9e:2d:99:fe:28:49:b1:17:77:8f:7c:a0:b0:
1c:1a:e3:14:be:a6:66:29:29:58:ed:a9:96:ec:43:
da:57:15:03:06:8a:1f:97:2e:3d:f2:de:63:63:41:
4a:1a:38:f9:97:3f:06:a0:15:76:81:c0:d0:d4:e8:
04:c8:52:2b:ab:e7:ff:a8:23:7b:63:a0:03:1d:94:
95:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:F8:59:FC:9B:0E:67:17:DB:08:83:2C:3B:15:33:80:5E:53:03:C6
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Q_hZ_JsOZxfbCIMsOxUzgF5TA8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:20:43:3a:45:f8:ca:46:35:cd:e0:8e:9a:5e:9c:83:56:a1:
22:f7:a7:5d:cf:86:c3:a7:db:ef:f3:dd:2b:17:94:4a:8b:04:
14:de:21:54:82:d5:89:82:38:23:e5:7c:98:22:7b:0f:05:1d:
ce:54:69:c2:70:0d:f9:6a:1a:36:68:7f:72:17:53:f6:8c:f2:
86:2f:96:02:9a:28:d3:5f:7a:f3:5e:44:f3:e6:72:0a:22:1d:
f7:30:94:8b:df:e7:dc:3b:88:9f:b2:d5:fc:74:8f:a3:1d:db:
ed:c2:a5:c0:e2:d4:ac:05:a9:db:94:af:25:02:6c:0c:f9:e6:
ae:a2:24:33:12:ca:db:2e:77:e8:ff:ad:f4:44:fe:93:81:a3:
d9:6c:0c:99:60:12:4e:85:67:c0:00:09:ea:c3:64:ca:3e:16:
43:06:ba:35:e5:80:4e:56:2a:b2:2f:37:fd:66:60:33:1a:e5:
7a:3a:cd:b6:ce:47:d0:2e:9c:1d:aa:b3:26:ff:f7:1f:fa:fa:
0b:aa:b3:4a:20:ac:c9:ec:fb:f8:e7:e7:9a:80:96:c1:3e:6b:
7d:11:f3:83:dd:ca:f9:27:9d:e2:ea:dd:e5:ac:c6:40:7c:f7:
f5:43:f0:6d:e8:c0:69:92:23:51:6f:84:c6:e6:1b:cb:85:76:
a9:90:95:fe
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEbxB6ZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDMw
MjE0MTA1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDNmODU5ZmM5YjBl
NjcxN2RiMDg4MzJjM2IxNTMzODA1ZTUzMDNjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALe6l50MsoN7QDMbXanxnOskWjriQH8EJZHV6LKk77CdpRKr
l6ts+zHpKqsJJcB61BwiacTQb28H9QlLulPyfThhW5TJ/MAjM3NneAr94dnOpYhi
+qr/rT1Cw6LPQZzFvhukWSqElh7EyJiu85s318YOsCrUoGv8CtvniiTdwfcyxpzJ
LjF/IoLCEcXdhTokxeG/pbMWrx8SnLKJzm6dt3r5982KXFAAiDcU1+zUZ8doTDf5
wD2eLZn+KEmxF3ePfKCwHBrjFL6mZikpWO2pluxD2lcVAwaKH5cuPfLeY2NBSho4
+Zc/BqAVdoHA0NToBMhSK6vn/6gje2OgAx2UlYMCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRD+Fn8mw5nF9sIgyw7FTOAXlMDxjAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L1FfaFpfSnNPWnhmYkNJTXNPeFV6Z0Y1VEE4WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQANIEM6RfjKRjXN4I6aXpyDVqEi96ddz4bDp9vv
890rF5RKiwQU3iFUgtWJgjgj5XyYInsPBR3OVGnCcA35aho2aH9yF1P2jPKGL5YC
mijTX3rzXkTz5nIKIh33MJSL3+fcO4ifstX8dI+jHdvtwqXA4tSsBanblK8lAmwM
+eauoiQzEsrbLnfo/630RP6TgaPZbAyZYBJOhWfAAAnqw2TKPhZDBro15YBOViqy
Lzf9ZmAzGuV6Os22zkfQLpwdqrMm//cf+voLqrNKIKzJ7Pv45+eagJbBPmt9EfOD
3cr5J53i6t3lrMZAfPf1Q/Bt6MBpkiNRb4TG5hvLhXapkJX+
-----END CERTIFICATE-----
Generated at Thu May 1 10:05:53 2025 by rpki-client