Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Q_qNKD2eEpIdp9Hj-aB0JP70P3Y.roa
File: Q_qNKD2eEpIdp9Hj-aB0JP70P3Y.roa (raw, json)
Hash identifier: AymgCvegR8b7j6N1tKaU/vucPJ1QQ6anhUrf/fyQAzI=
Subject key identifier: 43:FA:8D:28:3D:9E:12:92:1D:A7:D1:E3:F9:A0:74:24:FE:F4:3F:76
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A0060E4F278FE6AFB72ABCADFFD9CED0E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Q_qNKD2eEpIdp9Hj-aB0JP70P3Y.roa
Signing time: Wed 16 Aug 2023 22:04:24 +0000
ROA not before: Wed 16 Aug 2023 22:04:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
2001:67c:64:ffff:0:18a:60:da3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:00:60:e4:f2:78:fe:6a:fb:72:ab:ca:df:fd:9c:ed:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 16 22:04:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43fa8d283d9e12921da7d1e3f9a07424fef43f76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:11:d9:c7:7d:e8:e7:70:7c:f2:a6:5d:58:6f:
51:9a:ce:51:5e:88:c3:de:74:03:7a:86:49:66:e3:
a2:ac:00:da:13:a7:9e:3c:84:15:89:d6:d6:4d:ff:
d4:9f:9a:fe:3c:60:53:27:69:dd:ae:e7:3f:b1:c3:
41:08:96:96:39:00:35:04:52:d8:66:93:57:97:9e:
0f:f0:fb:a4:bf:d8:73:1f:cf:46:d5:0d:a8:06:b4:
e0:f8:e3:ec:6d:b0:01:75:8e:f8:25:c6:c9:b0:86:
8d:e3:e9:56:a7:30:15:b2:51:6f:a9:67:95:60:af:
c0:1b:b3:3a:18:dd:e2:2d:29:24:af:97:53:4d:0b:
22:5e:88:62:bd:bb:f9:f6:06:11:a2:15:70:b9:a5:
f9:72:d9:07:f8:13:19:30:05:08:5d:00:56:af:52:
23:24:4f:4e:99:ce:45:c7:9a:67:c0:f2:36:b0:60:
d3:7f:4e:39:b2:0e:d0:c0:dc:8f:4d:86:9a:00:77:
c2:40:1f:4e:37:d0:17:29:52:01:c0:47:49:6d:bc:
05:0a:68:cc:b1:8e:25:7d:67:a9:8d:8f:3e:cb:1f:
2d:f8:5f:7d:e4:ba:86:de:37:23:cf:fc:70:f6:0e:
67:36:f2:e3:88:14:a7:0b:ae:8f:6a:a7:de:6a:5a:
82:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:FA:8D:28:3D:9E:12:92:1D:A7:D1:E3:F9:A0:74:24:FE:F4:3F:76
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Q_qNKD2eEpIdp9Hj-aB0JP70P3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
13:73:83:63:8e:04:ab:b4:91:5b:05:65:b7:d3:62:b4:02:a1:
4b:e2:b1:14:33:f9:f4:3f:ad:3e:45:e7:c5:22:78:f9:04:58:
96:26:31:c9:c4:09:7e:5d:6b:1a:39:9f:90:5d:9d:dc:b2:18:
fa:24:22:0b:77:19:db:d7:b0:5e:61:b0:59:2e:2c:b3:90:61:
05:0e:46:29:47:b7:c4:8d:a8:ca:dc:66:9c:be:ce:91:9a:76:
15:70:98:e4:41:75:a0:34:de:5c:79:90:dd:92:f4:56:ed:fc:
a8:77:3d:38:17:3f:01:17:42:ba:a6:2d:7b:83:cb:8d:dc:b2:
4d:e9:0d:1a:d2:3a:60:f6:76:51:a5:2a:51:51:4a:c6:8f:b9:
03:df:b9:b1:2a:71:2d:f8:e3:72:61:40:7f:7d:bf:c0:9b:d8:
c7:05:29:ee:6b:e7:56:b4:49:fb:79:78:f8:7c:dd:d8:12:25:
1f:23:c6:81:df:7f:68:a9:6e:f2:e7:c6:18:f4:76:d3:06:2f:
87:c2:d1:cd:f0:ad:33:4b:8d:58:57:d7:3e:6f:70:bd:42:98:
13:a1:0c:82:c4:a4:fe:e3:7c:fa:de:be:e9:cc:4d:a0:66:c6:
fc:26:d6:03:fd:99:44:27:6d:b1:28:35:48:75:c3:f1:c0:94:
5f:a0:56:81
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoAYOTyeP5q+3Kryt/9nO0OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE2MjIwNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2ZhOGQyODNkOWUxMjkyMWRhN2QxZTNmOWEwNzQyNGZlZjQzZjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRHZx33o53B88qZdWG9Rms5RXojD
3nQDeoZJZuOirADaE6eePIQVidbWTf/Un5r+PGBTJ2ndruc/scNBCJaWOQA1BFLY
ZpNXl54P8Pukv9hzH89G1Q2oBrTg+OPsbbABdY74JcbJsIaN4+lWpzAVslFvqWeV
YK/AG7M6GN3iLSkkr5dTTQsiXohivbv59gYRohVwuaX5ctkH+BMZMAUIXQBWr1Ij
JE9Omc5Fx5pnwPI2sGDTf045sg7QwNyPTYaaAHfCQB9ON9AXKVIBwEdJbbwFCmjM
sY4lfWepjY8+yx8t+F995LqG3jcjz/xw9g5nNvLjiBSnC66PaqfealqCbwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEP6jSg9nhKSHafR4/mgdCT+9D92MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUV9xTktEMmVFcElkcDlIai1hQjBKUDcwUDNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABNzg2OOBKu0kVsFZbfT
YrQCoUvisRQz+fQ/rT5F58UiePkEWJYmMcnECX5daxo5n5BdndyyGPokIgt3GdvX
sF5hsFkuLLOQYQUORilHt8SNqMrcZpy+zpGadhVwmORBdaA03lx5kN2S9Fbt/Kh3
PTgXPwEXQrqmLXuDy43csk3pDRrSOmD2dlGlKlFRSsaPuQPfubEqcS3443JhQH99
v8Cb2McFKe5r51a0Sft5ePh83dgSJR8jxoHff2ipbvLnxhj0dtMGL4fC0c3wrTNL
jVhX1z5vcL1CmBOhDILEpP7jfPrevunMTaBmxvwm1gP9mUQnbbEoNUh1w/HAlF+g
VoE=
-----END CERTIFICATE-----
Generated at Thu May 1 09:47:12 2025 by rpki-client