Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QaYbju-A7SebciMi9ll7thVb4Uk.roa
File: QaYbju-A7SebciMi9ll7thVb4Uk.roa (raw, json)
Hash identifier: rY21po5Wm8QtrvEuv4xjYRttu8+HyfgP2x4dX1TUyTQ=
Subject key identifier: 41:A6:1B:8E:EF:80:ED:27:9B:72:23:22:F6:59:7B:B6:15:5B:E1:49
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01869C0D377830412934A4DC92BEE0D7290A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QaYbju-A7SebciMi9ll7thVb4Uk.roa
Signing time: Wed 01 Mar 2023 07:22:37 +0000
ROA not before: Wed 01 Mar 2023 07:22:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9c:0d:37:78:30:41:29:34:a4:dc:92:be:e0:d7:29:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 1 07:22:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41a61b8eef80ed279b722322f6597bb6155be149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9d:76:f1:fa:ea:7f:96:b3:0f:7d:ab:95:99:
ab:43:ab:93:5d:19:28:13:1a:f7:44:43:2e:3b:db:
6e:1f:3c:12:39:c0:f3:b0:de:c4:6f:4e:0d:3c:5a:
36:62:ee:bf:e6:93:af:ea:c2:07:8c:8c:39:46:2a:
29:2c:7c:b8:ca:63:e0:a3:31:b9:26:99:b8:09:99:
b0:7f:b1:91:98:ea:3b:45:03:c4:2c:84:fb:9e:54:
f2:f2:08:7d:ae:ad:0f:2a:c3:07:c9:85:84:17:84:
58:dc:04:77:c7:71:e8:97:62:3f:3e:31:9e:6a:3a:
d3:46:50:04:9c:e1:a5:38:3d:f6:f4:31:94:a8:b9:
d1:e3:80:25:0f:db:4a:f3:81:e6:e4:4a:ac:67:2b:
f3:f2:cc:ca:81:1e:35:46:99:44:dd:62:87:40:11:
89:f7:93:8e:71:d0:49:85:ed:d8:17:c1:08:db:f0:
17:6d:1f:fd:b1:5c:e5:ae:55:cd:17:5e:22:41:17:
5e:99:44:14:e9:ff:59:85:b3:e4:36:88:79:48:d1:
64:34:55:dc:38:c2:d0:91:ae:df:aa:95:e2:c3:66:
09:e5:68:ba:20:f7:b6:5c:59:f3:9e:44:8b:cb:bc:
e5:be:d3:75:d3:88:6f:83:f5:f0:0e:e0:a7:48:d1:
85:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A6:1B:8E:EF:80:ED:27:9B:72:23:22:F6:59:7B:B6:15:5B:E1:49
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QaYbju-A7SebciMi9ll7thVb4Uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
85:7e:12:18:43:42:92:bf:cc:12:d1:94:cb:ac:74:ff:42:2d:
3f:1c:24:a3:0b:ec:9a:72:74:58:87:2f:12:82:c2:5f:65:fa:
90:81:e7:9b:49:7f:fb:7a:c7:44:df:86:0c:b1:41:d7:aa:e2:
c9:54:6b:07:36:12:48:a0:a8:13:7b:df:2f:fe:02:4b:dc:97:
19:b4:e6:b5:56:7e:aa:91:40:85:06:14:e1:0b:a3:3b:ef:72:
1f:8e:4c:a6:05:f5:f0:26:3e:20:ea:13:57:fb:81:a7:96:42:
2b:f9:9d:83:e2:4d:ac:07:92:49:4e:12:fd:20:db:b1:7d:24:
c2:c7:c7:96:02:75:99:42:16:3c:a5:b2:71:c1:95:06:87:df:
c4:4d:6b:cf:cc:64:25:8f:e3:9e:c6:b4:ee:48:03:a7:14:d0:
43:09:0a:5e:e9:dd:40:03:aa:5c:de:1d:c5:6e:76:2f:cf:05:
84:1c:45:62:55:da:b0:92:47:0e:3b:4f:c0:05:d2:ae:49:2b:
39:54:1d:7e:f4:3f:63:57:1f:75:cd:73:99:51:aa:69:2c:26:
d1:97:77:fe:fb:04:d3:d4:b6:86:89:7a:9b:da:8f:ab:85:82:
64:84:2b:f7:2e:7b:a5:dc:39:ac:ed:3c:b3:40:ee:c3:10:ca:
25:d9:0c:83
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYacDTd4MEEpNKTckr7g1ykKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzAxMDcyMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWE2MWI4ZWVmODBlZDI3OWI3MjIzMjJmNjU5N2JiNjE1NWJlMTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZ128frqf5azD32rlZmrQ6uTXRko
Exr3REMuO9tuHzwSOcDzsN7Eb04NPFo2Yu6/5pOv6sIHjIw5RiopLHy4ymPgozG5
Jpm4CZmwf7GRmOo7RQPELIT7nlTy8gh9rq0PKsMHyYWEF4RY3AR3x3Hol2I/PjGe
ajrTRlAEnOGlOD329DGUqLnR44AlD9tK84Hm5EqsZyvz8szKgR41RplE3WKHQBGJ
95OOcdBJhe3YF8EI2/AXbR/9sVzlrlXNF14iQRdemUQU6f9ZhbPkNoh5SNFkNFXc
OMLQka7fqpXiw2YJ5Wi6IPe2XFnznkSLy7zlvtN104hvg/XwDuCnSNGFHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEGmG47vgO0nm3IjIvZZe7YVW+FJMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUWFZYmp1LUE3U2ViY2lNaTlsbDd0aFZiNFVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIV+EhhDQpK/zBLRlMus
dP9CLT8cJKML7JpydFiHLxKCwl9l+pCB55tJf/t6x0TfhgyxQdeq4slUawc2Ekig
qBN73y/+Akvclxm05rVWfqqRQIUGFOELozvvch+OTKYF9fAmPiDqE1f7gaeWQiv5
nYPiTawHkklOEv0g27F9JMLHx5YCdZlCFjylsnHBlQaH38RNa8/MZCWP457GtO5I
A6cU0EMJCl7p3UADqlzeHcVudi/PBYQcRWJV2rCSRw47T8AF0q5JKzlUHX70P2NX
H3XNc5lRqmksJtGXd/77BNPUtoaJepvaj6uFgmSEK/cue6XcOaztPLNA7sMQyiXZ
DIM=
-----END CERTIFICATE-----
Generated at Thu May 1 18:51:38 2025 by rpki-client