Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QcSJG_Zy3-2sw5Cd7nZkFL1P1h4.roa
File: QcSJG_Zy3-2sw5Cd7nZkFL1P1h4.roa (raw, json)
Hash identifier: 9+HYEEEhnjAYQeHIifLOQmnmxUe7xiDDuIZoDuiMcGo=
Subject key identifier: 41:C4:89:1B:F6:72:DF:ED:AC:C3:90:9D:EE:76:64:14:BD:4F:D6:1E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187EB9C2746624FBC85898CF62F72AB7161
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QcSJG_Zy3-2sw5Cd7nZkFL1P1h4.roa
Signing time: Fri 05 May 2023 11:11:32 +0000
ROA not before: Fri 05 May 2023 11:11:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:eb:9c:27:46:62:4f:bc:85:89:8c:f6:2f:72:ab:71:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 5 11:11:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41c4891bf672dfedacc3909dee766414bd4fd61e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:41:f7:21:69:60:c9:80:1a:b9:11:54:f7:ba:
a6:09:f0:05:2e:c7:d5:4f:20:67:67:c2:ce:80:3d:
87:cb:f5:ef:a5:19:25:95:d1:f6:23:2e:5d:cc:38:
01:1f:52:a1:f5:b7:37:22:6c:05:32:87:2d:86:79:
ad:33:d9:aa:74:56:10:36:a8:47:3a:62:b4:c2:f3:
48:81:c6:0b:9f:01:21:c2:3a:38:5d:6d:69:91:46:
0c:21:da:a9:85:03:fb:d1:a5:29:11:dd:60:1a:0b:
bc:ca:51:f1:fa:08:cb:f9:80:dd:9e:01:72:aa:bc:
7d:0f:2d:f4:0e:0a:9a:b4:cb:3e:d4:63:e8:96:d3:
dc:2b:38:29:38:42:81:62:b4:17:a5:b6:7f:74:f6:
bd:4f:63:c4:a3:ed:50:b7:d4:2e:99:72:91:6d:79:
da:3f:c6:95:88:37:5a:02:b1:1d:e8:18:63:5b:96:
39:a5:35:03:e4:5b:33:6d:83:e9:0a:cd:e1:48:fb:
82:ed:e6:30:e9:b8:07:cc:5e:be:e6:45:f5:c5:7d:
4b:6e:3f:92:8a:dc:e6:5d:73:04:51:03:a1:48:71:
5b:01:93:23:64:ae:b3:e5:97:68:18:4b:9c:22:1c:
29:3f:bb:e0:83:90:33:2e:5f:f0:3f:87:f2:09:93:
13:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:C4:89:1B:F6:72:DF:ED:AC:C3:90:9D:EE:76:64:14:BD:4F:D6:1E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QcSJG_Zy3-2sw5Cd7nZkFL1P1h4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
70:be:16:a0:43:f7:ec:f3:9e:80:ae:cc:5d:b8:cc:52:dd:76:
24:d8:09:ce:93:27:b0:ca:e1:72:50:ec:04:5c:b3:68:1f:21:
94:82:8f:28:f6:f4:34:a5:b6:8e:d8:94:ba:9a:19:95:8a:eb:
bb:16:f9:8e:65:46:40:64:8a:c8:e5:c6:3c:68:e2:8a:1b:d6:
c1:03:10:61:06:05:a8:f5:8d:de:b0:99:f2:b3:7c:01:df:53:
74:01:b7:03:8d:af:f7:23:3d:3a:60:6a:39:56:68:5c:7c:38:
f5:19:2f:74:6d:df:30:5b:f7:bf:ab:ea:f1:e3:81:d1:55:32:
0d:c7:72:29:29:50:9a:64:cf:b7:5b:44:19:c4:f7:84:3e:90:
14:02:3d:62:b3:5a:a2:bb:ee:e1:93:e8:d8:a4:fd:e4:24:ef:
dd:c1:03:dd:c6:ad:cb:33:7c:2b:73:8a:8d:7a:57:28:48:84:
cb:91:6b:8b:10:60:7b:84:4d:fd:b9:6d:e9:6e:7d:31:ed:fc:
10:f4:b3:c7:6e:ab:5d:6d:a4:2a:29:99:2e:89:70:04:78:b5:
eb:2e:68:19:c0:cf:59:d8:cb:55:ef:64:41:89:ad:3d:9c:5b:
db:95:9e:cd:37:69:9b:90:44:eb:a6:3b:2e:66:ef:ee:e2:04:
77:21:b1:07
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYfrnCdGYk+8hYmM9i9yq3FhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTA1MTExMTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWM0ODkxYmY2NzJkZmVkYWNjMzkwOWRlZTc2NjQxNGJkNGZkNjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUH3IWlgyYAauRFU97qmCfAFLsfV
TyBnZ8LOgD2Hy/XvpRklldH2Iy5dzDgBH1Kh9bc3ImwFMocthnmtM9mqdFYQNqhH
OmK0wvNIgcYLnwEhwjo4XW1pkUYMIdqphQP70aUpEd1gGgu8ylHx+gjL+YDdngFy
qrx9Dy30DgqatMs+1GPoltPcKzgpOEKBYrQXpbZ/dPa9T2PEo+1Qt9QumXKRbXna
P8aViDdaArEd6BhjW5Y5pTUD5FszbYPpCs3hSPuC7eYw6bgHzF6+5kX1xX1Lbj+S
itzmXXMEUQOhSHFbAZMjZK6z5ZdoGEucIhwpP7vgg5AzLl/wP4fyCZMTaQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEHEiRv2ct/trMOQne52ZBS9T9YeMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUWNTSkdfWnkzLTJzdzVDZDduWmtGTDFQMWg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHC+FqBD9+zznoCuzF24
zFLddiTYCc6TJ7DK4XJQ7ARcs2gfIZSCjyj29DSlto7YlLqaGZWK67sW+Y5lRkBk
isjlxjxo4oob1sEDEGEGBaj1jd6wmfKzfAHfU3QBtwONr/cjPTpgajlWaFx8OPUZ
L3Rt3zBb97+r6vHjgdFVMg3HcikpUJpkz7dbRBnE94Q+kBQCPWKzWqK77uGT6Nik
/eQk793BA93GrcszfCtzio16VyhIhMuRa4sQYHuETf25belufTHt/BD0s8duq11t
pCopmS6JcAR4tesuaBnAz1nYy1XvZEGJrT2cW9uVns03aZuQROumOy5m7+7iBHch
sQc=
-----END CERTIFICATE-----
Generated at Thu May 1 10:04:49 2025 by rpki-client