Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QfF9YqjhKi07qKOpNmq1xxanqwo.roa
File: QfF9YqjhKi07qKOpNmq1xxanqwo.roa (raw, json)
Hash identifier: VYSMu1tZw1pATIivvqJzC7rcf2tYU8xbTX8CZFPgkas=
Subject key identifier: 41:F1:7D:62:A8:E1:2A:2D:3B:A8:A3:A9:36:6A:B5:C7:16:A7:AB:0A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 8639BA20
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QfF9YqjhKi07qKOpNmq1xxanqwo.roa
Signing time: Sun 22 May 2022 04:12:29 +0000
ROA not before: Sun 22 May 2022 04:12:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:a810:6542/128 maxlen: 128
2001:67c:64:ffff:0:180:ddb5:bc5/128 maxlen: 128
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:e0ec:efe1/128 maxlen: 128
2001:67c:64:ffff:0:180:8961:505f/128 maxlen: 128
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2251930144 (0x8639ba20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 22 04:12:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=41f17d62a8e12a2d3ba8a3a9366ab5c716a7ab0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:32:1b:54:04:83:db:a9:44:f1:8e:04:a5:f5:
f9:7b:05:b7:d2:f8:68:7a:21:d8:c5:69:fc:b8:3e:
98:46:d2:72:53:81:dc:db:b5:14:df:6a:14:69:63:
6b:c3:da:f7:57:f6:c8:e4:8d:37:a4:3e:aa:df:5d:
a5:7f:63:2d:29:f2:cf:c9:19:0b:bd:e1:57:a7:4f:
a3:90:34:71:af:6f:38:0c:12:9d:01:ea:fd:3f:fa:
d5:28:26:6e:26:27:20:a1:20:9a:22:2f:fa:a7:a2:
3a:04:f1:17:b9:8a:b3:be:58:08:c1:c3:40:67:cb:
af:b9:54:a6:d6:68:14:1b:15:a5:3a:32:db:90:52:
27:88:fc:f3:17:b7:57:0b:de:b1:1c:f8:c7:df:d3:
c7:df:c3:f4:1b:e1:a4:21:00:d5:bd:0c:3f:80:f7:
85:a2:e8:5a:2f:5b:e2:62:81:09:50:13:81:ec:76:
51:9b:b4:14:5d:cb:a6:c3:4e:39:9b:12:2c:14:4b:
55:e8:ce:00:8e:0b:dd:01:cd:a2:f9:c5:35:be:c9:
c3:65:f9:2c:8c:6d:39:40:90:f1:1d:99:a4:01:45:
da:84:21:2e:63:7d:76:1c:b0:1b:95:e1:21:55:5f:
60:76:c4:00:6e:70:7d:fe:0a:02:51:af:84:90:3f:
ee:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:F1:7D:62:A8:E1:2A:2D:3B:A8:A3:A9:36:6A:B5:C7:16:A7:AB:0A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QfF9YqjhKi07qKOpNmq1xxanqwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
06:06:04:bf:9f:4c:dc:fb:2c:60:22:e8:b7:39:05:ee:e9:29:
cb:b2:34:84:86:39:e4:fe:d3:ea:93:18:97:9f:8e:e6:74:c8:
d8:ca:6e:7f:8c:91:c3:b4:b0:c9:e6:5c:c8:2a:f6:5c:66:54:
f6:97:6b:c8:d7:bd:ab:da:01:eb:0c:b2:d5:c8:63:07:5a:2c:
b1:c4:79:e9:54:0a:f6:63:d1:64:67:34:85:f0:b0:a5:1b:5f:
0e:be:95:8f:db:13:52:44:96:fe:0d:eb:c7:69:1c:00:4f:74:
f5:f7:18:4d:94:f2:4b:ee:b5:3b:54:34:1e:de:0d:54:12:36:
5b:5f:8d:94:10:f6:bb:2b:05:61:d9:92:bb:d9:c0:47:a9:9f:
a4:5c:90:42:1f:cf:fa:f6:b1:15:c9:ee:db:f0:7f:84:8e:17:
22:0f:2e:64:53:af:0b:70:5b:25:3d:84:41:2b:c9:94:25:9b:
19:a1:61:38:8c:4c:eb:54:d9:1a:4b:b1:e7:86:46:df:9d:84:
4b:12:bc:9b:27:d6:6c:86:3a:d9:73:7a:a8:94:18:4e:c5:9c:
7a:cc:ef:16:61:41:d7:eb:e5:b2:17:11:6b:0a:6b:27:a5:8d:
d0:2e:9a:fb:b9:dc:c4:32:8a:12:9a:b1:d8:dd:20:be:cd:7a:
f0:c8:e8:0b
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIY5uiAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MjIwNDEyMjlaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDQxZjE3ZDYyYThl
MTJhMmQzYmE4YTNhOTM2NmFiNWM3MTZhN2FiMGEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDlMhtUBIPbqUTxjgSl9fl7BbfS+Gh6IdjFafy4PphG0nJT
gdzbtRTfahRpY2vD2vdX9sjkjTekPqrfXaV/Yy0p8s/JGQu94VenT6OQNHGvbzgM
Ep0B6v0/+tUoJm4mJyChIJoiL/qnojoE8Re5irO+WAjBw0Bny6+5VKbWaBQbFaU6
MtuQUieI/PMXt1cL3rEc+Mff08ffw/Qb4aQhANW9DD+A94Wi6FovW+JigQlQE4Hs
dlGbtBRdy6bDTjmbEiwUS1XozgCOC90BzaL5xTW+ycNl+SyMbTlAkPEdmaQBRdqE
IS5jfXYcsBuV4SFVX2B2xABucH3+CgJRr4SQP+73AgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUQfF9YqjhKi07qKOpNmq1xxanqwowHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9RZkY5WXFqaEtpMDdxS09wTm1xMXh4YW5xd28ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEABgYEv59M3PssYCLotzkF7ukpy7I0hIY55P7T
6pMYl5+O5nTI2Mpuf4yRw7SwyeZcyCr2XGZU9pdryNe9q9oB6wyy1chjB1osscR5
6VQK9mPRZGc0hfCwpRtfDr6Vj9sTUkSW/g3rx2kcAE909fcYTZTyS+61O1Q0Ht4N
VBI2W1+NlBD2uysFYdmSu9nAR6mfpFyQQh/P+vaxFcnu2/B/hI4XIg8uZFOvC3Bb
JT2EQSvJlCWbGaFhOIxM61TZGkux54ZG352ESxK8myfWbIY62XN6qJQYTsWceszv
FmFB1+vlshcRawprJ6WN0C6a+7ncxDKKEpqx2N0gvs168MjoCw==
-----END CERTIFICATE-----
Generated at Sat May 3 05:07:28 2025 by rpki-client