Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QgjMoOzbw6-AueDjrZ8AjwSCZ4E.roa
File: QgjMoOzbw6-AueDjrZ8AjwSCZ4E.roa (raw, json)
Hash identifier: +x7g4DWczJZKjN478lACZsH8l8LJ3eIZ7VJnrsuzYpE=
Subject key identifier: 42:08:CC:A0:EC:DB:C3:AF:80:B9:E0:E3:AD:9F:00:8F:04:82:67:81
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186C874F55EC4A6663715CC480FBEB114C0
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QgjMoOzbw6-AueDjrZ8AjwSCZ4E.roa
Signing time: Thu 09 Mar 2023 22:19:13 +0000
ROA not before: Thu 09 Mar 2023 22:19:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c8:74:f5:5e:c4:a6:66:37:15:cc:48:0f:be:b1:14:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 9 22:19:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4208cca0ecdbc3af80b9e0e3ad9f008f04826781
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:e8:2c:ea:bc:5e:79:e9:d0:89:88:fe:7b:b3:
75:f4:fb:b5:57:18:d8:4e:e8:0c:f4:16:78:8f:ed:
73:2b:eb:f5:15:8f:12:24:a5:c4:a9:fa:b5:a6:6e:
6c:70:74:78:f3:44:de:1a:b6:de:cc:90:e8:f8:53:
57:c0:39:00:08:4c:e1:74:91:08:49:d7:79:c8:0d:
fa:28:32:07:74:eb:e9:31:88:69:42:b6:50:e2:63:
54:9d:8b:8f:c8:04:87:d5:e5:f3:d6:db:7a:8b:9d:
72:96:8e:10:48:b4:aa:7b:af:31:ac:f2:75:eb:0d:
d9:05:63:20:96:3f:8d:41:d9:fc:c2:89:f2:aa:6e:
2d:4a:de:69:41:68:72:67:c0:fd:4e:df:f2:d4:da:
4d:1a:11:1b:56:d4:4e:04:5e:5a:a4:40:24:85:d3:
aa:10:de:80:f0:e9:fd:55:03:68:4d:fb:e1:84:a4:
c5:80:50:f9:0e:c8:dd:75:04:0e:aa:8d:22:50:28:
bc:b8:12:8e:13:7f:2d:df:94:5b:0c:10:55:51:16:
40:df:38:38:2d:28:0e:df:64:18:04:23:6c:8c:a1:
ee:93:40:ab:8a:c8:c0:cb:df:d1:20:94:f4:b6:fa:
19:bf:7d:45:02:c3:c9:82:fa:c9:85:82:a1:56:33:
37:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:08:CC:A0:EC:DB:C3:AF:80:B9:E0:E3:AD:9F:00:8F:04:82:67:81
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QgjMoOzbw6-AueDjrZ8AjwSCZ4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
49:76:e5:77:a7:23:5e:32:44:0a:84:e5:4c:fe:70:80:33:e4:
99:3b:1f:86:54:ce:0f:f3:a3:e2:6c:39:67:f0:84:45:17:88:
fd:da:f2:07:d7:8e:6d:1c:53:3c:db:57:72:b2:30:1d:29:ca:
0d:78:d3:5b:36:29:e0:99:40:cd:d4:35:85:b6:b8:18:38:3d:
76:95:86:53:a0:e0:f8:3f:36:bc:74:e1:13:4d:9e:0c:c4:96:
b1:35:c4:2d:f2:46:e4:d4:0b:cb:26:5e:f2:fe:7d:2c:f3:50:
ac:55:2e:dd:72:28:9f:a1:e3:a5:49:a7:3c:47:e9:cf:6c:a2:
a0:57:d1:72:be:92:a7:56:4a:e6:af:aa:6d:b5:49:fc:f0:90:
85:5e:21:f0:c5:56:d1:a2:54:bf:37:5d:06:23:04:e9:18:20:
83:68:61:7c:92:bd:59:a9:1d:e8:f9:11:29:65:c4:81:9e:a9:
ca:3d:53:de:ec:4e:34:fe:02:1c:4b:7a:11:4d:76:42:1a:17:
12:b3:12:87:4e:fe:73:07:7e:5a:fb:5b:47:c6:9e:7f:71:16:
ea:37:fc:ab:61:80:5c:22:38:00:dc:5f:1b:06:81:26:90:2a:
bf:6d:cc:c5:eb:09:eb:18:6f:47:56:30:50:c5:57:10:c7:da:
b0:80:32:d8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbIdPVexKZmNxXMSA++sRTAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA5MjIxOTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjA4Y2NhMGVjZGJjM2FmODBiOWUwZTNhZDlmMDA4ZjA0ODI2NzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ugs6rxeeenQiYj+e7N19Pu1VxjY
TugM9BZ4j+1zK+v1FY8SJKXEqfq1pm5scHR480TeGrbezJDo+FNXwDkACEzhdJEI
Sdd5yA36KDIHdOvpMYhpQrZQ4mNUnYuPyASH1eXz1tt6i51ylo4QSLSqe68xrPJ1
6w3ZBWMglj+NQdn8wonyqm4tSt5pQWhyZ8D9Tt/y1NpNGhEbVtROBF5apEAkhdOq
EN6A8On9VQNoTfvhhKTFgFD5DsjddQQOqo0iUCi8uBKOE38t35RbDBBVURZA3zg4
LSgO32QYBCNsjKHuk0CrisjAy9/RIJT0tvoZv31FAsPJgvrJhYKhVjM3AwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEIIzKDs28OvgLng462fAI8EgmeBMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUWdqTW9PemJ3Ni1BdWVEanJaOEFqd1NDWjRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEl25XenI14yRAqE5Uz+
cIAz5Jk7H4ZUzg/zo+JsOWfwhEUXiP3a8gfXjm0cUzzbV3KyMB0pyg1401s2KeCZ
QM3UNYW2uBg4PXaVhlOg4Pg/Nrx04RNNngzElrE1xC3yRuTUC8smXvL+fSzzUKxV
Lt1yKJ+h46VJpzxH6c9soqBX0XK+kqdWSuavqm21SfzwkIVeIfDFVtGiVL83XQYj
BOkYIINoYXySvVmpHej5ESllxIGeqco9U97sTjT+AhxLehFNdkIaFxKzEodO/nMH
flr7W0fGnn9xFuo3/KthgFwiOADcXxsGgSaQKr9tzMXrCesYb0dWMFDFVxDH2rCA
Mtg=
-----END CERTIFICATE-----
Generated at Thu May 1 01:34:40 2025 by rpki-client