Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Qj0EGikLitQFgqEHGkaYq204rko.roa
File: Qj0EGikLitQFgqEHGkaYq204rko.roa (raw, json)
Hash identifier: g/HbxbgwttqOvc+q2RTTGtRbiWZi0OOdnd2K/7LN+xo=
Subject key identifier: 42:3D:04:1A:29:0B:8A:D4:05:82:A1:07:1A:46:98:AB:6D:38:AE:4A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01848D7611BFBB669F6B4327AE6E90F0CF97
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Qj0EGikLitQFgqEHGkaYq204rko.roa
Signing time: Sat 19 Nov 2022 01:17:16 +0000
ROA not before: Sat 19 Nov 2022 01:17:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8d:76:11:bf:bb:66:9f:6b:43:27:ae:6e:90:f0:cf:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Nov 19 01:17:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=423d041a290b8ad40582a1071a4698ab6d38ae4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:86:5c:56:ea:38:eb:9f:d5:ad:47:7c:01:30:
c2:b1:8d:6a:41:3b:6a:57:e2:db:95:62:f5:b5:84:
93:fd:65:19:77:23:c0:38:92:cb:06:41:2e:ab:1e:
9e:d3:06:0e:01:87:bc:79:a0:36:49:26:f5:7e:db:
61:26:19:38:75:9b:46:69:01:5d:02:42:55:a4:b8:
0e:0f:80:84:e8:f9:4a:c7:44:a3:4d:d2:7b:cd:5d:
16:8c:77:bc:5d:6a:67:b1:ee:21:c9:53:6b:6a:8b:
4f:48:8e:74:5c:f6:38:ed:8d:21:70:da:70:1e:ba:
0e:f6:de:43:8b:6d:06:89:93:70:a7:c4:61:3f:97:
f1:62:1a:37:5f:4b:4e:90:12:63:62:c7:1e:c0:96:
40:1f:eb:65:f0:8d:4e:8f:df:f9:a2:4b:b8:1f:33:
9a:db:65:3f:8d:d6:03:b0:9d:3d:b8:3e:04:6f:88:
42:a9:b7:5a:8a:cf:cf:f8:24:93:cf:ca:ea:66:e5:
73:02:ba:a5:9b:10:fc:94:e1:ed:61:10:bc:11:88:
bd:9e:41:63:c4:6e:01:8d:6f:db:61:4c:f1:8d:f7:
77:c7:47:0d:fa:85:e8:a2:03:2f:fc:42:a5:b5:94:
18:6e:7f:cb:17:5b:94:e5:ed:87:86:bc:94:b7:30:
54:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:3D:04:1A:29:0B:8A:D4:05:82:A1:07:1A:46:98:AB:6D:38:AE:4A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Qj0EGikLitQFgqEHGkaYq204rko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0a:f0:79:9d:2a:b1:4e:28:a0:84:5d:99:b7:92:69:19:9f:a6:
75:b9:c7:ba:59:fe:4b:bb:a2:77:3e:47:65:93:78:27:70:31:
a7:cd:3e:db:f5:24:e3:89:ff:25:99:ed:bc:75:15:29:e2:bb:
01:6c:73:3f:ca:55:6f:f1:10:a3:11:f3:85:be:0d:7d:c2:8e:
ff:f0:11:22:ff:6e:d9:64:6b:43:9b:65:15:6e:7a:cd:4a:56:
63:0e:ca:b9:2d:51:7e:89:f6:3e:10:56:28:fb:83:5c:9c:a5:
70:95:1e:a9:e5:bf:bd:6a:10:ca:4d:92:ea:c8:16:39:eb:14:
9a:62:21:d9:cf:19:71:32:d8:23:70:1c:d7:bd:5c:f5:b6:36:
65:c6:74:f9:88:0f:ba:1d:59:52:af:41:6d:0a:b0:56:f3:13:
07:c6:b8:f5:1f:99:2b:b9:a5:1e:54:f0:ca:08:2a:9f:6e:87:
3d:f0:54:f1:4e:36:e0:6a:97:ac:54:3f:1f:66:29:ab:6f:e0:
39:84:5c:9f:2f:53:15:db:a8:7c:1d:5e:df:28:f4:fd:a0:44:
10:5a:ec:1c:96:a2:ca:67:ee:a5:bd:ac:a3:3b:aa:96:56:3b:
2c:65:be:c1:97:ee:d1:b0:0c:f3:2f:9c:66:4f:62:34:e7:c8:
83:ea:69:1a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYSNdhG/u2afa0Mnrm6Q8M+XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMTE5MDExNzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjNkMDQxYTI5MGI4YWQ0MDU4MmExMDcxYTQ2OThhYjZkMzhhZTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoZcVuo465/VrUd8ATDCsY1qQTtq
V+LblWL1tYST/WUZdyPAOJLLBkEuqx6e0wYOAYe8eaA2SSb1ftthJhk4dZtGaQFd
AkJVpLgOD4CE6PlKx0SjTdJ7zV0WjHe8XWpnse4hyVNraotPSI50XPY47Y0hcNpw
HroO9t5Di20GiZNwp8RhP5fxYho3X0tOkBJjYscewJZAH+tl8I1Oj9/5oku4HzOa
22U/jdYDsJ09uD4Eb4hCqbdais/P+CSTz8rqZuVzArqlmxD8lOHtYRC8EYi9nkFj
xG4BjW/bYUzxjfd3x0cN+oXoogMv/EKltZQYbn/LF1uU5e2HhryUtzBUAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEI9BBopC4rUBYKhBxpGmKttOK5KMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUWowRUdpa0xpdFFGZ3FFSEdrYVlxMjA0cmtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAArweZ0qsU4ooIRdmbeS
aRmfpnW5x7pZ/ku7onc+R2WTeCdwMafNPtv1JOOJ/yWZ7bx1FSniuwFscz/KVW/x
EKMR84W+DX3Cjv/wESL/btlka0ObZRVues1KVmMOyrktUX6J9j4QVij7g1ycpXCV
Hqnlv71qEMpNkurIFjnrFJpiIdnPGXEy2CNwHNe9XPW2NmXGdPmID7odWVKvQW0K
sFbzEwfGuPUfmSu5pR5U8MoIKp9uhz3wVPFONuBql6xUPx9mKatv4DmEXJ8vUxXb
qHwdXt8o9P2gRBBa7ByWospn7qW9rKM7qpZWOyxlvsGX7tGwDPMvnGZPYjTnyIPq
aRo=
-----END CERTIFICATE-----
Generated at Thu May 1 23:59:47 2025 by rpki-client