Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QnTdm0LxuwFNAxqQ4e4TPuKboRg.roa
File: QnTdm0LxuwFNAxqQ4e4TPuKboRg.roa (raw, json)
Hash identifier: VIsuSBAALVv0qAMD+MvP89mNNHSsq+H4UjDyHOrdbsA=
Subject key identifier: 42:74:DD:9B:42:F1:BB:01:4D:03:1A:90:E1:EE:13:3E:E2:9B:A1:18
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A3575E7CA8A529DA0F653CBD319AD3DDE
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QnTdm0LxuwFNAxqQ4e4TPuKboRg.roa
Signing time: Sun 27 Aug 2023 05:27:14 +0000
ROA not before: Sun 27 Aug 2023 05:27:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:35:75:e7:ca:8a:52:9d:a0:f6:53:cb:d3:19:ad:3d:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 27 05:27:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4274dd9b42f1bb014d031a90e1ee133ee29ba118
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:cf:8c:27:0e:f9:df:66:66:3a:68:c9:01:02:
b0:a2:2c:10:23:cd:f3:30:1e:91:0c:b0:ec:dc:c6:
cf:32:df:0b:5e:94:d2:02:de:1c:81:1a:ca:72:0e:
5e:e8:b7:d9:51:27:ba:e2:3b:5c:83:21:e8:34:1d:
f9:60:30:77:43:25:84:90:22:00:d3:75:a3:58:b5:
85:57:a1:80:ab:f5:41:58:2e:be:dd:52:b9:3f:48:
94:93:79:dd:17:03:70:1c:10:6b:dd:56:ec:2f:6c:
a7:cc:e5:44:6c:ee:82:83:c5:7b:87:bc:3e:34:e9:
71:49:57:da:2c:c3:27:c4:e1:d2:58:4b:ba:76:ea:
84:7b:10:eb:5b:77:cf:8f:e1:cb:26:53:46:e8:55:
8e:0e:95:fa:67:55:a3:70:fe:df:17:97:66:77:00:
cb:f6:07:84:e7:a4:da:d1:10:c6:3f:81:c1:94:62:
64:ad:e5:42:ae:f2:4c:47:d4:df:08:f8:ec:05:da:
e7:b7:95:29:90:61:ef:41:ce:f2:78:ca:97:67:53:
c7:ff:5f:fc:e6:5a:08:3a:c4:18:a5:25:6c:44:90:
70:75:15:73:76:25:f3:52:02:07:d4:c3:45:4f:e6:
72:9d:52:2b:a9:d6:67:69:e8:42:8f:4f:f1:a7:a3:
be:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:74:DD:9B:42:F1:BB:01:4D:03:1A:90:E1:EE:13:3E:E2:9B:A1:18
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QnTdm0LxuwFNAxqQ4e4TPuKboRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
87:f5:1b:0f:43:84:f7:7f:d1:90:8f:a6:13:73:46:ad:55:cf:
21:53:41:c5:d4:df:7b:d8:90:76:ae:b8:8d:d2:eb:98:b8:ce:
f4:45:ba:e2:d7:7d:ad:40:da:b4:db:76:3a:56:67:61:86:a4:
fb:59:17:34:ff:22:4e:65:41:de:62:6c:cd:2d:66:da:a8:b9:
f5:4e:5f:38:d0:ad:ce:1e:9e:bd:c2:32:18:78:c1:a8:16:73:
6f:92:ab:a6:1d:5b:73:6b:3b:9a:d3:f9:41:64:9f:b2:34:bf:
13:de:d0:bf:ca:42:23:40:fb:bb:98:b8:b0:27:11:bc:38:d0:
96:e3:f4:fe:56:b0:bc:cc:da:92:30:c6:e0:52:95:94:81:6c:
91:cc:6e:7b:bd:25:04:f3:d8:07:ca:36:ec:d5:df:ae:24:cb:
62:d1:84:8d:e3:f5:02:1e:9d:c1:97:76:79:9e:2c:22:b6:62:
ee:f6:36:1c:00:79:c8:14:1e:98:41:8c:f4:fa:b2:fc:d4:0b:
25:15:9c:0f:08:72:96:7e:2b:8b:03:0e:9d:a7:84:7a:51:58:
f6:b6:e7:4b:f5:b1:da:bb:45:ec:b1:c7:8c:f3:f1:56:68:e7:
4c:b9:c9:a7:86:65:cc:73:4b:c6:39:3b:39:a0:6c:cb:32:b4:
b5:7e:72:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYo1defKilKdoPZTy9MZrT3eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI3MDUyNzE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjc0ZGQ5YjQyZjFiYjAxNGQwMzFhOTBlMWVlMTMzZWUyOWJhMTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjM+MJw7532ZmOmjJAQKwoiwQI83z
MB6RDLDs3MbPMt8LXpTSAt4cgRrKcg5e6LfZUSe64jtcgyHoNB35YDB3QyWEkCIA
03WjWLWFV6GAq/VBWC6+3VK5P0iUk3ndFwNwHBBr3VbsL2ynzOVEbO6Cg8V7h7w+
NOlxSVfaLMMnxOHSWEu6duqEexDrW3fPj+HLJlNG6FWODpX6Z1WjcP7fF5dmdwDL
9geE56Ta0RDGP4HBlGJkreVCrvJMR9TfCPjsBdrnt5UpkGHvQc7yeMqXZ1PH/1/8
5loIOsQYpSVsRJBwdRVzdiXzUgIH1MNFT+ZynVIrqdZnaehCj0/xp6O+UQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEJ03ZtC8bsBTQMakOHuEz7im6EYMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUW5UZG0wTHh1d0ZOQXhxUTRlNFRQdUtib1JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIf1Gw9DhPd/0ZCPphNz
Rq1VzyFTQcXU33vYkHauuI3S65i4zvRFuuLXfa1A2rTbdjpWZ2GGpPtZFzT/Ik5l
Qd5ibM0tZtqoufVOXzjQrc4enr3CMhh4wagWc2+Sq6YdW3NrO5rT+UFkn7I0vxPe
0L/KQiNA+7uYuLAnEbw40Jbj9P5WsLzM2pIwxuBSlZSBbJHMbnu9JQTz2AfKNuzV
364ky2LRhI3j9QIencGXdnmeLCK2Yu72NhwAecgUHphBjPT6svzUCyUVnA8IcpZ+
K4sDDp2nhHpRWPa250v1sdq7Reyxx4zz8VZo50y5yaeGZcxzS8Y5OzmgbMsytLV+
cic=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:41:21 2025 by rpki-client