Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QrLLyNo52cDlpAdCs9DA-R1sWl8.roa
File: QrLLyNo52cDlpAdCs9DA-R1sWl8.roa (raw, json)
Hash identifier: tbL9ZVorSsTW9eFNOWbSST4CfZ7xX+GGR/8kGiQkSL4=
Subject key identifier: 42:B2:CB:C8:DA:39:D9:C0:E5:A4:07:42:B3:D0:C0:F9:1D:6C:5A:5F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184E5A380C9EE03FE71934A1F33A08FF76B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QrLLyNo52cDlpAdCs9DA-R1sWl8.roa
Signing time: Tue 06 Dec 2022 04:13:28 +0000
ROA not before: Tue 06 Dec 2022 04:13:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e5:a3:80:c9:ee:03:fe:71:93:4a:1f:33:a0:8f:f7:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 6 04:13:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=42b2cbc8da39d9c0e5a40742b3d0c0f91d6c5a5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:52:dd:d0:97:f4:a9:dc:8c:5c:20:e3:62:ab:
fb:2f:ad:f7:4b:57:d3:74:9f:91:85:25:55:40:d9:
9e:4e:fc:04:a5:00:85:b1:06:1e:02:88:e2:69:ba:
2e:5c:45:bc:0f:0b:6f:45:77:d1:1e:ec:6e:30:36:
58:eb:13:f5:2b:0e:5f:a3:ce:07:5f:1a:68:bb:1e:
05:ed:07:f9:f9:26:fa:ee:24:ec:3f:81:86:50:2a:
6c:d0:84:95:eb:b9:16:24:24:e3:e8:e3:00:0d:19:
3f:2b:6c:71:7a:99:24:6b:7b:85:21:78:66:a3:8a:
c0:af:c0:cf:51:c7:44:25:c7:de:91:50:0e:f3:f9:
b1:2e:a7:e4:ed:95:e5:89:50:6b:7f:e7:07:00:99:
65:2c:42:59:0b:c5:63:3d:54:f8:8a:c3:10:15:fa:
35:09:30:43:7c:7b:c2:3e:d0:35:2e:21:ce:e8:6e:
2c:99:af:04:4b:40:31:68:b1:d7:b9:81:aa:b4:14:
59:19:e0:84:3c:2b:9f:0e:80:23:6e:ce:bd:ca:b7:
f6:1d:e7:e5:66:63:c2:29:7d:57:99:3a:ae:33:f3:
3f:3e:f0:93:71:83:1b:10:58:05:21:5b:97:83:2e:
22:e8:a9:9b:78:70:09:04:0b:4f:49:78:bc:1d:aa:
4f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:B2:CB:C8:DA:39:D9:C0:E5:A4:07:42:B3:D0:C0:F9:1D:6C:5A:5F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QrLLyNo52cDlpAdCs9DA-R1sWl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:62:f2:5c:ea:0f:c1:2e:e8:de:3e:1f:62:b7:9e:a2:31:51:
c4:e3:ad:87:e9:f6:49:26:13:a7:45:4e:97:45:5f:0b:cb:ac:
c3:a3:d0:15:b8:8c:55:8c:0b:a9:1a:80:28:15:b2:79:9f:d5:
7d:6f:2b:a2:bc:d8:91:77:22:e0:64:22:da:71:47:74:e4:04:
8b:a1:32:84:fd:b3:0a:53:0f:0c:92:b6:01:e5:40:dd:da:13:
aa:6e:df:07:ce:b0:df:f5:6b:48:4e:0d:81:82:20:f5:a3:99:
fb:bf:b1:9c:08:e4:d1:df:5b:76:40:32:f4:17:12:fc:21:11:
5b:dd:b6:59:c6:5a:de:4d:f2:27:4e:b3:88:9b:4f:3b:6a:db:
98:71:f0:8b:fb:6a:7e:74:e9:aa:ab:51:c3:3b:d1:2b:d5:b6:
24:b0:49:c2:3f:fb:77:6d:80:da:fc:b8:c2:0b:66:41:7c:d4:
bd:04:11:94:a2:79:90:fc:43:74:c3:5f:d4:5a:35:5f:52:e0:
ca:5e:ed:25:d5:9b:42:dc:db:e4:8e:fe:bf:39:e5:c1:a1:2d:
a1:b0:9d:cf:cd:6a:9f:3e:18:1c:4c:5d:f1:3a:25:f2:68:1f:
6d:fa:06:e8:35:33:2f:44:fa:28:32:bc:85:52:d9:39:0d:fb:
57:d7:91:af
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTlo4DJ7gP+cZNKHzOgj/drMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjA2MDQxMzI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmIyY2JjOGRhMzlkOWMwZTVhNDA3NDJiM2QwYzBmOTFkNmM1YTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5lLd0Jf0qdyMXCDjYqv7L633S1fT
dJ+RhSVVQNmeTvwEpQCFsQYeAojiabouXEW8DwtvRXfRHuxuMDZY6xP1Kw5fo84H
Xxpoux4F7Qf5+Sb67iTsP4GGUCps0ISV67kWJCTj6OMADRk/K2xxepkka3uFIXhm
o4rAr8DPUcdEJcfekVAO8/mxLqfk7ZXliVBrf+cHAJllLEJZC8VjPVT4isMQFfo1
CTBDfHvCPtA1LiHO6G4sma8ES0AxaLHXuYGqtBRZGeCEPCufDoAjbs69yrf2Hefl
ZmPCKX1XmTquM/M/PvCTcYMbEFgFIVuXgy4i6KmbeHAJBAtPSXi8HapPmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEKyy8jaOdnA5aQHQrPQwPkdbFpfMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUXJMTHlObzUyY0RscEFkQ3M5REEtUjFzV2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAJi8lzqD8Eu6N4+H2K3
nqIxUcTjrYfp9kkmE6dFTpdFXwvLrMOj0BW4jFWMC6kagCgVsnmf1X1vK6K82JF3
IuBkItpxR3TkBIuhMoT9swpTDwyStgHlQN3aE6pu3wfOsN/1a0hODYGCIPWjmfu/
sZwI5NHfW3ZAMvQXEvwhEVvdtlnGWt5N8idOs4ibTztq25hx8Iv7an506aqrUcM7
0SvVtiSwScI/+3dtgNr8uMILZkF81L0EEZSieZD8Q3TDX9RaNV9S4Mpe7SXVm0Lc
2+SO/r855cGhLaGwnc/Nap8+GBxMXfE6JfJoH236Bug1My9E+igyvIVS2TkN+1fX
ka8=
-----END CERTIFICATE-----
Generated at Thu May 1 18:45:03 2025 by rpki-client