Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QuX5OdAJF6zzTicv1DIfCVSPx0c.roa
File: QuX5OdAJF6zzTicv1DIfCVSPx0c.roa (raw, json)
Hash identifier: 6xlZfXUGrvitCbfRAwHVcHRwgORZy7yVy/Zd1EVwzZ4=
Subject key identifier: 42:E5:F9:39:D0:09:17:AC:F3:4E:27:2F:D4:32:1F:09:54:8F:C7:47
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A2859AD6B0C652ADF1205353662F8609E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QuX5OdAJF6zzTicv1DIfCVSPx0c.roa
Signing time: Thu 24 Aug 2023 16:21:20 +0000
ROA not before: Thu 24 Aug 2023 16:21:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:28:59:ad:6b:0c:65:2a:df:12:05:35:36:62:f8:60:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 24 16:21:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42e5f939d00917acf34e272fd4321f09548fc747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:08:6f:1e:4b:cc:82:97:86:8c:b4:a3:de:c6:
f7:e2:cb:c4:37:25:0f:7a:37:e7:2f:b7:e5:3c:c2:
f3:a2:6e:f9:33:52:dd:ca:3c:be:69:87:ee:bd:3f:
f1:14:cc:d3:be:36:9b:e6:83:93:e2:53:f4:a5:32:
2b:17:bc:86:4e:52:7e:62:dd:ed:fa:53:6e:64:8e:
38:e5:9d:82:16:30:21:2a:8e:cf:57:65:26:08:87:
b8:f8:11:f9:14:23:49:b8:eb:f8:de:6b:6f:89:9d:
37:b6:aa:b6:67:17:a6:60:8c:05:3e:c8:91:f3:53:
12:3b:fe:b1:61:72:b1:9b:0f:be:0f:2f:15:59:af:
e1:4a:68:1c:55:a2:c6:31:ad:5f:ad:55:db:05:cd:
56:83:7c:4d:d5:0e:ee:ed:ef:d2:06:99:3f:06:58:
89:25:95:8b:07:01:1b:cb:58:49:ae:7c:3d:05:cd:
f2:6c:b1:70:c9:65:ae:42:d1:01:2e:54:54:04:6f:
69:f9:9c:c8:c2:18:67:11:9d:fe:2c:f1:af:ec:c2:
f4:dd:52:de:3d:87:6d:05:e6:67:e7:19:d9:d1:dc:
ca:88:7b:10:de:7d:0b:f4:31:7c:0f:01:a8:2d:80:
8e:b2:ef:67:10:60:f1:ab:27:42:12:a3:f3:d4:21:
25:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:E5:F9:39:D0:09:17:AC:F3:4E:27:2F:D4:32:1F:09:54:8F:C7:47
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QuX5OdAJF6zzTicv1DIfCVSPx0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b2:bf:8c:84:64:d8:bf:20:b4:29:75:34:ab:ff:2e:7b:a2:37:
98:f4:53:4d:2d:26:d3:a1:7c:ac:47:09:fb:a0:ff:4a:e0:42:
73:c7:4c:d7:46:47:cc:25:3c:5a:3b:4d:65:7e:77:94:77:85:
cf:3c:4e:4e:97:a6:3e:36:eb:61:86:f1:b8:c3:e4:d0:8d:89:
28:45:eb:74:ee:21:3d:12:a1:f0:e6:23:fc:52:c2:2f:0d:85:
32:d2:27:09:02:c3:f1:ab:c0:12:c6:6b:ee:9f:ba:df:4c:a2:
58:b6:28:1d:d3:90:d5:31:04:22:9e:76:9d:92:1d:c9:f1:c6:
47:68:2a:4b:b7:f3:5d:0e:53:9c:27:06:0a:b8:73:33:0d:bb:
01:38:4a:46:98:c7:d3:f9:e3:b4:d4:8e:f6:b7:60:0f:fe:89:
73:52:79:cc:24:d1:23:95:61:7e:8b:0a:23:8c:77:d3:4c:53:
49:70:3c:9a:37:d8:38:2f:8d:08:a8:83:e4:fc:89:0e:74:c6:
a1:16:a3:9e:26:e9:07:7d:17:c8:a1:e7:bc:fe:3e:7c:d2:77:
37:36:9a:62:21:77:8e:2b:40:b9:05:9d:12:e0:8f:c8:91:95:
6f:9d:b1:f2:bd:84:8a:e1:e3:69:9b:99:ad:9c:85:80:10:75:
cb:a3:d9:5b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYooWa1rDGUq3xIFNTZi+GCeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI0MTYyMTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmU1ZjkzOWQwMDkxN2FjZjM0ZTI3MmZkNDMyMWYwOTU0OGZjNzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjghvHkvMgpeGjLSj3sb34svENyUP
ejfnL7flPMLzom75M1Ldyjy+aYfuvT/xFMzTvjab5oOT4lP0pTIrF7yGTlJ+Yt3t
+lNuZI445Z2CFjAhKo7PV2UmCIe4+BH5FCNJuOv43mtviZ03tqq2ZxemYIwFPsiR
81MSO/6xYXKxmw++Dy8VWa/hSmgcVaLGMa1frVXbBc1Wg3xN1Q7u7e/SBpk/BliJ
JZWLBwEby1hJrnw9Bc3ybLFwyWWuQtEBLlRUBG9p+ZzIwhhnEZ3+LPGv7ML03VLe
PYdtBeZn5xnZ0dzKiHsQ3n0L9DF8DwGoLYCOsu9nEGDxqydCEqPz1CElhwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFELl+TnQCRes804nL9QyHwlUj8dHMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUXVYNU9kQUpGNnp6VGljdjFESWZDVlNQeDBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALK/jIRk2L8gtCl1NKv/
LnuiN5j0U00tJtOhfKxHCfug/0rgQnPHTNdGR8wlPFo7TWV+d5R3hc88Tk6Xpj42
62GG8bjD5NCNiShF63TuIT0SofDmI/xSwi8NhTLSJwkCw/GrwBLGa+6fut9Moli2
KB3TkNUxBCKedp2SHcnxxkdoKku3810OU5wnBgq4czMNuwE4SkaYx9P547TUjva3
YA/+iXNSecwk0SOVYX6LCiOMd9NMU0lwPJo32DgvjQiog+T8iQ50xqEWo54m6Qd9
F8ih57z+PnzSdzc2mmIhd44rQLkFnRLgj8iRlW+dsfK9hIrh42mbma2chYAQdcuj
2Vs=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:14:32 2025 by rpki-client