Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Qvz-_vlfvjJF3VPsRhue_nntWY4.roa
File: Qvz-_vlfvjJF3VPsRhue_nntWY4.roa (raw, json)
Hash identifier: kfKAQdtPVRWi8XRzx2WbA5gZd+F9qI3RSovX9uMIDek=
Subject key identifier: 42:FC:FE:FE:F9:5F:BE:32:45:DD:53:EC:46:1B:9E:FE:79:ED:59:8E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189A59CD7C6CDF106701A83CC0E6AD98908
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Qvz-_vlfvjJF3VPsRhue_nntWY4.roa
Signing time: Sun 30 Jul 2023 07:04:26 +0000
ROA not before: Sun 30 Jul 2023 07:04:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:189:a59c:bf57/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a5:9c:d7:c6:cd:f1:06:70:1a:83:cc:0e:6a:d9:89:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 30 07:04:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42fcfefef95fbe3245dd53ec461b9efe79ed598e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:41:5b:82:77:14:97:53:fa:db:73:2d:66:01:
32:92:e3:4f:cd:6a:7c:a6:08:b3:e1:4f:81:4e:2a:
29:8e:ef:7e:f8:1f:ad:b4:bf:5b:e4:58:f0:50:2f:
03:8c:60:4a:6f:05:ca:25:ea:0b:40:a2:46:a9:b2:
e4:93:45:d9:b3:93:fc:32:92:89:25:89:e3:52:0b:
b4:53:15:34:8e:92:ea:ac:49:b4:42:2f:c0:bd:6e:
b2:89:22:c2:27:99:89:37:f4:b3:97:b6:be:cd:0a:
86:6b:ef:6c:9c:66:57:4a:ad:1d:95:9c:a5:4f:5b:
d0:6e:66:a0:2d:f9:3f:c1:7e:3e:40:1f:ed:4f:29:
4c:fb:5f:6f:6c:1b:d5:d9:52:4a:2f:1b:66:3a:f4:
59:00:8f:5a:34:ae:72:02:dc:eb:2b:be:e6:35:42:
3a:ef:f0:c7:88:6e:18:f9:ec:50:70:e3:87:a9:32:
49:49:28:4e:de:d6:7b:34:4e:b4:fe:bb:62:f3:17:
ac:99:09:d1:c7:14:28:1c:45:d8:33:9f:ce:91:3e:
75:28:0c:9e:4e:96:f9:93:76:d7:7f:35:57:4c:95:
50:45:75:01:dd:5b:16:b4:4a:2d:99:bf:fc:24:f7:
a8:08:7d:d0:b3:ce:37:4b:2a:df:2e:85:3f:43:78:
17:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:FC:FE:FE:F9:5F:BE:32:45:DD:53:EC:46:1B:9E:FE:79:ED:59:8E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Qvz-_vlfvjJF3VPsRhue_nntWY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:b5:f0:e0:ad:51:de:7c:b1:44:75:6a:c4:e1:17:de:94:42:
55:c6:8d:57:59:76:0d:62:be:0a:c1:85:65:66:b7:31:14:9d:
0d:3f:3f:ca:07:0f:c1:18:15:c8:7a:6b:8a:95:f0:ae:d8:94:
15:43:aa:38:74:2d:6f:94:04:c4:59:5f:f1:33:93:a5:12:b7:
56:9d:5f:74:06:f0:d8:4c:2c:94:82:ed:2b:38:d8:77:8e:12:
f2:7d:27:49:ce:12:e0:67:8c:ab:47:a1:a0:1b:d3:70:d3:5f:
0c:22:be:0d:89:25:a5:8d:69:7f:db:3d:92:32:f8:7c:a0:a8:
51:38:af:3f:46:13:c9:8b:97:23:c3:3d:d4:0b:b7:74:58:0f:
bd:09:04:ca:16:fb:30:23:ed:ab:ce:6e:2b:f5:be:8b:16:a3:
83:a6:3d:e4:73:6a:db:48:8b:ba:1c:bd:77:e0:ba:f4:bf:64:
08:eb:5c:df:cf:f7:bd:37:ec:34:17:55:d8:91:f9:8f:7b:6a:
0f:a5:4d:7a:1f:c0:5f:a9:ed:18:43:e2:5a:1c:a7:c6:15:32:
ab:7e:2d:b8:fd:d0:57:5b:6e:6f:fe:e9:45:82:48:fe:c0:c2:
ca:e0:f1:fb:a1:fe:bc:a9:44:5e:fe:f5:53:71:b1:d6:db:25:
66:9e:7d:5e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmlnNfGzfEGcBqDzA5q2YkIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzMwMDcwNDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmZjZmVmZWY5NWZiZTMyNDVkZDUzZWM0NjFiOWVmZTc5ZWQ1OThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEFbgncUl1P623MtZgEykuNPzWp8
pgiz4U+BTiopju9++B+ttL9b5FjwUC8DjGBKbwXKJeoLQKJGqbLkk0XZs5P8MpKJ
JYnjUgu0UxU0jpLqrEm0Qi/AvW6yiSLCJ5mJN/Szl7a+zQqGa+9snGZXSq0dlZyl
T1vQbmagLfk/wX4+QB/tTylM+19vbBvV2VJKLxtmOvRZAI9aNK5yAtzrK77mNUI6
7/DHiG4Y+exQcOOHqTJJSShO3tZ7NE60/rti8xesmQnRxxQoHEXYM5/OkT51KAye
Tpb5k3bXfzVXTJVQRXUB3VsWtEotmb/8JPeoCH3Qs843SyrfLoU/Q3gXTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEL8/v75X74yRd1T7EYbnv557VmOMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUXZ6LV92bGZ2akpGM1ZQc1JodWVfbm50V1k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHa18OCtUd58sUR1asTh
F96UQlXGjVdZdg1ivgrBhWVmtzEUnQ0/P8oHD8EYFch6a4qV8K7YlBVDqjh0LW+U
BMRZX/Ezk6USt1adX3QG8NhMLJSC7Ss42HeOEvJ9J0nOEuBnjKtHoaAb03DTXwwi
vg2JJaWNaX/bPZIy+HygqFE4rz9GE8mLlyPDPdQLt3RYD70JBMoW+zAj7avObiv1
vosWo4OmPeRzattIi7ocvXfguvS/ZAjrXN/P97037DQXVdiR+Y97ag+lTXofwF+p
7RhD4locp8YVMqt+Lbj90Fdbbm/+6UWCSP7Awsrg8fuh/rypRF7+9VNxsdbbJWae
fV4=
-----END CERTIFICATE-----
Generated at Fri May 2 14:56:53 2025 by rpki-client