Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SQkkPHGlx2JntCToonB-1B3-Zt0.roa
File: SQkkPHGlx2JntCToonB-1B3-Zt0.roa (raw, json)
Hash identifier: SVlYQ3fllvZ9td/MQ1oMUbzn3ccDvFkrPL0e8JgTsSo=
Subject key identifier: 49:09:24:3C:71:A5:C7:62:67:B4:24:E8:A2:70:7E:D4:1D:FE:66:DD
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018561DC8BC8048086D96625B0836F3CC067
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SQkkPHGlx2JntCToonB-1B3-Zt0.roa
Signing time: Fri 30 Dec 2022 07:08:41 +0000
ROA not before: Fri 30 Dec 2022 07:08:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:61:dc:8b:c8:04:80:86:d9:66:25:b0:83:6f:3c:c0:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 30 07:08:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4909243c71a5c76267b424e8a2707ed41dfe66dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:fd:37:d3:c9:f9:69:da:f6:27:20:d1:83:f5:
be:ac:2e:40:53:be:ee:12:47:85:5a:fe:65:55:68:
60:24:c8:94:a4:fc:5c:e8:d7:ce:9a:ee:3b:28:32:
35:78:1d:c3:87:f5:bd:ad:14:59:e0:e1:2f:0a:92:
4a:c1:83:d2:ef:96:2e:37:37:8d:3c:90:6b:79:a3:
85:58:19:d8:e2:14:1c:13:56:07:45:c0:d1:c9:bb:
f7:54:36:8d:ea:f7:f9:07:c2:6b:8f:d4:fb:40:b0:
bc:e6:b3:bb:21:c9:2a:70:90:52:93:77:3c:91:42:
a4:a1:08:66:d8:35:4d:ec:a1:66:8c:cb:82:76:d0:
5d:bb:72:8d:ce:2d:30:4f:5b:e4:36:98:30:b8:cf:
80:8c:f8:bf:26:7b:72:83:62:76:2d:4a:a9:16:b3:
14:97:66:b4:de:0a:ce:fa:ad:0b:0a:2c:2c:2a:40:
ef:84:3f:93:69:8f:dd:e1:6c:83:99:d1:25:4b:0c:
6a:e9:07:e4:f2:c3:32:b9:19:62:09:43:83:69:e0:
fd:2a:57:d0:4d:28:be:4e:a4:c6:fd:49:ce:37:9e:
b2:03:0d:19:ca:b4:5a:19:5d:fc:79:cf:e8:aa:11:
ae:25:1e:42:99:55:1d:c3:8a:5f:2f:5b:87:bc:80:
04:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:09:24:3C:71:A5:C7:62:67:B4:24:E8:A2:70:7E:D4:1D:FE:66:DD
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SQkkPHGlx2JntCToonB-1B3-Zt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
03:90:ee:2c:37:d1:16:0d:03:a4:89:54:a9:6e:55:77:70:7a:
ca:1f:6f:f5:e7:1f:68:5e:27:eb:f6:d3:46:81:44:ff:2e:64:
2d:0e:83:dc:ed:08:db:73:d1:09:5c:8b:ab:07:e5:1d:46:08:
5d:b9:f6:0a:be:cd:82:2d:2f:ed:8a:96:e8:24:da:af:3d:d8:
e7:8d:96:73:a2:b9:55:f4:6a:97:b9:a2:ba:25:ee:1d:2b:76:
40:d3:80:54:55:2b:5a:7c:54:96:a3:aa:22:60:c9:d6:13:02:
85:b9:a6:21:74:32:c7:19:55:a2:83:80:0a:e6:05:bd:29:f1:
e9:c8:9e:0a:b9:91:35:ab:e5:53:ef:21:d7:01:42:0c:34:bd:
1e:20:54:a3:36:67:a3:9e:7b:4c:4e:6c:03:d3:7b:44:34:54:
f5:bd:12:e1:0e:7e:72:d5:8f:6d:31:b4:1e:4d:b0:2a:22:06:
89:08:0b:33:0f:76:cc:2a:26:75:04:2c:3e:42:b1:3a:0a:11:
38:bd:af:0e:91:98:c7:36:5f:e8:1a:46:1e:43:2f:f0:58:ad:
78:a0:c3:7b:16:33:14:e7:1f:dc:5b:fa:f0:07:60:7a:ba:9a:
ba:f5:db:c0:3b:1a:91:c4:b1:ba:7f:61:c3:83:f3:2c:b2:7f:
ab:fa:df:9f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVh3IvIBICG2WYlsINvPMBnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjMwMDcwODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTA5MjQzYzcxYTVjNzYyNjdiNDI0ZThhMjcwN2VkNDFkZmU2NmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjf0308n5adr2JyDRg/W+rC5AU77u
EkeFWv5lVWhgJMiUpPxc6NfOmu47KDI1eB3Dh/W9rRRZ4OEvCpJKwYPS75YuNzeN
PJBreaOFWBnY4hQcE1YHRcDRybv3VDaN6vf5B8Jrj9T7QLC85rO7IckqcJBSk3c8
kUKkoQhm2DVN7KFmjMuCdtBdu3KNzi0wT1vkNpgwuM+AjPi/Jntyg2J2LUqpFrMU
l2a03grO+q0LCiwsKkDvhD+TaY/d4WyDmdElSwxq6Qfk8sMyuRliCUODaeD9KlfQ
TSi+TqTG/UnON56yAw0ZyrRaGV38ec/oqhGuJR5CmVUdw4pfL1uHvIAEuQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEkJJDxxpcdiZ7Qk6KJwftQd/mbdMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvU1Fra1BIR2x4MkpudENUb29uQi0xQjMtWnQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAOQ7iw30RYNA6SJVKlu
VXdwesofb/XnH2heJ+v200aBRP8uZC0Og9ztCNtz0Qlci6sH5R1GCF259gq+zYIt
L+2Klugk2q892OeNlnOiuVX0ape5orol7h0rdkDTgFRVK1p8VJajqiJgydYTAoW5
piF0MscZVaKDgArmBb0p8enIngq5kTWr5VPvIdcBQgw0vR4gVKM2Z6Oee0xObAPT
e0Q0VPW9EuEOfnLVj20xtB5NsCoiBokICzMPdswqJnUELD5CsToKETi9rw6RmMc2
X+gaRh5DL/BYrXigw3sWMxTnH9xb+vAHYHq6mrr128A7GpHEsbp/YcOD8yyyf6v6
358=
-----END CERTIFICATE-----
Generated at Thu May 1 10:03:53 2025 by rpki-client