Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/WqTydvtmUGGK58ALVQiYvzgcKWo.roa
File: WqTydvtmUGGK58ALVQiYvzgcKWo.roa (raw, json)
Hash identifier: A2JdIuw17n2QLDcXAcoqGxT73me8JcqGggK+b7w/QU4=
Subject key identifier: 5A:A4:F2:76:FB:66:50:61:8A:E7:C0:0B:55:08:98:BF:38:1C:29:6A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01842001FA0E4BA798B372A18FBA9DB83889
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/WqTydvtmUGGK58ALVQiYvzgcKWo.roa
Signing time: Fri 28 Oct 2022 19:11:51 +0000
ROA not before: Fri 28 Oct 2022 19:11:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:20:01:fa:0e:4b:a7:98:b3:72:a1:8f:ba:9d:b8:38:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Oct 28 19:11:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5aa4f276fb6650618ae7c00b550898bf381c296a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f6:35:a7:f2:3b:40:1c:74:02:d8:e6:8e:7b:
69:56:a8:da:dc:8b:9d:8b:7b:27:e7:aa:95:d0:fe:
ea:95:8c:f6:b9:7d:a9:b3:23:d7:02:b2:65:48:7e:
da:0f:11:30:ec:c5:c3:f3:90:ec:fb:78:4e:41:be:
06:f4:d4:4b:ba:06:f7:74:6e:3e:86:a8:b0:e0:85:
30:26:a1:00:07:03:fd:d8:1a:17:49:80:b4:b1:ea:
eb:07:ec:3d:95:9b:06:10:ac:62:b6:dc:37:aa:99:
e3:0b:08:18:db:b6:08:10:be:81:62:bb:99:58:2c:
5e:71:2f:6d:17:30:df:4c:94:a4:8d:bb:43:33:4c:
22:5a:d2:1a:ef:bd:43:7a:e5:e7:a1:b8:99:90:42:
a9:04:f1:d9:d0:14:e6:f7:90:c3:8b:f4:16:70:99:
5c:f6:70:cc:02:33:be:47:7e:14:79:7f:d6:8d:75:
80:95:35:06:4a:6c:df:97:71:19:3d:58:19:b3:e1:
93:33:a2:08:fd:95:61:45:4d:31:21:a6:39:e2:c5:
ae:d7:2d:0b:93:1f:58:54:3d:74:ca:ef:48:de:d4:
83:6b:a9:dc:4e:e6:6a:9a:b6:6c:63:93:d7:e5:fe:
96:1f:16:27:86:a4:45:14:0d:d8:45:ce:05:f0:5f:
e7:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:A4:F2:76:FB:66:50:61:8A:E7:C0:0B:55:08:98:BF:38:1C:29:6A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/WqTydvtmUGGK58ALVQiYvzgcKWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7f:9f:b5:b0:fa:0d:55:9c:83:d0:ce:4b:3f:85:25:96:49:7d:
83:73:93:90:83:4a:f7:b1:51:7c:cb:71:9a:7c:d7:3f:bd:31:
59:c0:82:f2:31:22:1d:ce:25:8d:3a:1a:d7:f6:10:46:ed:fe:
ec:b3:f3:60:31:78:40:aa:09:08:8c:69:c2:6c:f7:4c:50:c8:
16:e4:c3:13:45:35:ff:f8:83:85:d9:ee:8b:69:ea:2f:6a:f4:
d6:c5:9c:95:3a:5d:c7:ba:e9:c3:9d:e9:21:09:a6:0e:44:d4:
34:51:29:f7:fc:da:84:27:a6:e4:09:35:09:a8:44:8c:4d:d6:
af:de:d3:74:60:d9:ef:9c:ec:4c:83:fc:58:b9:c0:f8:88:5d:
08:cf:fe:96:f8:b9:36:b5:dc:3b:bb:f9:81:ca:8b:8a:69:2f:
d0:1a:cd:23:6f:47:f5:7f:10:e7:a0:cd:b3:bf:25:8e:54:37:
da:39:cd:de:dd:5b:4d:52:26:4a:22:54:9c:3e:fa:4e:9d:eb:
84:99:87:69:e4:48:f2:10:50:d3:a8:07:03:13:90:57:3e:f0:
71:20:d2:1a:99:d1:c7:ee:59:8e:22:c2:7b:b0:66:25:34:b9:
96:05:6b:3a:b9:db:42:cd:63:77:84:9b:c5:3b:98:00:3e:11:
21:17:c7:9a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYQgAfoOS6eYs3Khj7qduDiJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMDI4MTkxMTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWE0ZjI3NmZiNjY1MDYxOGFlN2MwMGI1NTA4OThiZjM4MWMyOTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPY1p/I7QBx0AtjmjntpVqja3Iud
i3sn56qV0P7qlYz2uX2psyPXArJlSH7aDxEw7MXD85Ds+3hOQb4G9NRLugb3dG4+
hqiw4IUwJqEABwP92BoXSYC0serrB+w9lZsGEKxittw3qpnjCwgY27YIEL6BYruZ
WCxecS9tFzDfTJSkjbtDM0wiWtIa771DeuXnobiZkEKpBPHZ0BTm95DDi/QWcJlc
9nDMAjO+R34UeX/WjXWAlTUGSmzfl3EZPVgZs+GTM6II/ZVhRU0xIaY54sWu1y0L
kx9YVD10yu9I3tSDa6ncTuZqmrZsY5PX5f6WHxYnhqRFFA3YRc4F8F/ncwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFqk8nb7ZlBhiufAC1UImL84HClqMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvV3FUeWR2dG1VR0dLNThBTFZRaVl2emdjS1dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH+ftbD6DVWcg9DOSz+F
JZZJfYNzk5CDSvexUXzLcZp81z+9MVnAgvIxIh3OJY06Gtf2EEbt/uyz82AxeECq
CQiMacJs90xQyBbkwxNFNf/4g4XZ7otp6i9q9NbFnJU6Xce66cOd6SEJpg5E1DRR
Kff82oQnpuQJNQmoRIxN1q/e03Rg2e+c7EyD/Fi5wPiIXQjP/pb4uTa13Du7+YHK
i4ppL9AazSNvR/V/EOegzbO/JY5UN9o5zd7dW01SJkoiVJw++k6d64SZh2nkSPIQ
UNOoBwMTkFc+8HEg0hqZ0cfuWY4iwnuwZiU0uZYFazq520LNY3eEm8U7mAA+ESEX
x5o=
-----END CERTIFICATE-----
Generated at Fri May 2 17:34:12 2025 by rpki-client