Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aqBbQVzwn3FuKC3JDqpCVbbtVxY.roa
File: aqBbQVzwn3FuKC3JDqpCVbbtVxY.roa (raw, json)
Hash identifier: dsikwH1X78JKJIpA3gvd1DL+XPolMYviYxUiw4KcXoQ=
Subject key identifier: 6A:A0:5B:41:5C:F0:9F:71:6E:28:2D:C9:0E:AA:42:55:B6:ED:57:16
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186676EC2E87DA356E7E7403C6E021C1A6E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aqBbQVzwn3FuKC3JDqpCVbbtVxY.roa
Signing time: Sun 19 Feb 2023 02:09:17 +0000
ROA not before: Sun 19 Feb 2023 02:09:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:67:6e:c2:e8:7d:a3:56:e7:e7:40:3c:6e:02:1c:1a:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 19 02:09:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6aa05b415cf09f716e282dc90eaa4255b6ed5716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:92:09:6f:67:34:1a:48:a7:5a:a3:5f:7a:ef:
f4:11:fe:c0:9f:e5:22:e6:a8:57:81:4c:16:70:e2:
fd:78:98:6b:1b:7f:17:b4:14:e8:17:55:fe:03:fd:
91:cf:95:20:b0:5c:8f:b4:72:77:c6:bc:98:24:de:
b0:83:80:99:71:49:b8:a7:d9:8d:db:54:ff:f3:44:
a0:fb:60:cb:4c:d9:e9:e5:b6:36:c2:22:41:bc:92:
36:f3:a3:34:af:f5:93:f3:5d:c4:75:05:60:08:f9:
c2:ab:5a:e4:f1:e2:81:2d:00:fc:12:ca:cd:51:e0:
09:a2:e7:7b:d0:9c:19:28:0e:89:00:7c:20:44:16:
59:5c:28:59:4a:a2:bc:c5:82:f9:3c:d7:d3:fc:39:
ce:52:e0:75:1d:04:d3:87:bb:97:d6:49:01:f8:5e:
55:a7:51:03:60:7b:91:15:e7:05:d4:c8:dc:46:5b:
4b:61:e6:7b:46:56:36:01:11:2d:78:a6:f1:2d:41:
f1:cc:a0:d9:93:1b:2b:0c:8b:5b:30:52:1f:64:2d:
d4:e8:a0:81:c2:aa:5a:0d:12:f6:92:1b:da:35:5d:
66:a9:61:af:b0:5a:2d:45:aa:b0:22:aa:c5:8e:7a:
0a:ee:bd:76:81:36:c0:71:92:e0:53:16:d3:5e:e1:
cd:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:A0:5B:41:5C:F0:9F:71:6E:28:2D:C9:0E:AA:42:55:B6:ED:57:16
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/aqBbQVzwn3FuKC3JDqpCVbbtVxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
54:d6:09:c8:d4:d9:88:41:e5:33:6c:10:94:9f:2d:2e:f8:fb:
a8:6f:bc:b6:59:9f:e4:d9:d9:dc:26:99:02:97:c7:4e:9a:0d:
dd:96:d8:ea:0a:7d:d7:b5:e0:ad:d0:16:17:e9:cb:2c:0d:47:
05:07:4d:6f:7b:71:53:a4:f9:ff:96:46:3e:02:e3:6a:c4:ba:
3a:b0:dd:25:70:ba:57:73:e3:bd:85:e2:36:3b:61:9b:66:95:
d7:a8:0a:f4:4d:d5:a5:7d:30:f3:ed:d1:16:48:a3:6e:71:b7:
ab:9e:c4:82:40:b5:b2:52:18:cb:45:c8:a7:99:74:c9:6d:a4:
4a:62:d3:1e:ca:06:cc:b1:90:b0:e5:7c:6a:f3:ed:68:92:01:
73:6f:81:87:af:49:e1:3e:32:11:05:b2:5c:cd:ee:03:95:28:
a1:30:ee:34:55:21:35:5a:90:8b:2f:0e:db:79:95:b5:ab:ab:
42:13:e1:0e:f0:06:6e:bb:3a:c4:fc:dc:40:36:b8:c5:53:99:
13:50:23:1d:7b:5f:a5:f6:cb:b0:21:12:a3:ca:75:5e:53:42:
42:bc:15:f4:29:06:e4:99:92:06:60:b2:17:8a:81:56:34:e7:
c9:ea:a2:c8:3c:da:da:3a:14:41:fd:2b:9d:0b:0b:5a:15:65:
63:cc:6b:6d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZnbsLofaNW5+dAPG4CHBpuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE5MDIwOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWEwNWI0MTVjZjA5ZjcxNmUyODJkYzkwZWFhNDI1NWI2ZWQ1NzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5IJb2c0GkinWqNfeu/0Ef7An+Ui
5qhXgUwWcOL9eJhrG38XtBToF1X+A/2Rz5UgsFyPtHJ3xryYJN6wg4CZcUm4p9mN
21T/80Sg+2DLTNnp5bY2wiJBvJI286M0r/WT813EdQVgCPnCq1rk8eKBLQD8EsrN
UeAJoud70JwZKA6JAHwgRBZZXChZSqK8xYL5PNfT/DnOUuB1HQTTh7uX1kkB+F5V
p1EDYHuRFecF1MjcRltLYeZ7RlY2AREteKbxLUHxzKDZkxsrDItbMFIfZC3U6KCB
wqpaDRL2khvaNV1mqWGvsFotRaqwIqrFjnoK7r12gTbAcZLgUxbTXuHNwwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGqgW0Fc8J9xbigtyQ6qQlW27VcWMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYXFCYlFWenduM0Z1S0MzSkRxcENWYmJ0VnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFTWCcjU2YhB5TNsEJSf
LS74+6hvvLZZn+TZ2dwmmQKXx06aDd2W2OoKfde14K3QFhfpyywNRwUHTW97cVOk
+f+WRj4C42rEujqw3SVwuldz472F4jY7YZtmldeoCvRN1aV9MPPt0RZIo25xt6ue
xIJAtbJSGMtFyKeZdMltpEpi0x7KBsyxkLDlfGrz7WiSAXNvgYevSeE+MhEFslzN
7gOVKKEw7jRVITVakIsvDtt5lbWrq0IT4Q7wBm67OsT83EA2uMVTmRNQIx17X6X2
y7AhEqPKdV5TQkK8FfQpBuSZkgZgsheKgVY058nqosg82to6FEH9K50LC1oVZWPM
a20=
-----END CERTIFICATE-----
Generated at Fri May 2 09:20:19 2025 by rpki-client