Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fiQMKXjqr_hPcfEURUvTwmq2j6U.roa
File: fiQMKXjqr_hPcfEURUvTwmq2j6U.roa (raw, json)
Hash identifier: 2n3SDwygm3gqLLQGT07gn9z7Vb9OuM4zSlCzPZoYl1Y=
Subject key identifier: 7E:24:0C:29:78:EA:AF:F8:4F:71:F1:14:45:4B:D3:C2:6A:B6:8F:A5
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185421C7E80821B58FBBD0B74C94974F26C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fiQMKXjqr_hPcfEURUvTwmq2j6U.roa
Signing time: Sat 24 Dec 2022 03:10:41 +0000
ROA not before: Sat 24 Dec 2022 03:10:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:42:1c:7e:80:82:1b:58:fb:bd:0b:74:c9:49:74:f2:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 24 03:10:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e240c2978eaaff84f71f114454bd3c26ab68fa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8b:d9:4c:37:ea:cd:59:9c:e3:d9:c6:34:2f:
40:0e:6a:9d:29:9d:2f:98:95:b9:07:da:5f:2c:b1:
89:03:79:5e:03:84:6e:30:b4:a7:23:f0:4d:34:28:
f6:96:97:cb:53:7b:ec:a1:7e:c9:81:42:67:f4:80:
12:8d:14:da:65:44:d6:0c:95:64:7d:02:e5:17:36:
4f:66:eb:df:d4:98:4c:fc:db:9a:8e:9b:08:5d:eb:
83:9d:a2:8d:07:15:c7:b2:b3:0d:12:ff:c4:5d:4a:
a2:8f:ae:05:05:ed:2c:a2:19:c9:db:4e:7a:ca:22:
ec:00:aa:01:17:82:eb:c4:84:10:c2:72:4c:18:a1:
15:e9:11:72:fb:47:66:73:4a:2d:6e:2b:aa:92:5d:
dd:4c:e3:cb:ce:21:99:59:2b:7a:c7:50:51:3c:87:
c5:2a:fa:40:6b:db:10:af:9d:16:f3:60:00:3d:9a:
1e:85:47:1b:cd:62:3b:f3:10:fb:5d:5e:59:60:5c:
4d:0d:a4:d5:55:6e:00:59:92:a5:f9:89:5b:36:bc:
e4:5f:ee:7a:54:8a:ec:77:78:97:4a:e7:e0:ec:83:
b3:45:0f:8b:21:8e:45:12:73:b1:ae:de:e1:5d:c4:
16:a5:99:01:d8:c4:09:e9:2d:ad:b9:fe:9f:1f:eb:
ff:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:24:0C:29:78:EA:AF:F8:4F:71:F1:14:45:4B:D3:C2:6A:B6:8F:A5
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fiQMKXjqr_hPcfEURUvTwmq2j6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b2:21:f4:37:35:68:7f:e1:01:db:2d:cd:d2:c7:f6:63:c7:15:
65:f5:9b:65:1f:7a:eb:8b:81:bc:cf:cf:02:4d:d7:78:39:8c:
52:c0:35:25:dc:95:84:b1:b8:7f:69:37:89:21:36:b4:44:c9:
da:d7:9a:dd:a2:3f:d8:3a:08:7b:0c:1e:bc:2c:4a:c1:1e:5e:
e2:9e:be:da:59:74:61:a6:de:c4:18:cc:5b:35:d0:2c:c3:e4:
21:e4:47:9a:32:d7:63:df:8d:fa:23:c3:d8:2c:fc:02:c1:a9:
44:b5:ab:5a:d4:90:bf:21:32:4b:1e:25:6a:ac:9c:41:af:5a:
c8:7e:e8:29:7c:15:0a:2b:b0:66:33:ad:5f:35:12:1e:b6:fb:
f3:af:fc:93:35:9a:18:81:fd:1c:57:9f:74:f5:ba:06:7f:a4:
69:30:bd:b3:80:88:97:37:1b:6c:6c:1a:f8:20:85:e4:76:24:
fc:95:25:36:02:27:d3:1d:92:c1:08:91:30:60:18:6c:ea:20:
4c:7a:ef:d8:e7:a3:a4:08:b9:40:ff:c7:e4:7d:df:b9:fb:2d:
8e:ab:04:28:8b:bc:c0:fc:be:74:16:02:2e:39:9e:89:de:6a:
65:48:4b:e2:7e:b3:9f:ab:1e:11:71:99:bb:f2:03:35:ad:84:
48:23:32:67
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVCHH6AghtY+70LdMlJdPJsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI0MDMxMDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTI0MGMyOTc4ZWFhZmY4NGY3MWYxMTQ0NTRiZDNjMjZhYjY4ZmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYvZTDfqzVmc49nGNC9ADmqdKZ0v
mJW5B9pfLLGJA3leA4RuMLSnI/BNNCj2lpfLU3vsoX7JgUJn9IASjRTaZUTWDJVk
fQLlFzZPZuvf1JhM/NuajpsIXeuDnaKNBxXHsrMNEv/EXUqij64FBe0sohnJ2056
yiLsAKoBF4LrxIQQwnJMGKEV6RFy+0dmc0otbiuqkl3dTOPLziGZWSt6x1BRPIfF
KvpAa9sQr50W82AAPZoehUcbzWI78xD7XV5ZYFxNDaTVVW4AWZKl+YlbNrzkX+56
VIrsd3iXSufg7IOzRQ+LIY5FEnOxrt7hXcQWpZkB2MQJ6S2tuf6fH+v/fQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH4kDCl46q/4T3HxFEVL08Jqto+lMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZmlRTUtYanFyX2hQY2ZFVVJVdlR3bXEyajZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALIh9Dc1aH/hAdstzdLH
9mPHFWX1m2UfeuuLgbzPzwJN13g5jFLANSXclYSxuH9pN4khNrREydrXmt2iP9g6
CHsMHrwsSsEeXuKevtpZdGGm3sQYzFs10CzD5CHkR5oy12Pfjfojw9gs/ALBqUS1
q1rUkL8hMkseJWqsnEGvWsh+6Cl8FQorsGYzrV81Eh62+/Ov/JM1mhiB/RxXn3T1
ugZ/pGkwvbOAiJc3G2xsGvggheR2JPyVJTYCJ9MdksEIkTBgGGzqIEx679jno6QI
uUD/x+R937n7LY6rBCiLvMD8vnQWAi45noneamVIS+J+s5+rHhFxmbvyAzWthEgj
Mmc=
-----END CERTIFICATE-----
Generated at Fri May 2 04:30:12 2025 by rpki-client