Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qAfnxEh37pwdjhIWLPJWk0vAmIc.roa
File: qAfnxEh37pwdjhIWLPJWk0vAmIc.roa (raw, json)
Hash identifier: mIpqNIHIV4VZ/m48Lg6k2zdW9uB8a69r5e8UIzWKKks=
Subject key identifier: A8:07:E7:C4:48:77:EE:9C:1D:8E:12:16:2C:F2:56:93:4B:C0:98:87
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185AB7A78337032161F1F5F75ACD40DD4C0
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qAfnxEh37pwdjhIWLPJWk0vAmIc.roa
Signing time: Fri 13 Jan 2023 14:13:28 +0000
ROA not before: Fri 13 Jan 2023 14:13:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ab:7a:78:33:70:32:16:1f:1f:5f:75:ac:d4:0d:d4:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 13 14:13:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a807e7c44877ee9c1d8e12162cf256934bc09887
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:19:e5:72:9b:02:0f:f6:b9:99:7e:fa:aa:fb:
08:58:1f:82:aa:22:24:30:61:26:65:56:d7:00:af:
d7:2a:9b:71:62:9d:b5:33:aa:ba:22:16:4a:2f:34:
09:48:85:88:5e:4f:f1:ab:df:f5:c2:e6:58:7f:18:
f3:a9:37:4f:55:a6:dd:cb:54:39:74:dd:9d:f1:ac:
0c:29:4c:4a:50:5e:a9:d7:85:f7:c5:7c:69:80:54:
c2:0c:84:be:79:75:a9:c1:66:c9:db:70:27:90:0e:
a0:81:9a:dc:4b:7f:13:c8:ab:60:26:bb:87:83:05:
81:70:17:18:82:83:40:db:75:90:03:61:dd:23:83:
4a:eb:a0:72:0d:ee:c0:79:58:66:cb:6b:8f:1e:cd:
a9:29:cd:5b:88:bb:1c:7e:58:fd:0b:0d:58:7a:03:
bc:bf:5b:83:46:84:fb:44:9c:bf:79:67:05:d1:41:
f9:fa:d2:93:a2:2f:41:e6:33:52:b8:c9:af:43:27:
b8:56:c9:d0:a2:d4:88:9c:8b:9e:4d:3d:ee:e1:7b:
98:4e:83:af:72:00:57:70:8f:75:b0:6a:ae:9f:6b:
69:d2:4a:3f:97:0d:a3:da:60:29:08:fd:f6:e9:8b:
63:ba:ab:02:30:ce:07:13:d0:46:f2:54:66:bf:9b:
56:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:07:E7:C4:48:77:EE:9C:1D:8E:12:16:2C:F2:56:93:4B:C0:98:87
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qAfnxEh37pwdjhIWLPJWk0vAmIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7f:ee:86:ed:3f:b9:82:7d:fd:d8:af:e1:f9:15:5b:a1:1c:5c:
63:2b:07:d8:c3:d2:97:d7:a1:79:54:92:81:74:0a:3b:67:9e:
e1:54:78:90:ef:28:4e:e6:85:46:df:58:86:15:7a:b3:13:e8:
dd:a2:84:82:1d:a2:9a:9a:30:e9:d2:55:ac:2d:49:c7:70:9a:
b7:07:77:6d:26:50:20:51:b8:ae:7a:eb:37:28:d9:f4:00:91:
a4:8a:e0:73:aa:05:a6:0b:2c:22:bf:5d:65:a5:b9:a1:1d:f3:
f8:d0:91:67:8c:6d:a7:f1:77:c5:eb:a6:21:21:83:bb:fa:ca:
bc:58:7a:bb:f0:66:f6:0b:8c:c1:cc:9f:53:1a:de:a7:5b:d5:
5b:2f:6c:1b:55:f0:e7:41:fb:91:a2:5b:aa:7f:c8:ca:61:b7:
40:cc:79:b2:10:43:18:03:90:86:1b:c1:88:fd:e0:bd:b8:39:
48:95:0f:3d:65:94:69:a2:63:9c:25:d2:da:d5:97:97:30:22:
d0:e4:a1:3e:29:65:ea:01:5c:2c:6f:84:a8:e5:80:8e:fb:d1:
df:d8:b9:d5:fe:c1:77:eb:b9:64:9b:e2:36:7f:90:bd:ab:99:
72:94:c4:f0:9d:a3:d1:26:aa:a3:f7:f5:f5:d7:72:8b:e0:b7:
bf:f4:9b:07
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWrengzcDIWHx9fdazUDdTAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTEzMTQxMzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODA3ZTdjNDQ4NzdlZTljMWQ4ZTEyMTYyY2YyNTY5MzRiYzA5ODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRnlcpsCD/a5mX76qvsIWB+CqiIk
MGEmZVbXAK/XKptxYp21M6q6IhZKLzQJSIWIXk/xq9/1wuZYfxjzqTdPVabdy1Q5
dN2d8awMKUxKUF6p14X3xXxpgFTCDIS+eXWpwWbJ23AnkA6ggZrcS38TyKtgJruH
gwWBcBcYgoNA23WQA2HdI4NK66ByDe7AeVhmy2uPHs2pKc1biLscflj9Cw1YegO8
v1uDRoT7RJy/eWcF0UH5+tKToi9B5jNSuMmvQye4VsnQotSInIueTT3u4XuYToOv
cgBXcI91sGqun2tp0ko/lw2j2mApCP326YtjuqsCMM4HE9BG8lRmv5tW3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKgH58RId+6cHY4SFizyVpNLwJiHMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcUFmbnhFaDM3cHdkamhJV0xQSldrMHZBbUljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH/uhu0/uYJ9/div4fkV
W6EcXGMrB9jD0pfXoXlUkoF0CjtnnuFUeJDvKE7mhUbfWIYVerMT6N2ihIIdopqa
MOnSVawtScdwmrcHd20mUCBRuK566zco2fQAkaSK4HOqBaYLLCK/XWWluaEd8/jQ
kWeMbafxd8XrpiEhg7v6yrxYervwZvYLjMHMn1Ma3qdb1VsvbBtV8OdB+5GiW6p/
yMpht0DMebIQQxgDkIYbwYj94L24OUiVDz1llGmiY5wl0trVl5cwItDkoT4pZeoB
XCxvhKjlgI770d/YudX+wXfruWSb4jZ/kL2rmXKUxPCdo9EmqqP39fXXcovgt7/0
mwc=
-----END CERTIFICATE-----
Generated at Thu May 1 06:47:01 2025 by rpki-client