Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qJ3iuTjTl0_GhPzMJdUUI1fk2u0.roa
File: qJ3iuTjTl0_GhPzMJdUUI1fk2u0.roa (raw, json)
Hash identifier: 6+atgeJsAIhQ+UAFak3ZOXhF1/PEE+3r/dHPkLTb/LM=
Subject key identifier: A8:9D:E2:B9:38:D3:97:4F:C6:84:FC:CC:25:D5:14:23:57:E4:DA:ED
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018517D15D9199A487ECD0A0D96D86A18353
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qJ3iuTjTl0_GhPzMJdUUI1fk2u0.roa
Signing time: Thu 15 Dec 2022 22:04:35 +0000
ROA not before: Thu 15 Dec 2022 22:04:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:185:17d1:1ca4/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:17:d1:5d:91:99:a4:87:ec:d0:a0:d9:6d:86:a1:83:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 15 22:04:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a89de2b938d3974fc684fccc25d5142357e4daed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:00:18:e0:db:44:b5:b6:98:c0:51:91:8a:2a:
59:ac:7b:d1:cd:3e:36:a4:d4:b9:db:65:ae:1d:66:
c5:0b:80:51:8f:51:a0:bb:85:9a:32:4e:ce:81:eb:
d0:a2:7d:94:e9:b4:61:ae:ed:93:76:9c:2f:58:7f:
3d:9c:45:c8:72:6a:1d:3a:2c:6e:40:80:bb:ce:01:
a4:10:b3:b4:36:f7:43:32:fb:f3:ef:f1:2a:26:4f:
58:fc:c9:83:0b:a7:6b:19:34:60:43:85:e8:68:53:
19:56:1e:ba:56:c8:c4:e2:cb:bf:5b:46:2d:7b:b9:
a4:f2:ca:b9:b7:be:9a:55:34:fb:50:8c:eb:06:ae:
37:ed:df:29:75:be:c4:55:13:7d:a4:1d:61:49:f9:
4e:a2:2a:bc:3c:ee:26:ae:88:54:ce:4b:2e:34:28:
c4:1e:86:da:95:26:22:f1:17:18:50:14:c6:1b:c7:
6e:74:cf:79:8c:36:f0:41:01:ea:88:11:8e:fa:ce:
f5:e1:a6:36:ea:c3:2c:0a:0a:d0:f1:f3:2b:54:b2:
02:fc:77:90:50:3c:2b:14:11:76:1a:92:69:b4:fc:
4b:ca:e4:6c:3f:c3:13:0e:f3:44:bc:92:a1:0d:d3:
4d:39:b3:b5:5d:56:68:7e:52:1a:a2:58:67:0d:b1:
9e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:9D:E2:B9:38:D3:97:4F:C6:84:FC:CC:25:D5:14:23:57:E4:DA:ED
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qJ3iuTjTl0_GhPzMJdUUI1fk2u0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
34:83:55:ca:51:c8:9c:f9:57:16:03:91:08:d0:93:51:c6:9e:
bc:03:c3:90:df:0e:85:f3:3b:8a:42:4e:3b:0b:59:82:89:c3:
26:58:9e:2a:9f:b0:95:77:22:43:c3:56:a7:6a:29:40:f6:b3:
3a:d1:52:80:9f:49:ac:66:5a:31:7c:87:04:2d:8e:e1:04:22:
93:98:02:d0:12:90:53:46:82:b7:20:27:90:89:82:5d:ea:be:
14:a2:4c:af:ae:e4:98:65:a1:71:f5:1f:67:e0:12:20:9f:32:
c8:86:51:08:85:e6:7b:16:40:06:f8:92:11:62:4c:4d:2d:68:
cc:54:e9:61:f8:d3:93:e4:a4:5a:21:fe:a2:96:0c:8e:d6:6f:
1b:8d:9a:9e:d2:3c:7c:f3:35:41:37:74:3c:bf:4c:c2:b7:25:
1c:62:13:a7:f3:0e:74:b3:85:a1:31:66:d4:07:2a:88:a0:61:
85:da:b4:c9:12:31:ec:db:ca:ed:0e:e5:81:6f:bd:67:c7:29:
97:0a:a7:78:3f:0a:c7:42:19:63:eb:13:b9:20:9a:3d:28:0b:
42:2d:2b:1b:53:60:51:94:3b:8c:66:ce:b9:d4:88:ed:b9:eb:
b9:40:52:cc:7e:84:23:23:99:23:6e:d9:b4:f8:a7:43:18:48:
06:ae:a6:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUX0V2RmaSH7NCg2W2GoYNTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE1MjIwNDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODlkZTJiOTM4ZDM5NzRmYzY4NGZjY2MyNWQ1MTQyMzU3ZTRkYWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggAY4NtEtbaYwFGRiipZrHvRzT42
pNS522WuHWbFC4BRj1Ggu4WaMk7OgevQon2U6bRhru2TdpwvWH89nEXIcmodOixu
QIC7zgGkELO0NvdDMvvz7/EqJk9Y/MmDC6drGTRgQ4XoaFMZVh66VsjE4su/W0Yt
e7mk8sq5t76aVTT7UIzrBq437d8pdb7EVRN9pB1hSflOoiq8PO4mrohUzksuNCjE
HobalSYi8RcYUBTGG8dudM95jDbwQQHqiBGO+s714aY26sMsCgrQ8fMrVLIC/HeQ
UDwrFBF2GpJptPxLyuRsP8MTDvNEvJKhDdNNObO1XVZoflIaolhnDbGeyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKid4rk405dPxoT8zCXVFCNX5NrtMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcUozaXVUalRsMF9HaFB6TUpkVVVJMWZrMnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADSDVcpRyJz5VxYDkQjQ
k1HGnrwDw5DfDoXzO4pCTjsLWYKJwyZYniqfsJV3IkPDVqdqKUD2szrRUoCfSaxm
WjF8hwQtjuEEIpOYAtASkFNGgrcgJ5CJgl3qvhSiTK+u5JhloXH1H2fgEiCfMsiG
UQiF5nsWQAb4khFiTE0taMxU6WH405PkpFoh/qKWDI7WbxuNmp7SPHzzNUE3dDy/
TMK3JRxiE6fzDnSzhaExZtQHKoigYYXatMkSMezbyu0O5YFvvWfHKZcKp3g/CsdC
GWPrE7kgmj0oC0ItKxtTYFGUO4xmzrnUiO2567lAUsx+hCMjmSNu2bT4p0MYSAau
pic=
-----END CERTIFICATE-----
Generated at Thu May 1 00:41:20 2025 by rpki-client