Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qMPQaJqCplcjQbtjD_skZVa3TGY.roa
File: qMPQaJqCplcjQbtjD_skZVa3TGY.roa (raw, json)
Hash identifier: tcb1pbV7ix5cvSSTXU0tUpyrEW1xhutJ6DHtbm3mNrc=
Subject key identifier: A8:C3:D0:68:9A:82:A6:57:23:41:BB:63:0F:FB:24:65:56:B7:4C:66
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0182E31830CDBA2C39AA78DC8A16105A30E3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qMPQaJqCplcjQbtjD_skZVa3TGY.roa
Signing time: Sun 28 Aug 2022 06:16:29 +0000
ROA not before: Sun 28 Aug 2022 06:16:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e3:18:30:cd:ba:2c:39:aa:78:dc:8a:16:10:5a:30:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 28 06:16:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8c3d0689a82a6572341bb630ffb246556b74c66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9d:49:e8:01:c7:3d:e2:9f:f0:19:a0:cf:a9:
e0:72:dc:ab:ce:bb:3f:5e:83:40:2f:64:83:ba:db:
53:9f:d9:dc:9f:c1:b8:65:d4:f3:f1:f6:19:28:97:
0b:4a:43:3c:9b:19:91:f7:0c:1c:f5:61:08:c0:d2:
51:7f:21:8a:09:54:69:02:14:fc:86:62:c4:39:1d:
91:23:57:d2:f9:39:7e:6a:2b:8e:27:42:ea:e6:6a:
9d:24:c0:4a:70:43:56:14:e7:85:bc:b9:1d:a3:ce:
b7:02:d6:86:02:52:1b:6c:17:03:74:66:12:b5:a2:
64:80:60:6a:1a:01:c0:0a:d0:df:70:72:37:86:76:
a4:da:14:5b:14:c3:ea:69:bb:24:74:a2:06:15:dd:
c5:22:87:0a:44:59:ab:49:9f:28:ed:95:23:e0:1f:
71:44:d9:66:5a:5b:a5:e5:8c:11:a6:b8:12:ff:4a:
2d:8a:63:b8:4d:cd:c3:8f:e5:4c:12:fc:41:6d:1f:
77:20:94:d7:34:dc:cb:71:e9:8d:8f:04:6f:93:66:
bf:c1:84:74:fa:14:9f:aa:51:17:ac:30:3b:4b:d4:
a5:38:01:6e:9b:bd:4d:11:7a:6f:7a:28:29:6c:9e:
ee:c7:3f:84:31:e9:f4:37:20:da:b7:d4:c6:8f:6f:
cb:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C3:D0:68:9A:82:A6:57:23:41:BB:63:0F:FB:24:65:56:B7:4C:66
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qMPQaJqCplcjQbtjD_skZVa3TGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
24:d8:83:5c:d0:de:2d:14:fd:cb:7f:f9:c1:c8:c0:e0:58:98:
e1:97:64:c1:f1:31:85:19:3c:3e:94:bc:10:f6:b4:d9:0d:23:
17:23:2c:a5:f4:e3:87:1f:e0:4a:31:e5:73:ab:f0:8a:52:37:
c6:e0:ca:9d:b4:e9:f6:22:45:77:22:13:3c:51:ae:aa:69:77:
2e:4c:5c:7e:bf:6a:69:84:cb:64:d6:7b:ee:39:89:88:27:8a:
5d:9b:e1:a7:76:0d:57:97:85:c6:9d:f4:97:4a:7c:b4:ad:95:
d7:0c:52:d5:cb:ae:13:17:ef:54:7d:19:11:d8:6f:d0:95:9c:
a6:b1:04:2e:98:2b:dd:a9:7a:68:cd:66:29:3e:84:df:68:34:
4e:d6:e3:be:39:45:21:19:84:32:4e:6b:0f:99:d8:83:2f:c2:
4e:26:5c:1c:51:5a:d0:f9:35:c3:06:56:9e:2c:7c:98:22:5d:
21:a6:7f:e4:46:d6:c0:e8:f2:42:34:55:af:b1:4c:a8:15:a5:
20:40:e9:99:25:b8:19:4d:20:c2:a7:a0:05:3a:04:fe:ba:b4:
7f:45:d6:73:0e:d6:7a:b5:e5:12:df:4b:e4:51:a5:eb:dd:8a:
6b:17:0d:77:1d:e1:aa:c5:bb:e3:11:6b:37:46:57:90:6e:a8:
ed:76:58:79
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYLjGDDNuiw5qnjcihYQWjDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwODI4MDYxNjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGMzZDA2ODlhODJhNjU3MjM0MWJiNjMwZmZiMjQ2NTU2Yjc0YzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlp1J6AHHPeKf8Bmgz6ngctyrzrs/
XoNAL2SDuttTn9ncn8G4ZdTz8fYZKJcLSkM8mxmR9wwc9WEIwNJRfyGKCVRpAhT8
hmLEOR2RI1fS+Tl+aiuOJ0Lq5mqdJMBKcENWFOeFvLkdo863AtaGAlIbbBcDdGYS
taJkgGBqGgHACtDfcHI3hnak2hRbFMPqabskdKIGFd3FIocKRFmrSZ8o7ZUj4B9x
RNlmWlul5YwRprgS/0otimO4Tc3Dj+VMEvxBbR93IJTXNNzLcemNjwRvk2a/wYR0
+hSfqlEXrDA7S9SlOAFum71NEXpveigpbJ7uxz+EMen0NyDat9TGj2/LtQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKjD0GiagqZXI0G7Yw/7JGVWt0xmMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcU1QUWFKcUNwbGNqUWJ0akRfc2taVmEzVEdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACTYg1zQ3i0U/ct/+cHI
wOBYmOGXZMHxMYUZPD6UvBD2tNkNIxcjLKX044cf4Eox5XOr8IpSN8bgyp206fYi
RXciEzxRrqppdy5MXH6/ammEy2TWe+45iYgnil2b4ad2DVeXhcad9JdKfLStldcM
UtXLrhMX71R9GRHYb9CVnKaxBC6YK92pemjNZik+hN9oNE7W4745RSEZhDJOaw+Z
2IMvwk4mXBxRWtD5NcMGVp4sfJgiXSGmf+RG1sDo8kI0Va+xTKgVpSBA6ZkluBlN
IMKnoAU6BP66tH9F1nMO1nq15RLfS+RRpevdimsXDXcd4arFu+MRazdGV5BuqO12
WHk=
-----END CERTIFICATE-----
Generated at Thu May 1 21:15:14 2025 by rpki-client