Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qNhZbxEZyhYNREt3pcrIxQ8dkTM.roa
File: qNhZbxEZyhYNREt3pcrIxQ8dkTM.roa (raw, json)
Hash identifier: Mb2TlvfvTbXESVTnzEXMratfcVBnn2+YvM9afW/aEz4=
Subject key identifier: A8:D8:59:6F:11:19:CA:16:0D:44:4B:77:A5:CA:C8:C5:0F:1D:91:33
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01857ABCF5BC5DC503AF79B412B224678297
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qNhZbxEZyhYNREt3pcrIxQ8dkTM.roa
Signing time: Wed 04 Jan 2023 03:04:42 +0000
ROA not before: Wed 04 Jan 2023 03:04:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:185:7abc:d468/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7a:bc:f5:bc:5d:c5:03:af:79:b4:12:b2:24:67:82:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 4 03:04:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8d8596f1119ca160d444b77a5cac8c50f1d9133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c2:3f:f3:52:bd:bd:ce:3e:56:81:91:ee:d3:
1c:90:43:93:7e:ec:51:15:1c:91:f5:58:ca:51:e6:
26:f0:34:ec:33:9b:1e:ed:6c:e8:89:8a:d5:34:d8:
3c:60:16:e3:3d:8b:97:96:3f:68:30:e8:a4:3c:3b:
3b:94:68:38:13:8e:a4:4a:97:ae:b9:5e:eb:af:4d:
d6:d9:82:84:59:25:27:51:91:6d:0c:c9:11:f7:5b:
44:80:64:a6:0f:78:fd:a9:71:d2:2f:e7:bc:72:c6:
a3:6c:15:49:76:49:37:70:4c:ed:45:94:5f:ed:64:
2f:c9:41:04:38:b7:ec:d4:91:36:11:9d:06:9c:4f:
3c:96:63:03:0c:2d:75:22:36:61:4d:f6:f5:d7:59:
bc:80:86:97:e3:08:aa:c6:1d:1e:4a:73:67:58:64:
c1:c1:27:af:01:0e:41:37:45:40:84:14:14:59:49:
32:56:64:b5:fb:56:fc:be:5b:a1:4e:2e:03:d7:51:
f3:cf:86:0a:ef:44:14:fd:19:dc:fe:57:4b:7b:ed:
14:17:bc:6a:e7:ea:86:ce:67:50:3e:07:a7:6c:29:
f9:14:ae:44:5d:6f:b4:4d:60:8f:7d:ef:dc:78:40:
28:bd:04:2c:6a:27:9a:d6:f6:dd:80:32:fb:1d:6d:
8e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:D8:59:6F:11:19:CA:16:0D:44:4B:77:A5:CA:C8:C5:0F:1D:91:33
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qNhZbxEZyhYNREt3pcrIxQ8dkTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
28:bb:7d:2b:0d:ce:a4:37:98:55:ac:c6:a5:8b:36:a3:f5:3f:
de:c9:a3:9c:30:86:49:aa:cb:75:3a:b1:d9:cd:d4:4b:ee:fd:
ce:b5:61:ea:e4:0d:61:2a:11:3f:16:6d:4b:3d:59:b0:54:36:
59:41:73:4e:71:87:38:d8:a6:90:e1:f1:3f:64:fe:23:6f:9e:
8f:15:64:90:57:75:94:90:cc:00:f3:6e:53:88:79:21:4e:6e:
3b:9a:a2:fa:e7:38:99:d0:82:15:88:cc:8a:59:a1:f9:31:e3:
ad:1d:89:14:ca:79:bc:fd:01:3a:81:e7:58:69:47:e7:63:01:
57:d3:8f:79:6a:81:04:76:ef:91:15:17:5f:1b:28:b8:1e:51:
76:54:c1:06:b4:fa:15:1a:83:cb:26:f1:1c:82:19:67:0a:1b:
92:58:4a:f7:92:f5:d7:b9:c5:62:0a:1c:bd:1f:71:f7:a6:28:
d0:64:db:9b:8f:c2:ca:07:fc:67:38:92:92:d0:bf:44:6d:7c:
2f:dd:70:14:f4:e8:e3:0d:61:5a:06:17:29:d7:65:ab:6b:e4:
72:5c:ba:d1:7d:98:2c:5e:37:ae:48:41:51:eb:4a:a3:2d:e5:
39:0e:58:40:a1:4b:66:c1:df:ef:28:52:cb:8d:71:7a:2b:25:
ad:79:9d:96
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYV6vPW8XcUDr3m0ErIkZ4KXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA0MDMwNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGQ4NTk2ZjExMTljYTE2MGQ0NDRiNzdhNWNhYzhjNTBmMWQ5MTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcI/81K9vc4+VoGR7tMckEOTfuxR
FRyR9VjKUeYm8DTsM5se7WzoiYrVNNg8YBbjPYuXlj9oMOikPDs7lGg4E46kSpeu
uV7rr03W2YKEWSUnUZFtDMkR91tEgGSmD3j9qXHSL+e8csajbBVJdkk3cEztRZRf
7WQvyUEEOLfs1JE2EZ0GnE88lmMDDC11IjZhTfb111m8gIaX4wiqxh0eSnNnWGTB
wSevAQ5BN0VAhBQUWUkyVmS1+1b8vluhTi4D11Hzz4YK70QU/Rnc/ldLe+0UF7xq
5+qGzmdQPgenbCn5FK5EXW+0TWCPfe/ceEAovQQsaiea1vbdgDL7HW2OYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKjYWW8RGcoWDURLd6XKyMUPHZEzMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcU5oWmJ4RVp5aFlOUkV0M3Bjckl4UThka1RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACi7fSsNzqQ3mFWsxqWL
NqP1P97Jo5wwhkmqy3U6sdnN1Evu/c61YerkDWEqET8WbUs9WbBUNllBc05xhzjY
ppDh8T9k/iNvno8VZJBXdZSQzADzblOIeSFObjuaovrnOJnQghWIzIpZofkx460d
iRTKebz9ATqB51hpR+djAVfTj3lqgQR275EVF18bKLgeUXZUwQa0+hUag8sm8RyC
GWcKG5JYSveS9de5xWIKHL0fcfemKNBk25uPwsoH/Gc4kpLQv0RtfC/dcBT06OMN
YVoGFynXZatr5HJcutF9mCxeN65IQVHrSqMt5TkOWEChS2bB3+8oUsuNcXorJa15
nZY=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:08:35 2025 by rpki-client