Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qWo9EJJvdzu33KSL249bmNgMFdo.roa
File: qWo9EJJvdzu33KSL249bmNgMFdo.roa (raw, json)
Hash identifier: Xbtm2J1v+o00rBAIYuf/Ds+B7S6cnL1He2kV5t1pFJ0=
Subject key identifier: A9:6A:3D:10:92:6F:77:3B:B7:DC:A4:8B:DB:8F:5B:98:D8:0C:15:DA
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018680F3F6665CF71C032A7C6099D3F255B4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qWo9EJJvdzu33KSL249bmNgMFdo.roa
Signing time: Fri 24 Feb 2023 01:05:17 +0000
ROA not before: Fri 24 Feb 2023 01:05:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:80f3:4430/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:80:f3:f6:66:5c:f7:1c:03:2a:7c:60:99:d3:f2:55:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 24 01:05:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a96a3d10926f773bb7dca48bdb8f5b98d80c15da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:90:15:81:38:58:fd:22:c5:72:b1:f6:8a:1f:
a5:b5:72:b0:ba:39:4f:88:50:97:fe:ef:0a:16:b6:
1d:9e:a7:06:2a:45:d5:cd:ea:ff:ef:66:11:e1:b1:
1e:6d:cb:75:4a:97:1f:e4:8d:ba:e8:ca:bd:20:40:
da:08:28:7f:29:05:c5:ec:45:de:62:2a:be:9a:b0:
70:a8:1a:e4:52:1f:10:77:dc:3a:e3:e3:b5:5d:31:
59:31:54:5d:76:ad:e2:bf:81:5c:d0:70:8d:86:9a:
a9:28:89:13:ae:f6:bd:31:15:4b:fa:0f:61:3e:c9:
8f:ab:7f:45:fa:d8:d5:8f:5a:6a:4b:ab:f1:93:00:
37:44:7e:ed:3b:f3:4f:16:27:c7:9a:2e:e6:e7:d1:
02:8a:e4:69:1d:83:72:40:80:b2:fd:28:8e:52:3b:
02:08:48:1a:f1:da:17:7c:c2:62:3a:17:a1:ac:95:
f7:ef:10:b3:70:03:8a:2b:2a:9f:ef:95:83:59:0a:
ff:ba:1a:cf:20:30:85:29:10:ce:35:fa:97:da:9b:
71:fc:34:8e:2f:5d:8a:6b:56:fb:33:f0:f0:06:f2:
3c:2a:4c:c5:d0:cf:e4:f9:cb:81:b8:ff:63:7b:26:
89:fb:66:45:b6:20:d1:8e:ce:3e:be:39:cb:ae:8a:
90:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:6A:3D:10:92:6F:77:3B:B7:DC:A4:8B:DB:8F:5B:98:D8:0C:15:DA
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qWo9EJJvdzu33KSL249bmNgMFdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
56:1e:35:04:f3:cc:98:41:f6:c0:4f:f4:de:3f:e7:d8:39:9c:
0c:7d:be:34:71:ae:bf:10:8e:eb:13:0e:0f:e9:17:45:51:3a:
b1:f9:73:05:42:55:41:5a:cb:02:87:a3:8f:00:97:8f:8c:93:
cd:6a:eb:64:d1:82:3b:56:d7:b3:45:1e:ce:bc:86:4d:54:b6:
80:73:f5:89:28:07:64:a4:04:13:fb:d3:e7:ac:95:10:bf:5d:
3b:92:8c:6d:62:bf:24:31:1a:a4:a6:db:2e:d5:b2:7e:73:1b:
ec:d1:62:e4:40:c0:02:6f:02:ab:3a:f5:21:9a:fe:77:92:cf:
5b:fe:dc:e9:1e:64:66:7b:3c:c2:83:a3:8c:cd:2b:ab:92:82:
26:1e:cc:9b:cd:b4:56:c7:75:de:38:5d:74:d2:b8:59:6c:7b:
4e:24:c8:a7:ba:f4:20:51:2d:50:8f:75:34:b6:39:17:7a:ea:
1d:8f:6c:56:c6:0d:41:32:9f:81:aa:65:c9:d6:e1:d7:c1:09:
63:bd:4d:55:85:26:e1:69:68:8e:52:a3:2c:0b:a7:1f:40:b1:
78:0c:82:69:3c:c7:21:2a:10:0b:99:e4:06:aa:a4:18:77:bb:
eb:27:b6:87:9f:d6:a5:19:4f:2b:7a:fc:f1:5a:db:7d:31:4e:
ab:45:81:5b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaA8/ZmXPccAyp8YJnT8lW0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI0MDEwNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTZhM2QxMDkyNmY3NzNiYjdkY2E0OGJkYjhmNWI5OGQ4MGMxNWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpAVgThY/SLFcrH2ih+ltXKwujlP
iFCX/u8KFrYdnqcGKkXVzer/72YR4bEebct1Spcf5I266Mq9IEDaCCh/KQXF7EXe
Yiq+mrBwqBrkUh8Qd9w64+O1XTFZMVRddq3iv4Fc0HCNhpqpKIkTrva9MRVL+g9h
PsmPq39F+tjVj1pqS6vxkwA3RH7tO/NPFifHmi7m59ECiuRpHYNyQICy/SiOUjsC
CEga8doXfMJiOhehrJX37xCzcAOKKyqf75WDWQr/uhrPIDCFKRDONfqX2ptx/DSO
L12Ka1b7M/DwBvI8KkzF0M/k+cuBuP9jeyaJ+2ZFtiDRjs4+vjnLroqQQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKlqPRCSb3c7t9yki9uPW5jYDBXaMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcVdvOUVKSnZkenUzM0tTTDI0OWJtTmdNRmRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFYeNQTzzJhB9sBP9N4/
59g5nAx9vjRxrr8QjusTDg/pF0VROrH5cwVCVUFaywKHo48Al4+Mk81q62TRgjtW
17NFHs68hk1UtoBz9YkoB2SkBBP70+eslRC/XTuSjG1ivyQxGqSm2y7Vsn5zG+zR
YuRAwAJvAqs69SGa/neSz1v+3OkeZGZ7PMKDo4zNK6uSgiYezJvNtFbHdd44XXTS
uFlse04kyKe69CBRLVCPdTS2ORd66h2PbFbGDUEyn4GqZcnW4dfBCWO9TVWFJuFp
aI5SoywLpx9AsXgMgmk8xyEqEAuZ5AaqpBh3u+sntoef1qUZTyt6/PFa230xTqtF
gVs=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:51:14 2025 by rpki-client