Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qZmdUNRdIcNmxLbgKaAPyRI11wg.roa
File: qZmdUNRdIcNmxLbgKaAPyRI11wg.roa (raw, json)
Hash identifier: T+mIlOM5M9o4dkWjeUjlPvDsupAbVAXeX72sBll9IVs=
Subject key identifier: A9:99:9D:50:D4:5D:21:C3:66:C4:B6:E0:29:A0:0F:C9:12:35:D7:08
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01875343081CF089F8D1425BC1F730C6FE58
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qZmdUNRdIcNmxLbgKaAPyRI11wg.roa
Signing time: Wed 05 Apr 2023 21:11:54 +0000
ROA not before: Wed 05 Apr 2023 21:11:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:53:43:08:1c:f0:89:f8:d1:42:5b:c1:f7:30:c6:fe:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 5 21:11:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9999d50d45d21c366c4b6e029a00fc91235d708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:cb:2b:ae:73:ac:41:24:c0:d4:82:0a:4c:58:
4c:45:23:30:15:a3:c3:02:87:c6:2c:8a:2c:69:08:
42:64:8e:c6:8e:bc:99:1c:15:f1:6b:e9:47:fa:04:
82:c1:07:2b:92:14:f1:29:4e:63:90:cc:d4:9e:54:
98:fc:6f:77:de:df:fb:cf:96:76:5c:e7:e7:48:cc:
b2:ec:b2:62:5b:61:7e:d6:a1:9b:b3:e8:d1:b5:ea:
29:0b:98:fa:25:df:5e:44:a8:92:6d:f7:78:94:7f:
6f:02:3a:9a:49:45:8c:03:30:f2:6c:0a:ef:ff:93:
29:1a:41:06:fb:fb:72:0d:34:0d:15:b2:08:2c:09:
35:30:ea:53:62:18:8d:cc:c4:a9:d5:9e:96:2c:2f:
43:81:54:8e:87:3f:ec:82:88:4e:20:d0:28:f8:1e:
9f:38:a2:48:a4:bf:9a:7a:4d:a6:85:e1:ac:06:6f:
1c:8d:c7:c8:c4:99:5b:3d:a1:f6:5b:d2:a5:92:98:
d0:2b:5d:28:2f:1e:3a:74:76:96:43:16:76:68:92:
90:97:ae:6a:1d:de:86:97:f8:b1:4c:63:70:0b:19:
ae:fa:24:e7:51:29:1f:4f:c9:16:07:9c:65:65:1e:
33:71:2d:0d:b1:4c:e0:bc:ac:58:c4:ac:fe:b4:ca:
4a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:99:9D:50:D4:5D:21:C3:66:C4:B6:E0:29:A0:0F:C9:12:35:D7:08
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qZmdUNRdIcNmxLbgKaAPyRI11wg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
23:5f:a6:14:83:a0:80:2a:ad:01:c1:b3:4a:0e:ee:94:64:68:
bb:0a:ff:56:12:c1:76:59:e1:35:96:6f:38:d5:ca:ad:4d:a8:
7e:22:66:04:c1:e6:1e:50:30:ca:e7:2b:3b:2d:00:50:4b:7d:
ef:b7:9b:02:86:d8:80:da:53:eb:75:17:29:22:8f:56:b6:7a:
1e:52:91:a5:26:4a:f7:a1:77:f2:f4:04:13:4d:3d:10:f0:82:
96:42:92:84:7e:3d:a1:03:d6:62:13:a9:65:04:bd:23:96:dc:
9c:fe:47:39:6a:1c:14:f1:02:78:6d:dd:fc:6f:48:f6:fb:22:
18:dd:57:a4:55:2f:ea:2b:13:d9:b3:ec:71:e3:86:aa:04:1a:
2b:72:dc:03:9a:55:14:84:d7:02:6d:4a:24:0b:d7:96:a5:40:
90:54:a4:42:e4:5c:9d:a6:25:a0:24:10:cd:31:4f:14:08:7e:
9b:6f:ea:1c:ba:dc:06:df:29:04:db:98:8d:6a:4b:a1:e5:73:
7d:9f:ae:4d:66:29:9a:e1:47:93:d6:6d:6a:3f:b6:27:fe:86:
54:50:7a:f9:2c:e1:bc:55:cd:15:76:f1:49:17:bc:3f:37:af:
7a:72:44:1e:de:4d:77:35:32:85:d0:58:d5:68:be:33:fc:48:
c9:98:7a:06
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYdTQwgc8In40UJbwfcwxv5YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDA1MjExMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTk5OWQ1MGQ0NWQyMWMzNjZjNGI2ZTAyOWEwMGZjOTEyMzVkNzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkssrrnOsQSTA1IIKTFhMRSMwFaPD
AofGLIosaQhCZI7GjryZHBXxa+lH+gSCwQcrkhTxKU5jkMzUnlSY/G933t/7z5Z2
XOfnSMyy7LJiW2F+1qGbs+jRteopC5j6Jd9eRKiSbfd4lH9vAjqaSUWMAzDybArv
/5MpGkEG+/tyDTQNFbIILAk1MOpTYhiNzMSp1Z6WLC9DgVSOhz/sgohOINAo+B6f
OKJIpL+aek2mheGsBm8cjcfIxJlbPaH2W9KlkpjQK10oLx46dHaWQxZ2aJKQl65q
Hd6Gl/ixTGNwCxmu+iTnUSkfT8kWB5xlZR4zcS0NsUzgvKxYxKz+tMpKNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKmZnVDUXSHDZsS24CmgD8kSNdcIMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcVptZFVOUmRJY05teExiZ0thQVB5UkkxMXdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACNfphSDoIAqrQHBs0oO
7pRkaLsK/1YSwXZZ4TWWbzjVyq1NqH4iZgTB5h5QMMrnKzstAFBLfe+3mwKG2IDa
U+t1Fykij1a2eh5SkaUmSvehd/L0BBNNPRDwgpZCkoR+PaED1mITqWUEvSOW3Jz+
RzlqHBTxAnht3fxvSPb7IhjdV6RVL+orE9mz7HHjhqoEGity3AOaVRSE1wJtSiQL
15alQJBUpELkXJ2mJaAkEM0xTxQIfptv6hy63AbfKQTbmI1qS6Hlc32frk1mKZrh
R5PWbWo/tif+hlRQevks4bxVzRV28UkXvD83r3pyRB7eTXc1MoXQWNVovjP8SMmY
egY=
-----END CERTIFICATE-----
Generated at Thu May 1 00:33:59 2025 by rpki-client