Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qbJcifflhfmHi46KuFOGxtVGi68.roa
File: qbJcifflhfmHi46KuFOGxtVGi68.roa (raw, json)
Hash identifier: OpnGWMYlgVjPq0HUlzOsy+rRpsjVcjj04q66z1iwUXI=
Subject key identifier: A9:B2:5C:89:F7:E5:85:F9:87:8B:8E:8A:B8:53:86:C6:D5:46:8B:AF
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01864C97EEA37E3E9A98E6C915D12DD48165
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qbJcifflhfmHi46KuFOGxtVGi68.roa
Signing time: Mon 13 Feb 2023 21:04:30 +0000
ROA not before: Mon 13 Feb 2023 21:04:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:4c97:a4f8/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4c:97:ee:a3:7e:3e:9a:98:e6:c9:15:d1:2d:d4:81:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 13 21:04:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9b25c89f7e585f9878b8e8ab85386c6d5468baf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:1d:60:c7:60:df:96:8d:0f:dc:04:a5:9a:0d:
0e:e5:95:35:95:52:d0:d9:25:ec:98:ff:14:1b:73:
e3:f7:42:ae:f7:fc:6f:f7:0e:e5:49:b8:df:23:34:
d6:fe:2b:76:4c:d3:a6:a6:35:ae:b2:58:ba:8a:d1:
eb:48:39:9b:44:a8:4f:6a:99:da:29:f3:7a:7f:cf:
00:23:86:55:27:f0:18:2a:3f:77:24:9c:d1:f7:3a:
db:0d:c7:d9:79:8d:26:37:fe:ab:41:cd:ce:85:9e:
69:35:36:76:78:9d:d0:72:15:30:fd:95:3e:de:7e:
ef:84:ac:d7:fc:24:1b:f6:e5:97:aa:b0:b6:b3:9e:
f6:86:ef:1d:06:31:50:bf:30:f2:57:fd:a0:a1:19:
b6:ca:1d:5b:14:71:63:4b:df:e4:ba:76:00:03:1e:
3d:00:e8:fd:c0:53:5d:f5:7e:fe:43:c4:b1:31:b1:
03:cc:2a:e5:42:6a:84:9a:a7:54:0e:ad:90:da:99:
d7:0c:f2:2f:2e:92:d8:27:dd:78:db:51:de:80:ba:
66:be:f5:c0:9c:bc:9d:ce:32:41:3c:b3:f0:f7:3c:
42:b5:7a:5b:cc:c6:79:f5:93:3f:9d:67:0a:52:8a:
7e:72:42:9c:1b:e1:1a:87:25:5d:8e:b4:be:ca:6d:
9c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:B2:5C:89:F7:E5:85:F9:87:8B:8E:8A:B8:53:86:C6:D5:46:8B:AF
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qbJcifflhfmHi46KuFOGxtVGi68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:5b:60:51:89:21:cb:12:e2:4a:e1:5a:b6:d5:07:fb:b7:28:
c2:d8:32:e0:f5:89:ea:05:67:f8:de:1c:7d:c5:c7:b3:f8:4b:
b4:e1:58:f7:38:ee:35:eb:4d:90:cd:f1:a7:84:f2:67:18:c7:
6a:92:c9:d5:b1:52:d7:db:01:2d:84:aa:f6:43:99:1f:9c:c6:
0a:29:61:12:fd:f2:3f:00:60:33:74:b7:67:74:e0:ee:a1:e9:
bc:c6:db:5f:eb:dd:c6:e0:13:72:cf:2a:14:c3:01:b7:4e:5b:
13:5e:f0:f0:d7:f2:b4:3f:28:c8:b3:b7:70:72:90:2e:a5:40:
57:65:e8:42:d5:07:54:88:d4:d1:d2:fd:f6:2a:91:60:44:0d:
f0:4e:68:b2:7d:34:33:78:77:f2:50:c8:29:8c:53:81:cf:f0:
74:74:97:e6:15:43:90:d6:33:08:d8:19:77:fa:02:e5:c9:bb:
1f:ee:3d:8b:e4:06:ea:e3:f2:96:35:dd:ce:7d:e3:7e:71:14:
ee:10:8c:fc:1f:fa:54:e8:46:e7:16:47:e7:20:78:c7:42:b0:
ae:9d:f6:c3:5f:e3:19:ca:62:43:57:db:cd:9f:ae:14:9d:7e:
07:61:2a:2b:eb:79:30:59:5c:0b:f1:79:e3:ca:35:90:e2:41:
76:73:1d:a2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZMl+6jfj6amObJFdEt1IFlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjEzMjEwNDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWIyNWM4OWY3ZTU4NWY5ODc4YjhlOGFiODUzODZjNmQ1NDY4YmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAix1gx2Dflo0P3ASlmg0O5ZU1lVLQ
2SXsmP8UG3Pj90Ku9/xv9w7lSbjfIzTW/it2TNOmpjWusli6itHrSDmbRKhPapna
KfN6f88AI4ZVJ/AYKj93JJzR9zrbDcfZeY0mN/6rQc3OhZ5pNTZ2eJ3QchUw/ZU+
3n7vhKzX/CQb9uWXqrC2s572hu8dBjFQvzDyV/2goRm2yh1bFHFjS9/kunYAAx49
AOj9wFNd9X7+Q8SxMbEDzCrlQmqEmqdUDq2Q2pnXDPIvLpLYJ91421HegLpmvvXA
nLydzjJBPLPw9zxCtXpbzMZ59ZM/nWcKUop+ckKcG+EahyVdjrS+ym2cBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKmyXIn35YX5h4uOirhThsbVRouvMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcWJKY2lmZmxoZm1IaTQ2S3VGT0d4dFZHaTY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABhbYFGJIcsS4krhWrbV
B/u3KMLYMuD1ieoFZ/jeHH3Fx7P4S7ThWPc47jXrTZDN8aeE8mcYx2qSydWxUtfb
AS2EqvZDmR+cxgopYRL98j8AYDN0t2d04O6h6bzG21/r3cbgE3LPKhTDAbdOWxNe
8PDX8rQ/KMizt3BykC6lQFdl6ELVB1SI1NHS/fYqkWBEDfBOaLJ9NDN4d/JQyCmM
U4HP8HR0l+YVQ5DWMwjYGXf6AuXJux/uPYvkBurj8pY13c59435xFO4QjPwf+lTo
RucWR+cgeMdCsK6d9sNf4xnKYkNX282frhSdfgdhKivreTBZXAvxeePKNZDiQXZz
HaI=
-----END CERTIFICATE-----
Generated at Thu May 1 08:26:11 2025 by rpki-client