Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qcEI1WJR3P3XaREYf6G2PyocnH8.roa
File: qcEI1WJR3P3XaREYf6G2PyocnH8.roa (raw, json)
Hash identifier: Y+aNe0qV7bbKmU3LmTTeM/S2AtbIpYqEnqi3WRF5hM8=
Subject key identifier: A9:C1:08:D5:62:51:DC:FD:D7:69:11:18:7F:A1:B6:3F:2A:1C:9C:7F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189D2EB3A948F08C00BB30B019419B08E95
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qcEI1WJR3P3XaREYf6G2PyocnH8.roa
Signing time: Tue 08 Aug 2023 02:12:58 +0000
ROA not before: Tue 08 Aug 2023 02:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d2:eb:3a:94:8f:08:c0:0b:b3:0b:01:94:19:b0:8e:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 8 02:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9c108d56251dcfdd76911187fa1b63f2a1c9c7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:4d:1f:90:d9:41:b3:61:68:fa:c5:3a:d0:ca:
32:a2:08:05:f6:3d:9c:c2:48:79:b7:38:1b:c9:ff:
2b:e1:46:40:fb:39:bf:24:bd:55:90:72:97:74:da:
49:2d:d3:ba:75:fc:40:4f:7b:90:d5:a4:9f:5a:f9:
30:3f:06:9a:ce:77:b3:71:d0:ae:c1:38:43:b3:b0:
fa:3e:3c:9b:6f:0f:a1:f0:ac:f5:e8:2e:95:5d:03:
dd:08:5d:d7:9d:4a:af:48:7f:6a:cb:23:3e:f1:7f:
05:a0:06:3c:e2:2c:d2:94:ea:6b:b5:7b:00:de:93:
85:e5:41:52:4d:e5:44:dd:3e:01:c8:60:9e:f6:b9:
e7:2f:dd:b8:83:64:ee:b8:dc:21:fd:71:8d:3d:e5:
78:e8:66:72:0c:82:b2:8b:f4:85:3d:71:18:ba:12:
42:fd:2d:a1:e0:61:ae:bd:cd:c1:1d:a3:ab:bd:98:
fb:39:5d:a1:fe:f0:c4:5a:0e:99:34:95:7f:e4:a4:
da:73:86:a0:68:85:20:af:3c:f0:c0:cf:ba:63:b6:
49:25:92:a2:09:7b:5f:5f:14:ef:16:b8:28:62:57:
b0:ce:a5:ad:77:56:40:fd:2e:87:24:c5:7d:53:b0:
6b:06:f1:e2:b2:28:d3:15:bc:5e:4e:16:c9:de:6b:
68:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:C1:08:D5:62:51:DC:FD:D7:69:11:18:7F:A1:B6:3F:2A:1C:9C:7F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qcEI1WJR3P3XaREYf6G2PyocnH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:76:3e:d3:ee:3e:0b:11:c5:f7:18:e9:88:e8:77:e2:48:35:
91:1d:a0:fa:1b:6a:91:de:59:88:c1:26:05:54:24:b0:4b:93:
d5:a6:2f:36:be:9c:42:5e:92:c1:52:d7:13:11:24:83:e1:4a:
5c:01:f0:37:aa:fc:6f:75:0a:6f:6b:9e:85:46:bf:be:7f:bc:
e2:22:bc:ec:6d:85:9d:0e:c3:af:a2:96:19:c9:4b:54:d9:cf:
2c:85:58:e0:92:ee:56:d4:0e:19:41:9b:19:dd:98:22:ce:1a:
f1:28:d5:b8:ee:31:42:fe:02:55:3c:61:fb:81:fb:5a:40:73:
4f:ea:ba:37:f0:16:c7:e4:a4:40:84:f5:23:79:41:20:a3:18:
73:17:c7:54:e1:c7:26:8a:b6:63:db:ab:7d:39:f1:d8:9d:c6:
cc:ef:15:19:ba:a9:e4:00:61:38:75:8c:ce:f8:e5:0b:00:cc:
0e:0b:19:1c:7c:31:66:b2:5c:fd:86:fa:97:37:15:c8:08:19:
f8:6c:f0:0b:4c:51:b8:4e:9a:de:51:37:6c:3c:81:86:fa:0e:
ad:b8:8a:03:ba:db:99:5a:38:a6:67:70:b1:16:d3:a2:e3:b1:
f9:6d:92:b8:9e:86:41:88:ab:97:d9:62:09:e9:02:4d:34:82:
80:21:d9:a0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnS6zqUjwjAC7MLAZQZsI6VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA4MDIxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWMxMDhkNTYyNTFkY2ZkZDc2OTExMTg3ZmExYjYzZjJhMWM5YzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3k0fkNlBs2Fo+sU60MoyoggF9j2c
wkh5tzgbyf8r4UZA+zm/JL1VkHKXdNpJLdO6dfxAT3uQ1aSfWvkwPwaaznezcdCu
wThDs7D6Pjybbw+h8Kz16C6VXQPdCF3XnUqvSH9qyyM+8X8FoAY84izSlOprtXsA
3pOF5UFSTeVE3T4ByGCe9rnnL924g2TuuNwh/XGNPeV46GZyDIKyi/SFPXEYuhJC
/S2h4GGuvc3BHaOrvZj7OV2h/vDEWg6ZNJV/5KTac4agaIUgrzzwwM+6Y7ZJJZKi
CXtfXxTvFrgoYlewzqWtd1ZA/S6HJMV9U7BrBvHisijTFbxeThbJ3mtolQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKnBCNViUdz912kRGH+htj8qHJx/MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcWNFSTFXSlIzUDNYYVJFWWY2RzJQeW9jbkg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEB2PtPuPgsRxfcY6Yjo
d+JINZEdoPobapHeWYjBJgVUJLBLk9WmLza+nEJeksFS1xMRJIPhSlwB8Deq/G91
Cm9rnoVGv75/vOIivOxthZ0Ow6+ilhnJS1TZzyyFWOCS7lbUDhlBmxndmCLOGvEo
1bjuMUL+AlU8YfuB+1pAc0/qujfwFsfkpECE9SN5QSCjGHMXx1ThxyaKtmPbq305
8didxszvFRm6qeQAYTh1jM745QsAzA4LGRx8MWayXP2G+pc3FcgIGfhs8AtMUbhO
mt5RN2w8gYb6Dq24igO625laOKZncLEW06LjsfltkriehkGIq5fZYgnpAk00goAh
2aA=
-----END CERTIFICATE-----
Generated at Thu May 1 09:05:18 2025 by rpki-client