Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qczZgj6JBD3auflHFWrPPvPfWbA.roa
File: qczZgj6JBD3auflHFWrPPvPfWbA.roa (raw, json)
Hash identifier: raL8n3+BJGR2ZkqUVQ+eOcNa3913ISENDI6jvwMp4NY=
Subject key identifier: A9:CC:D9:82:3E:89:04:3D:DA:B9:F9:47:15:6A:CF:3E:F3:DF:59:B0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189CF1135AF214B5DEB2447AE1BEFBBF317
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qczZgj6JBD3auflHFWrPPvPfWbA.roa
Signing time: Mon 07 Aug 2023 08:15:58 +0000
ROA not before: Mon 07 Aug 2023 08:15:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cf:11:35:af:21:4b:5d:eb:24:47:ae:1b:ef:bb:f3:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 7 08:15:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9ccd9823e89043ddab9f947156acf3ef3df59b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:7e:b8:c8:1d:63:e7:39:4e:c6:9d:16:e2:ec:
1c:86:69:34:1a:b9:41:f6:14:a5:ed:59:ad:60:d7:
e4:71:2a:3f:6d:0c:ca:86:1f:bc:64:55:db:da:06:
40:cd:3b:0d:9f:e9:f5:a7:b3:ef:dc:ed:62:cf:6a:
22:9a:de:64:a0:99:1a:30:20:97:f1:c5:fd:96:a7:
e1:82:b7:72:af:48:2b:ca:d1:a2:80:ac:40:cf:6d:
e6:ee:f1:2c:a1:76:c4:50:95:ce:aa:45:33:15:2c:
16:05:d5:9b:4e:56:ae:b5:5e:a5:7e:39:37:59:1b:
1c:a7:07:ac:8a:fd:29:f8:6a:f7:3d:9d:28:39:a1:
4f:6a:76:51:5c:39:de:3b:d7:59:b6:9a:e6:70:5c:
3b:be:68:ff:30:16:a2:c9:89:8c:5e:2b:30:67:94:
98:c1:51:71:84:ac:81:ea:31:78:ba:9f:45:de:11:
a3:68:8b:87:7d:7b:5d:a0:e3:f3:4f:be:0b:7a:06:
67:58:1a:15:37:2e:dd:e9:16:bd:5e:bd:40:21:44:
e3:01:31:aa:3d:62:4d:b1:e6:40:d8:85:27:6e:9d:
c9:1a:d9:58:c8:b6:36:7c:29:03:d8:d4:12:5a:f5:
70:c9:e1:f5:fc:ce:56:06:92:1f:10:e1:30:78:b9:
78:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:CC:D9:82:3E:89:04:3D:DA:B9:F9:47:15:6A:CF:3E:F3:DF:59:B0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qczZgj6JBD3auflHFWrPPvPfWbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
93:ed:df:e3:d1:9d:2b:99:21:37:b4:ff:4e:f9:6a:28:00:12:
29:c1:9a:19:29:70:44:f0:89:56:84:4d:42:1e:71:a5:d1:79:
1a:37:74:81:40:d0:6f:c8:25:f3:c7:1f:8d:3d:e2:9e:f2:2c:
5f:ac:99:8e:02:e0:7c:74:bf:ce:9a:5b:a5:84:8a:41:54:79:
de:d4:a9:45:5d:b2:1d:b8:82:50:f3:cd:f4:14:3b:24:bc:98:
99:bf:9e:34:cf:6a:dd:e1:28:30:77:77:3a:4a:96:fc:5a:53:
3f:5e:16:c7:90:99:b6:f2:37:92:cd:48:c0:52:68:3f:0f:ae:
e0:10:9f:cb:58:fa:42:58:10:42:dd:d0:59:7b:36:8a:42:2d:
22:6a:6c:55:95:86:e5:c3:af:3c:5c:67:8d:a2:34:18:7d:37:
a3:f1:72:23:d1:dd:ce:ea:b5:73:38:9a:16:11:5e:b9:4d:da:
95:11:d4:b8:81:28:01:a5:be:e1:34:ed:3d:5e:86:0e:d3:45:
95:0b:26:50:8b:64:fd:f1:64:19:57:02:fb:ab:67:fd:d8:f4:
85:75:5d:fd:5f:08:f5:46:80:67:c6:ab:2b:b4:53:6b:43:ca:
c1:8f:db:a4:91:cc:69:b0:4a:ab:46:7e:b2:d5:13:29:22:7b:
c3:b6:60:0b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnPETWvIUtd6yRHrhvvu/MXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA3MDgxNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWNjZDk4MjNlODkwNDNkZGFiOWY5NDcxNTZhY2YzZWYzZGY1OWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhX64yB1j5zlOxp0W4uwchmk0GrlB
9hSl7VmtYNfkcSo/bQzKhh+8ZFXb2gZAzTsNn+n1p7Pv3O1iz2oimt5koJkaMCCX
8cX9lqfhgrdyr0grytGigKxAz23m7vEsoXbEUJXOqkUzFSwWBdWbTlautV6lfjk3
WRscpwesiv0p+Gr3PZ0oOaFPanZRXDneO9dZtprmcFw7vmj/MBaiyYmMXiswZ5SY
wVFxhKyB6jF4up9F3hGjaIuHfXtdoOPzT74LegZnWBoVNy7d6Ra9Xr1AIUTjATGq
PWJNseZA2IUnbp3JGtlYyLY2fCkD2NQSWvVwyeH1/M5WBpIfEOEweLl4ZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKnM2YI+iQQ92rn5RxVqzz7z31mwMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcWN6WmdqNkpCRDNhdWZsSEZXclBQdlBmV2JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJPt3+PRnSuZITe0/075
aigAEinBmhkpcETwiVaETUIecaXReRo3dIFA0G/IJfPHH4094p7yLF+smY4C4Hx0
v86aW6WEikFUed7UqUVdsh24glDzzfQUOyS8mJm/njTPat3hKDB3dzpKlvxaUz9e
FseQmbbyN5LNSMBSaD8PruAQn8tY+kJYEELd0Fl7NopCLSJqbFWVhuXDrzxcZ42i
NBh9N6PxciPR3c7qtXM4mhYRXrlN2pUR1LiBKAGlvuE07T1ehg7TRZULJlCLZP3x
ZBlXAvurZ/3Y9IV1Xf1fCPVGgGfGqyu0U2tDysGP26SRzGmwSqtGfrLVEykie8O2
YAs=
-----END CERTIFICATE-----
Generated at Fri May 2 01:18:21 2025 by rpki-client