Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qeDC71WAulWuiI8xlZgv1YJCVJM.roa
File: qeDC71WAulWuiI8xlZgv1YJCVJM.roa (raw, json)
Hash identifier: 0pQDjnxkP2+lc/e26YuOBHZea6vROfw9HVP1wq4jmqg=
Subject key identifier: A9:E0:C2:EF:55:80:BA:55:AE:88:8F:31:95:98:2F:D5:82:42:54:93
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01867782F8689E1C776AABA2B00BC522197E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qeDC71WAulWuiI8xlZgv1YJCVJM.roa
Signing time: Wed 22 Feb 2023 05:05:17 +0000
ROA not before: Wed 22 Feb 2023 05:05:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:7782:26b8/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:77:82:f8:68:9e:1c:77:6a:ab:a2:b0:0b:c5:22:19:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 22 05:05:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9e0c2ef5580ba55ae888f3195982fd582425493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ae:73:81:1d:5d:4e:75:14:a9:4a:d9:0e:32:
99:70:45:9b:c0:51:f0:ee:69:8d:f6:e0:41:71:73:
d4:b5:58:10:7d:24:99:f3:c8:b3:2e:7f:56:45:f7:
24:f6:99:c0:92:52:9f:da:56:92:63:ff:70:a5:8c:
93:89:5e:e8:a4:3e:1b:06:0d:69:f0:41:27:ac:07:
da:13:2a:9e:1b:8e:8a:01:b8:e3:3d:9c:0b:41:28:
e8:1b:51:20:e9:ab:4d:fb:38:d5:40:1a:2f:de:e8:
2d:fe:9f:2c:4e:36:b0:54:cc:98:0b:3d:e8:a5:5d:
d2:46:e7:79:0c:22:9f:ef:3c:07:a3:8e:14:84:ad:
a5:e5:b3:a9:cc:7f:53:51:6c:c8:a8:4c:ad:88:78:
1a:7a:53:40:8d:89:e2:39:7c:0a:08:78:27:34:05:
ff:12:9d:08:3d:27:b9:3f:e0:d5:96:34:98:03:c7:
e0:7e:83:fa:7b:70:92:7f:77:13:2c:8b:6f:2a:6e:
ae:84:9f:c0:6a:60:3f:96:aa:bb:48:f3:cf:47:57:
e9:b5:de:9e:33:12:f4:90:41:7b:1a:73:17:61:f6:
d2:54:27:fc:b5:eb:3d:9e:42:f6:83:4a:a3:73:98:
f2:10:2c:5b:71:4c:86:12:a3:f7:2a:52:50:b4:ed:
dd:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:E0:C2:EF:55:80:BA:55:AE:88:8F:31:95:98:2F:D5:82:42:54:93
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qeDC71WAulWuiI8xlZgv1YJCVJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:3b:cf:97:cf:a5:e1:01:20:d2:88:6a:3e:78:cd:43:e3:e6:
8f:de:7e:46:37:bb:37:d6:17:4f:9c:4e:9b:0e:99:26:c9:7e:
9b:1b:b5:24:5e:9e:04:bc:fd:ba:61:bb:d0:61:8c:ba:77:61:
cf:9f:23:e4:17:7b:44:24:46:fb:f0:49:3f:2f:0b:fa:9a:ac:
24:43:c1:3b:04:c0:e3:44:a9:47:6b:f5:9f:3e:4c:cf:cd:f2:
0b:85:9c:60:16:c1:6e:7d:a0:09:54:70:af:6f:22:63:60:31:
7b:38:b5:6f:02:2c:b2:b3:be:2b:24:a8:fa:b1:7d:66:ff:a5:
59:27:e5:38:a7:b5:a5:02:7d:17:0d:84:cf:67:12:ba:3e:96:
de:ec:d0:5d:0c:40:fd:70:58:85:39:e4:cf:ca:33:54:0d:86:
ec:bc:45:a2:68:aa:f5:1f:39:f5:dc:40:3f:b5:ab:08:6a:a3:
f1:a3:ef:84:11:f0:b2:50:60:27:a4:52:6a:0d:f0:c6:6c:8c:
fd:f4:f9:b2:aa:7f:c0:c1:ca:34:ff:d2:c6:76:2e:8e:ad:0e:
02:c1:82:e4:3d:81:fc:9e:50:44:c1:73:65:a3:8c:61:a0:46:
66:00:e4:c0:f0:0e:c6:e7:9f:5c:78:e6:7b:35:fb:28:b1:74:
67:37:46:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ3gvhonhx3aquisAvFIhl+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIyMDUwNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWUwYzJlZjU1ODBiYTU1YWU4ODhmMzE5NTk4MmZkNTgyNDI1NDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlK5zgR1dTnUUqUrZDjKZcEWbwFHw
7mmN9uBBcXPUtVgQfSSZ88izLn9WRfck9pnAklKf2laSY/9wpYyTiV7opD4bBg1p
8EEnrAfaEyqeG46KAbjjPZwLQSjoG1Eg6atN+zjVQBov3ugt/p8sTjawVMyYCz3o
pV3SRud5DCKf7zwHo44UhK2l5bOpzH9TUWzIqEytiHgaelNAjYniOXwKCHgnNAX/
Ep0IPSe5P+DVljSYA8fgfoP6e3CSf3cTLItvKm6uhJ/AamA/lqq7SPPPR1fptd6e
MxL0kEF7GnMXYfbSVCf8tes9nkL2g0qjc5jyECxbcUyGEqP3KlJQtO3duQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKngwu9VgLpVroiPMZWYL9WCQlSTMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcWVEQzcxV0F1bFd1aUk4eGxaZ3YxWUpDVkpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABg7z5fPpeEBINKIaj54
zUPj5o/efkY3uzfWF0+cTpsOmSbJfpsbtSRengS8/bphu9BhjLp3Yc+fI+QXe0Qk
RvvwST8vC/qarCRDwTsEwONEqUdr9Z8+TM/N8guFnGAWwW59oAlUcK9vImNgMXs4
tW8CLLKzviskqPqxfWb/pVkn5TintaUCfRcNhM9nEro+lt7s0F0MQP1wWIU55M/K
M1QNhuy8RaJoqvUfOfXcQD+1qwhqo/Gj74QR8LJQYCekUmoN8MZsjP30+bKqf8DB
yjT/0sZ2Lo6tDgLBguQ9gfyeUETBc2WjjGGgRmYA5MDwDsbnn1x45ns1+yixdGc3
RsA=
-----END CERTIFICATE-----
Generated at Thu May 1 00:53:14 2025 by rpki-client