Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qiSsABeDyNwLpiUgOWv-3muSvYg.roa
File: qiSsABeDyNwLpiUgOWv-3muSvYg.roa (raw, json)
Hash identifier: bls/qOZHGIZQkoK4MhLdFf0J3sWUIfiD3AdLpJMI8Qo=
Subject key identifier: AA:24:AC:00:17:83:C8:DC:0B:A6:25:20:39:6B:FE:DE:6B:92:BD:88
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01864F2FB11C1AAAB755F18D15900E2FB5BA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qiSsABeDyNwLpiUgOWv-3muSvYg.roa
Signing time: Tue 14 Feb 2023 09:09:30 +0000
ROA not before: Tue 14 Feb 2023 09:09:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4f:2f:b1:1c:1a:aa:b7:55:f1:8d:15:90:0e:2f:b5:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 14 09:09:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa24ac001783c8dc0ba62520396bfede6b92bd88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:33:94:ee:cc:db:ba:3e:d5:28:87:cc:83:a3:
61:09:3b:c8:cf:28:1f:0e:db:83:8c:49:5e:45:75:
69:79:37:f2:40:db:f1:5f:65:62:c6:e9:b0:15:5d:
00:11:d1:80:e7:57:3f:15:4e:07:68:ec:c5:e5:e7:
73:cf:93:ed:ae:4b:a9:94:73:2a:c4:cc:4d:29:55:
55:93:13:09:00:20:3a:10:c1:25:9c:68:de:de:d5:
49:13:87:09:b9:40:71:5f:cf:25:61:15:6f:d0:12:
4c:7d:27:fa:87:8f:f6:7b:0a:4e:8d:8e:64:f2:2e:
46:c2:27:38:73:ce:be:2c:5f:e0:5b:6c:2e:aa:04:
62:16:b1:c8:b4:ca:fc:ad:96:20:2e:ce:6a:f3:96:
cd:33:bb:31:4a:8a:d3:39:c3:b4:eb:27:dc:b1:b8:
6d:c7:15:aa:46:ba:cd:29:1b:f9:a7:e2:b0:5a:3c:
fd:43:2a:f9:63:c8:04:64:74:d1:cf:68:f8:1b:61:
6a:28:d3:5f:7c:9b:c1:86:6c:8c:82:e6:a3:e2:33:
9d:64:1e:5d:b2:61:8d:1a:78:dd:6e:57:23:b5:54:
74:ae:9a:a7:9a:98:59:79:64:09:4e:ca:a4:42:da:
78:99:bc:1c:4e:dd:b6:48:b8:82:f7:9a:43:bb:9f:
29:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:24:AC:00:17:83:C8:DC:0B:A6:25:20:39:6B:FE:DE:6B:92:BD:88
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qiSsABeDyNwLpiUgOWv-3muSvYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
41:24:cf:9e:2a:80:51:a4:03:8b:e4:d7:ca:c2:88:95:ee:fe:
17:89:52:21:d0:70:2c:37:3c:85:c1:33:08:88:1b:84:ff:77:
52:20:61:40:e0:60:1d:1f:38:d7:15:42:e1:e9:64:75:40:27:
3e:52:60:63:53:19:7c:3d:e1:0d:91:52:ba:51:18:e5:bb:24:
a5:4a:f1:b3:2b:ff:da:a3:43:5c:53:00:c3:74:71:ce:85:f2:
00:4f:5e:7f:ac:7a:b1:8a:7e:73:fc:ad:35:1f:e3:fe:f1:9e:
6b:cd:90:f6:c7:b5:19:54:d7:5a:ab:b9:28:c3:c7:c8:7d:e7:
c7:4b:98:10:81:32:8a:07:e9:32:de:26:45:d4:9a:0b:50:a0:
6a:a0:06:43:80:c7:fd:20:eb:8a:7e:49:43:99:ac:58:46:b3:
a7:44:6d:61:b4:9e:5c:ab:47:d6:01:c1:89:f5:8e:cb:0a:5d:
a0:9f:95:d9:67:27:31:83:51:b3:a8:90:1b:3a:3d:98:fa:0c:
d4:81:cf:97:35:ce:6f:be:6b:38:77:f8:d2:0d:60:88:87:ca:
fb:b0:b0:c8:9b:e3:ca:11:d9:4d:96:e3:bc:c7:53:37:25:8b:
f2:56:e6:12:a7:33:3c:10:5d:81:cc:e9:77:3e:a5:ef:7a:0b:
9a:8b:dd:ed
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZPL7EcGqq3VfGNFZAOL7W6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE0MDkwOTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTI0YWMwMDE3ODNjOGRjMGJhNjI1MjAzOTZiZmVkZTZiOTJiZDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTOU7szbuj7VKIfMg6NhCTvIzygf
DtuDjEleRXVpeTfyQNvxX2VixumwFV0AEdGA51c/FU4HaOzF5edzz5PtrkuplHMq
xMxNKVVVkxMJACA6EMElnGje3tVJE4cJuUBxX88lYRVv0BJMfSf6h4/2ewpOjY5k
8i5Gwic4c86+LF/gW2wuqgRiFrHItMr8rZYgLs5q85bNM7sxSorTOcO06yfcsbht
xxWqRrrNKRv5p+KwWjz9Qyr5Y8gEZHTRz2j4G2FqKNNffJvBhmyMguaj4jOdZB5d
smGNGnjdblcjtVR0rpqnmphZeWQJTsqkQtp4mbwcTt22SLiC95pDu58p0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKokrAAXg8jcC6YlIDlr/t5rkr2IMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcWlTc0FCZUR5TndMcGlVZ09Xdi0zbXVTdllnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEEkz54qgFGkA4vk18rC
iJXu/heJUiHQcCw3PIXBMwiIG4T/d1IgYUDgYB0fONcVQuHpZHVAJz5SYGNTGXw9
4Q2RUrpRGOW7JKVK8bMr/9qjQ1xTAMN0cc6F8gBPXn+serGKfnP8rTUf4/7xnmvN
kPbHtRlU11qruSjDx8h958dLmBCBMooH6TLeJkXUmgtQoGqgBkOAx/0g64p+SUOZ
rFhGs6dEbWG0nlyrR9YBwYn1jssKXaCfldlnJzGDUbOokBs6PZj6DNSBz5c1zm++
azh3+NINYIiHyvuwsMib48oR2U2W47zHUzcli/JW5hKnMzwQXYHM6Xc+pe96C5qL
3e0=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:14:37 2025 by rpki-client