Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qrQKze33YZMktrRudVtl1Iingd4.roa
File: qrQKze33YZMktrRudVtl1Iingd4.roa (raw, json)
Hash identifier: bZhnht1Xjdl/IIbN36JiCJFn/MrmE+Ybu9qhVgAsrYo=
Subject key identifier: AA:B4:0A:CD:ED:F7:61:93:24:B6:B4:6E:75:5B:65:D4:88:A7:81:DE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184E490D8C1E504BC7DA30CD5A1C236C5E8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qrQKze33YZMktrRudVtl1Iingd4.roa
Signing time: Mon 05 Dec 2022 23:13:28 +0000
ROA not before: Mon 05 Dec 2022 23:13:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e4:90:d8:c1:e5:04:bc:7d:a3:0c:d5:a1:c2:36:c5:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 5 23:13:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aab40acdedf7619324b6b46e755b65d488a781de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c1:77:f2:24:9a:a8:41:d6:d7:c0:b1:1c:6b:
4e:76:bb:60:0b:7d:cc:b2:44:a4:30:ce:1b:09:f1:
d2:91:a0:53:21:f4:ab:0e:af:e9:bd:12:94:21:c2:
00:21:a9:ec:30:a1:92:e9:3f:a2:d7:f9:ad:19:49:
cd:08:29:19:44:c3:e9:fa:06:62:0d:23:57:7c:d5:
92:7b:a0:c1:c7:80:92:00:56:e9:55:d6:d5:10:8d:
9c:aa:88:fb:f3:9c:c5:ea:c8:06:75:36:21:63:07:
96:dd:ad:03:a6:14:28:42:c8:fb:47:81:81:c5:14:
d6:be:1f:cc:a8:14:40:26:2d:a6:22:51:89:8f:7c:
02:68:02:6d:99:2f:73:d0:0b:b7:69:bc:7e:e5:d7:
4d:e3:af:8d:08:85:79:8f:ff:a0:e9:7b:4f:e7:fd:
47:42:20:4b:89:5e:0b:2d:e2:16:59:94:d6:2d:8d:
9d:9b:a9:d6:cf:f0:4a:01:66:3c:64:59:6c:f4:24:
ee:67:db:67:d1:f8:0c:3f:03:13:2a:f2:80:76:79:
2d:20:0a:e5:d9:75:5d:ee:3e:76:b6:0b:0b:d2:6d:
d3:6c:8f:b6:0b:c0:5d:b3:c8:cc:e2:75:2c:fd:6b:
52:b2:f7:e5:9e:25:68:f6:ff:24:28:06:9c:91:5e:
a4:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:B4:0A:CD:ED:F7:61:93:24:B6:B4:6E:75:5B:65:D4:88:A7:81:DE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qrQKze33YZMktrRudVtl1Iingd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
49:ad:4a:b7:0f:33:89:d3:79:ee:07:ca:2e:b3:53:79:12:00:
78:36:e3:12:0f:5e:9e:fd:ee:38:8d:24:0d:74:14:9c:9b:00:
dc:3f:f3:38:37:cb:3e:0a:e1:72:40:b0:cd:2f:00:4b:27:e4:
97:88:64:5f:1f:78:bf:8a:45:7b:f9:b9:fe:79:e5:d0:0b:b7:
5d:75:1b:3b:ae:4b:0b:59:3e:5b:d3:0b:fc:9e:72:50:0d:99:
b5:a6:72:19:6f:e9:76:4d:e8:aa:c6:9e:88:81:95:3d:a7:65:
ba:fc:1a:0a:23:d6:23:8e:52:56:cf:cb:4d:c3:96:c7:e2:8a:
d4:63:59:70:78:41:72:06:1c:93:a5:39:7c:8e:df:17:26:6a:
19:57:6b:f1:f8:6a:c1:c1:55:eb:e1:8a:74:fe:f7:b4:7b:70:
4c:ce:25:38:4e:1d:3b:10:34:9b:72:80:a0:ea:d5:8a:00:43:
a7:4a:59:1f:bd:4b:a5:01:71:31:4f:1a:c4:3e:58:06:83:aa:
ab:15:db:f2:18:91:f0:2a:0b:6d:6d:50:8d:6c:83:f7:b1:10:
52:d9:65:a4:0f:09:49:66:e3:6e:7d:2b:84:88:56:20:ad:2c:
c9:0c:11:8b:7c:b9:fa:c0:24:71:01:e9:e8:25:d1:54:d6:ed:
9d:d0:cd:88
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTkkNjB5QS8faMM1aHCNsXoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjA1MjMxMzI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWI0MGFjZGVkZjc2MTkzMjRiNmI0NmU3NTViNjVkNDg4YTc4MWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8F38iSaqEHW18CxHGtOdrtgC33M
skSkMM4bCfHSkaBTIfSrDq/pvRKUIcIAIansMKGS6T+i1/mtGUnNCCkZRMPp+gZi
DSNXfNWSe6DBx4CSAFbpVdbVEI2cqoj785zF6sgGdTYhYweW3a0DphQoQsj7R4GB
xRTWvh/MqBRAJi2mIlGJj3wCaAJtmS9z0Au3abx+5ddN46+NCIV5j/+g6XtP5/1H
QiBLiV4LLeIWWZTWLY2dm6nWz/BKAWY8ZFls9CTuZ9tn0fgMPwMTKvKAdnktIArl
2XVd7j52tgsL0m3TbI+2C8Bds8jM4nUs/WtSsvflniVo9v8kKAackV6kOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKq0Cs3t92GTJLa0bnVbZdSIp4HeMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcXJRS3plMzNZWk1rdHJSdWRWdGwxSWluZ2Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEmtSrcPM4nTee4Hyi6z
U3kSAHg24xIPXp797jiNJA10FJybANw/8zg3yz4K4XJAsM0vAEsn5JeIZF8feL+K
RXv5uf555dALt111GzuuSwtZPlvTC/yeclANmbWmchlv6XZN6KrGnoiBlT2nZbr8
Ggoj1iOOUlbPy03DlsfiitRjWXB4QXIGHJOlOXyO3xcmahlXa/H4asHBVevhinT+
97R7cEzOJThOHTsQNJtygKDq1YoAQ6dKWR+9S6UBcTFPGsQ+WAaDqqsV2/IYkfAq
C21tUI1sg/exEFLZZaQPCUlm4259K4SIViCtLMkMEYt8ufrAJHEB6egl0VTW7Z3Q
zYg=
-----END CERTIFICATE-----
Generated at Thu May 1 11:27:25 2025 by rpki-client