Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/JqsqI_lXuhbaXBQLtj-e8WBU81I.roa
File: JqsqI_lXuhbaXBQLtj-e8WBU81I.roa (raw, json)
Hash identifier: pHo1saQvjRBICJ1Hka492hqnkzM9ay7WJXWfwJNm+xk=
Subject key identifier: 26:AB:2A:23:F9:57:BA:16:DA:5C:14:0B:B6:3F:9E:F1:60:54:F3:52
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01855BDA75C751B8C560794B3083AC1FD96F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/JqsqI_lXuhbaXBQLtj-e8WBU81I.roa
Signing time: Thu 29 Dec 2022 03:08:41 +0000
ROA not before: Thu 29 Dec 2022 03:08:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5b:da:75:c7:51:b8:c5:60:79:4b:30:83:ac:1f:d9:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 29 03:08:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=26ab2a23f957ba16da5c140bb63f9ef16054f352
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b8:38:17:fe:ea:51:a3:c2:a4:fc:e7:e7:d3:
2c:03:13:dd:78:8f:d3:05:29:d4:a8:82:81:47:36:
d4:a1:53:c7:dd:50:1d:62:73:9d:21:d1:de:95:af:
56:36:35:63:d4:d7:15:19:ec:0a:44:51:7c:8a:ce:
ac:3d:e6:e8:eb:05:26:bf:f1:8f:b2:b8:89:99:4f:
dd:65:54:d4:06:31:4f:ee:67:52:97:a2:7c:3f:51:
64:e8:c3:da:95:53:bd:d6:30:a2:9c:b6:bf:1c:08:
df:85:b6:c1:c0:dd:95:c9:35:c3:6d:26:f3:8b:da:
e8:77:24:36:6d:01:b1:ca:8b:9c:85:3b:fa:a4:b0:
13:4a:9d:35:a4:9e:69:6c:62:02:ff:c5:7b:01:ea:
68:47:91:bb:89:55:64:c2:cd:24:e9:54:9e:62:94:
88:77:80:04:60:4b:74:44:8f:33:e9:37:36:3d:e9:
d6:9a:43:77:c7:be:3a:fc:c1:0f:59:ce:34:92:36:
06:49:61:e2:9e:e6:99:f0:f5:45:1d:38:d6:ed:5f:
a8:4a:1b:d2:97:23:de:69:05:d5:db:ac:ec:94:a8:
06:b0:7d:e7:97:d8:8b:0f:2b:3d:ac:20:fc:e4:8e:
22:ef:98:5a:23:d5:5f:0c:ff:85:8a:06:bc:b8:54:
93:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:AB:2A:23:F9:57:BA:16:DA:5C:14:0B:B6:3F:9E:F1:60:54:F3:52
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/JqsqI_lXuhbaXBQLtj-e8WBU81I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4d:29:43:b1:4e:ef:0d:de:ac:bd:c4:d1:d6:33:27:14:52:b9:
f7:ea:a0:d6:12:bb:b4:2b:3b:fa:c5:bd:71:97:a8:cb:0f:78:
b1:65:26:56:76:dc:ba:46:e5:fc:9f:34:66:47:75:1f:b1:d9:
7c:e7:ed:aa:05:8d:1d:75:0f:cd:02:ff:c5:81:94:15:64:67:
cb:7b:04:47:ba:f4:ad:8b:e2:b9:15:a0:47:6b:fc:be:81:e3:
cb:f6:fd:08:42:96:69:27:7d:d5:ff:b6:29:51:61:b3:d6:7f:
64:09:47:3a:85:be:72:80:3a:dc:eb:51:8b:d4:e6:15:00:9f:
72:44:7a:5e:03:4a:a8:a4:33:de:e8:d5:86:98:48:9c:91:fd:
55:e3:91:ba:5d:12:0c:f8:8d:33:fb:85:3a:72:0f:4a:e3:31:
78:b0:f3:d8:41:0a:91:3b:ca:36:6d:a5:c1:b2:fc:b4:ad:e5:
df:65:35:66:b9:62:11:54:a7:24:45:da:46:26:28:b2:98:a3:
4c:68:26:09:c7:58:86:84:3d:bb:44:69:a5:c9:17:7a:02:0b:
a1:80:4c:e1:56:fa:ed:a9:58:43:b9:b7:80:80:5d:89:44:55:
9e:61:53:64:cd:c5:93:14:32:a2:2d:b9:af:dc:08:94:9e:a8:
e3:5a:be:7b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVb2nXHUbjFYHlLMIOsH9lvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI5MDMwODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmFiMmEyM2Y5NTdiYTE2ZGE1YzE0MGJiNjNmOWVmMTYwNTRmMzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLg4F/7qUaPCpPzn59MsAxPdeI/T
BSnUqIKBRzbUoVPH3VAdYnOdIdHela9WNjVj1NcVGewKRFF8is6sPebo6wUmv/GP
sriJmU/dZVTUBjFP7mdSl6J8P1Fk6MPalVO91jCinLa/HAjfhbbBwN2VyTXDbSbz
i9rodyQ2bQGxyouchTv6pLATSp01pJ5pbGIC/8V7AepoR5G7iVVkws0k6VSeYpSI
d4AEYEt0RI8z6Tc2PenWmkN3x746/MEPWc40kjYGSWHinuaZ8PVFHTjW7V+oShvS
lyPeaQXV26zslKgGsH3nl9iLDys9rCD85I4i75haI9VfDP+Figa8uFST/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCarKiP5V7oW2lwUC7Y/nvFgVPNSMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSnFzcUlfbFh1aGJhWEJRTHRqLWU4V0JVODFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE0pQ7FO7w3erL3E0dYz
JxRSuffqoNYSu7QrO/rFvXGXqMsPeLFlJlZ23LpG5fyfNGZHdR+x2Xzn7aoFjR11
D80C/8WBlBVkZ8t7BEe69K2L4rkVoEdr/L6B48v2/QhClmknfdX/tilRYbPWf2QJ
RzqFvnKAOtzrUYvU5hUAn3JEel4DSqikM97o1YaYSJyR/VXjkbpdEgz4jTP7hTpy
D0rjMXiw89hBCpE7yjZtpcGy/LSt5d9lNWa5YhFUpyRF2kYmKLKYo0xoJgnHWIaE
PbtEaaXJF3oCC6GATOFW+u2pWEO5t4CAXYlEVZ5hU2TNxZMUMqItua/cCJSeqONa
vns=
-----END CERTIFICATE-----
Generated at Mon Jun 9 02:23:18 2025 by rpki-client