Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KQDLP9G33oZPl-AsBLYfMUA-PCw.roa
File: KQDLP9G33oZPl-AsBLYfMUA-PCw.roa (raw, json)
Hash identifier: O4WUUJV50o2ikxTpX4+xBSh7l6Gunp+hyrOBBEHyhJM=
Subject key identifier: 29:00:CB:3F:D1:B7:DE:86:4F:97:E0:2C:04:B6:1F:31:40:3E:3C:2C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01849B2EF4B8E5B922A1305C0D984A43EA65
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KQDLP9G33oZPl-AsBLYfMUA-PCw.roa
Signing time: Mon 21 Nov 2022 17:14:16 +0000
ROA not before: Mon 21 Nov 2022 17:14:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9b:2e:f4:b8:e5:b9:22:a1:30:5c:0d:98:4a:43:ea:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Nov 21 17:14:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2900cb3fd1b7de864f97e02c04b61f31403e3c2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c5:24:fb:c4:73:73:30:06:7f:b8:91:1a:b1:
a5:af:48:8e:38:34:cb:57:81:36:b7:7f:94:78:fe:
20:74:60:6d:a5:82:7c:02:ea:ec:d8:45:52:7d:9a:
b3:78:8e:5e:45:e2:fc:d9:98:cf:98:7c:09:b6:a2:
93:49:3e:a4:56:cb:2a:b3:33:e6:1d:fb:bb:a7:7f:
55:d8:2f:1a:1d:fd:81:1f:90:cc:68:e9:5a:eb:f1:
e0:c8:ba:cb:ec:e1:b4:eb:1d:f1:df:f5:1b:5f:91:
49:7e:9e:4c:f8:74:a9:57:0d:22:57:55:c6:ee:6e:
40:fa:b3:99:5f:e4:4d:7d:4b:35:94:f1:5a:ee:b9:
3f:55:a1:d4:8b:8e:79:12:66:16:ea:90:55:3e:56:
a4:1a:86:ee:5f:3a:c8:43:60:82:8e:38:4a:bf:40:
58:4a:3f:22:9e:66:5d:94:ff:ff:f9:5c:8e:1c:14:
6f:9e:08:2a:88:51:26:12:b7:3b:e5:3b:6c:21:74:
00:f8:ab:3b:a6:53:1c:2c:a8:c3:f8:c1:0d:22:fb:
93:33:5e:b6:90:aa:a0:90:55:ac:0f:64:cf:4e:e0:
9b:f1:08:04:bd:42:12:8a:9a:48:41:e7:27:22:51:
a3:33:34:fe:54:06:2b:08:7b:84:27:3c:71:44:93:
bb:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:00:CB:3F:D1:B7:DE:86:4F:97:E0:2C:04:B6:1F:31:40:3E:3C:2C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KQDLP9G33oZPl-AsBLYfMUA-PCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9a:f5:8d:f8:5b:24:7e:1f:ce:2e:f4:fb:e7:a1:e7:da:3f:6c:
cb:c0:35:9f:92:f6:18:ce:c8:64:e5:90:7b:84:44:73:83:d0:
84:42:cd:8b:38:14:be:19:56:7d:bd:2b:4d:9d:c1:46:e0:fe:
81:4d:38:8e:ad:3f:49:c6:e3:39:53:be:ea:27:d6:9f:9e:9e:
55:ea:8e:69:fc:c6:8a:ba:84:b0:df:fc:f2:6a:9d:e4:e4:32:
c4:3e:14:45:5f:ef:46:92:08:0f:ba:da:c6:64:25:0d:44:db:
09:00:49:e2:2e:ca:1e:9f:20:11:c2:6d:ee:91:72:2c:f6:d8:
cf:ea:79:71:51:75:3b:72:b6:8a:a0:1e:1a:55:84:4f:c1:dc:
c7:be:d9:98:cf:17:41:62:ee:ed:d3:e2:d9:c4:13:c7:8b:2a:
9a:ba:ed:25:22:95:8f:d7:f2:4a:c8:65:d4:3f:ea:1d:0c:3f:
4b:1a:03:0f:0f:0e:09:01:72:d8:30:3e:68:68:8b:24:94:12:
29:8c:c8:53:6c:99:41:b9:2d:7d:03:4b:ac:f0:5f:17:5c:61:
01:ec:b6:da:17:72:9c:04:1d:fa:ee:0a:76:e3:e8:a5:34:87:
a9:71:74:c9:65:48:82:60:8c:73:2c:a4:a5:22:fd:36:14:69:
ea:fd:da:91
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYSbLvS45bkioTBcDZhKQ+plMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMTIxMTcxNDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTAwY2IzZmQxYjdkZTg2NGY5N2UwMmMwNGI2MWYzMTQwM2UzYzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhcUk+8RzczAGf7iRGrGlr0iOODTL
V4E2t3+UeP4gdGBtpYJ8Aurs2EVSfZqzeI5eReL82ZjPmHwJtqKTST6kVssqszPm
Hfu7p39V2C8aHf2BH5DMaOla6/HgyLrL7OG06x3x3/UbX5FJfp5M+HSpVw0iV1XG
7m5A+rOZX+RNfUs1lPFa7rk/VaHUi455EmYW6pBVPlakGobuXzrIQ2CCjjhKv0BY
Sj8inmZdlP//+VyOHBRvnggqiFEmErc75TtsIXQA+Ks7plMcLKjD+MENIvuTM162
kKqgkFWsD2TPTuCb8QgEvUISippIQecnIlGjMzT+VAYrCHuEJzxxRJO7dwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCkAyz/Rt96GT5fgLAS2HzFAPjwsMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS1FETFA5RzMzb1pQbC1Bc0JMWWZNVUEtUEN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJr1jfhbJH4fzi70++eh
59o/bMvANZ+S9hjOyGTlkHuERHOD0IRCzYs4FL4ZVn29K02dwUbg/oFNOI6tP0nG
4zlTvuon1p+enlXqjmn8xoq6hLDf/PJqneTkMsQ+FEVf70aSCA+62sZkJQ1E2wkA
SeIuyh6fIBHCbe6Rciz22M/qeXFRdTtytoqgHhpVhE/B3Me+2ZjPF0Fi7u3T4tnE
E8eLKpq67SUilY/X8krIZdQ/6h0MP0saAw8PDgkBctgwPmhoiySUEimMyFNsmUG5
LX0DS6zwXxdcYQHsttoXcpwEHfruCnbj6KU0h6lxdMllSIJgjHMspKUi/TYUaer9
2pE=
-----END CERTIFICATE-----
Generated at Mon Jun 9 04:56:04 2025 by rpki-client