
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KQNnOpANv-j_cAr2bYxMlSK5YGI.roa
File: KQNnOpANv-j_cAr2bYxMlSK5YGI.roa (raw, json)
Hash identifier: yW7Z54m7umNYde1sVxBdzh9bKLhXpIYsvzpszWGH+CI=
Subject key identifier: 29:03:67:3A:90:0D:BF:E8:FF:70:0A:F6:6D:8C:4C:95:22:B9:60:62
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01873EAB6D49AE608D9C23595BABC305218E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KQNnOpANv-j_cAr2bYxMlSK5YGI.roa
Signing time: Sat 01 Apr 2023 21:13:54 +0000
ROA not before: Sat 01 Apr 2023 21:13:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:3e:ab:6d:49:ae:60:8d:9c:23:59:5b:ab:c3:05:21:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 1 21:13:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2903673a900dbfe8ff700af66d8c4c9522b96062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:24:ab:b1:11:96:02:fd:4a:bc:87:27:dc:f6:
51:6b:60:dd:57:83:a7:5f:c8:a4:ee:df:64:42:ee:
16:fd:32:1b:c6:b4:42:c6:d7:d4:13:a6:c6:71:af:
7d:7a:0e:bb:e6:41:ad:34:45:8f:c1:da:4e:46:7b:
6b:dc:7b:47:9f:f1:b7:72:83:02:e7:a6:8e:5f:28:
d1:6a:c4:d9:2b:f9:b6:ed:44:48:16:2e:3f:81:0c:
02:8b:f3:0d:f9:ac:da:ad:2b:3f:0a:4b:c4:7c:27:
52:63:88:90:d4:99:7b:cf:03:2e:3b:62:4a:eb:33:
59:e5:65:d7:c8:c4:ba:7b:83:40:ea:d7:4a:56:76:
df:46:c5:72:6b:a3:a7:37:82:59:90:11:ae:35:88:
89:b2:b5:a8:5d:5b:1a:7b:74:e5:2b:48:b7:e3:b4:
88:9f:d0:59:c8:19:8a:e5:bb:5e:4b:41:9c:78:82:
84:25:12:79:21:c9:64:9e:a3:37:6d:60:b2:86:d6:
2f:bf:55:16:ab:fa:f8:ba:0e:82:01:b7:53:92:d0:
86:8c:68:3b:c1:ec:97:5d:96:3d:b6:4b:4a:72:71:
c9:9d:38:e7:09:0c:3f:37:28:4b:d5:93:52:f8:11:
d6:d1:69:22:f0:d2:82:c3:9d:a2:96:33:24:37:da:
a6:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:03:67:3A:90:0D:BF:E8:FF:70:0A:F6:6D:8C:4C:95:22:B9:60:62
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KQNnOpANv-j_cAr2bYxMlSK5YGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2a:0c:52:43:77:ab:ca:8e:20:33:a2:e3:e5:97:30:ba:e7:ea:
99:58:1d:60:de:54:b0:57:36:ac:ac:69:4e:41:38:35:88:f2:
05:a7:e2:36:35:00:4f:77:b9:56:74:46:53:48:ea:b2:fe:93:
44:98:27:20:bf:82:1e:65:73:a1:ba:38:08:7d:77:cc:ea:01:
a9:12:41:63:3c:6d:e1:0a:38:d6:08:fd:8f:fd:b3:76:86:11:
82:9d:14:50:dd:42:88:74:7e:ae:83:7b:61:4c:be:6d:8d:e9:
d3:e6:18:67:26:4b:ff:08:7c:d2:10:11:f2:ea:e7:d5:8c:5e:
1e:9c:ba:40:f9:d5:81:d6:5a:5a:b3:90:c8:95:4d:b6:5f:2a:
6d:3c:a5:c7:96:eb:e1:fa:79:30:fa:00:e1:38:fc:34:84:8c:
f7:ff:45:3d:01:f8:53:c4:dc:62:0f:ed:86:48:39:5b:26:15:
ba:c9:41:bc:6c:f1:61:08:5a:67:86:17:f5:3f:17:73:a3:a9:
4c:6c:ec:59:65:ed:66:83:1f:82:1a:46:dd:96:a4:8d:8c:ca:
73:37:4c:8d:bf:68:7f:db:45:54:df:4e:ff:aa:c2:9a:33:9c:
d9:f9:58:78:1d:f3:ea:2d:52:08:18:57:c1:c3:9a:c9:5b:69:
52:32:fb:38
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYc+q21JrmCNnCNZW6vDBSGOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDAxMjExMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTAzNjczYTkwMGRiZmU4ZmY3MDBhZjY2ZDhjNGM5NTIyYjk2MDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiSrsRGWAv1KvIcn3PZRa2DdV4On
X8ik7t9kQu4W/TIbxrRCxtfUE6bGca99eg675kGtNEWPwdpORntr3HtHn/G3coMC
56aOXyjRasTZK/m27URIFi4/gQwCi/MN+azarSs/CkvEfCdSY4iQ1Jl7zwMuO2JK
6zNZ5WXXyMS6e4NA6tdKVnbfRsVya6OnN4JZkBGuNYiJsrWoXVsae3TlK0i347SI
n9BZyBmK5bteS0GceIKEJRJ5IclknqM3bWCyhtYvv1UWq/r4ug6CAbdTktCGjGg7
weyXXZY9tktKcnHJnTjnCQw/NyhL1ZNS+BHW0Wki8NKCw52iljMkN9qmyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCkDZzqQDb/o/3AK9m2MTJUiuWBiMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS1FObk9wQU52LWpfY0FyMmJZeE1sU0s1WUdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACoMUkN3q8qOIDOi4+WX
MLrn6plYHWDeVLBXNqysaU5BODWI8gWn4jY1AE93uVZ0RlNI6rL+k0SYJyC/gh5l
c6G6OAh9d8zqAakSQWM8beEKONYI/Y/9s3aGEYKdFFDdQoh0fq6De2FMvm2N6dPm
GGcmS/8IfNIQEfLq59WMXh6cukD51YHWWlqzkMiVTbZfKm08pceW6+H6eTD6AOE4
/DSEjPf/RT0B+FPE3GIP7YZIOVsmFbrJQbxs8WEIWmeGF/U/F3OjqUxs7Fll7WaD
H4IaRt2WpI2MynM3TI2/aH/bRVTfTv+qwpoznNn5WHgd8+otUggYV8HDmslbaVIy
+zg=
-----END CERTIFICATE-----
Generated at Wed Jun 11 22:19:08 2025 by rpki-client