Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/N-qOwqTPDBdV88eq9UiiFXCWdxQ.roa
File: N-qOwqTPDBdV88eq9UiiFXCWdxQ.roa (raw, json)
Hash identifier: zFx4ejQe/C6JU2TpyXzEiU7Udiv4kF5TXi0pxpgGyEM=
Subject key identifier: 37:EA:8E:C2:A4:CF:0C:17:55:F3:C7:AA:F5:48:A2:15:70:96:77:14
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01878351B114BF3D72E8C7B798ECB2A46F3C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/N-qOwqTPDBdV88eq9UiiFXCWdxQ.roa
Signing time: Sat 15 Apr 2023 05:09:41 +0000
ROA not before: Sat 15 Apr 2023 05:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:83:51:b1:14:bf:3d:72:e8:c7:b7:98:ec:b2:a4:6f:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 15 05:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37ea8ec2a4cf0c1755f3c7aaf548a21570967714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c8:ae:2c:c2:93:29:82:5c:3a:0c:35:50:0f:
3e:79:08:93:4a:0d:87:21:8a:13:95:6c:33:c9:17:
2a:b4:e3:c5:b7:7a:9b:c1:43:30:1b:55:cd:fe:e4:
09:4c:61:cb:77:b0:3e:4f:13:66:af:73:ad:be:b3:
fa:d3:11:3b:f1:ca:bf:fc:3c:f4:bc:10:69:f2:89:
50:75:d5:1b:9a:73:ad:35:7d:a7:93:7b:6d:7b:2a:
88:a2:83:d1:f3:67:51:a4:ba:4c:e5:45:9e:f8:92:
2e:9b:c9:0d:6f:97:0b:66:bf:74:f3:36:b8:7c:8a:
7d:87:13:28:3c:5b:ab:cc:cf:17:92:0d:e8:17:52:
7e:de:3c:c0:3f:37:80:e9:96:a8:1c:20:00:fe:6c:
22:00:ee:78:94:cc:de:ba:29:2b:b8:23:a8:2d:a7:
ce:b4:09:c2:3c:9a:83:c1:75:b0:2b:5e:5c:ff:e4:
93:ba:b7:c6:f8:14:0f:33:5d:5e:35:ea:cf:93:6f:
33:32:1c:7e:48:fa:22:e0:c9:6b:e9:d2:68:55:4d:
16:3b:88:0d:6d:d8:6e:93:7b:08:ab:ec:33:c7:89:
d8:14:da:bd:f8:42:bf:41:4c:cc:20:bd:dc:05:ed:
69:42:4f:72:13:59:56:ab:4f:50:82:fe:43:2c:5b:
e9:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:EA:8E:C2:A4:CF:0C:17:55:F3:C7:AA:F5:48:A2:15:70:96:77:14
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/N-qOwqTPDBdV88eq9UiiFXCWdxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
77:b7:67:ed:24:8c:70:8d:25:7e:5c:8b:01:04:30:43:ab:e3:
b2:2b:aa:f4:ac:40:3c:b0:50:8f:91:ab:c2:a3:d1:5d:c8:df:
0b:1d:3f:8c:0e:2c:26:93:1b:b5:7a:9b:4f:df:2e:be:42:d5:
d2:9f:e3:dd:0f:d8:86:29:5b:54:b4:04:2c:cf:e9:26:5a:e7:
ef:12:ea:57:ec:5e:ba:f7:86:c4:86:9a:5a:fb:75:bf:42:1f:
71:68:a7:0c:92:59:d3:ca:42:00:ed:c4:9f:33:ef:aa:f7:e3:
53:56:e7:6c:0c:47:d7:48:e6:50:06:06:73:83:46:ae:8a:93:
c0:07:af:8d:5e:49:b2:a6:00:85:1f:a6:e9:ae:b7:45:b3:d5:
f4:17:18:30:02:35:5f:8a:ae:ec:0a:32:c5:3a:6d:65:33:a6:
ad:45:29:24:a2:ea:8d:6b:1f:08:84:0a:bf:fc:d9:80:70:4f:
50:4b:a2:6b:e4:70:e2:16:f7:de:84:52:b3:d0:a3:69:02:e5:
a2:c7:98:f8:70:90:ae:f3:14:2c:25:0d:8a:cb:ce:33:91:67:
4f:c7:d2:e6:99:b0:7c:4c:53:b5:f7:72:54:1e:e0:b4:38:18:
a7:47:e4:37:1c:5c:c2:cd:18:a3:4e:34:f7:15:c1:7e:12:4b:
5d:2c:0e:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYeDUbEUvz1y6Me3mOyypG88MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDE1MDUwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2VhOGVjMmE0Y2YwYzE3NTVmM2M3YWFmNTQ4YTIxNTcwOTY3NzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlciuLMKTKYJcOgw1UA8+eQiTSg2H
IYoTlWwzyRcqtOPFt3qbwUMwG1XN/uQJTGHLd7A+TxNmr3OtvrP60xE78cq//Dz0
vBBp8olQddUbmnOtNX2nk3tteyqIooPR82dRpLpM5UWe+JIum8kNb5cLZr908za4
fIp9hxMoPFurzM8Xkg3oF1J+3jzAPzeA6ZaoHCAA/mwiAO54lMzeuikruCOoLafO
tAnCPJqDwXWwK15c/+STurfG+BQPM11eNerPk28zMhx+SPoi4Mlr6dJoVU0WO4gN
bdhuk3sIq+wzx4nYFNq9+EK/QUzMIL3cBe1pQk9yE1lWq09Qgv5DLFvpnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDfqjsKkzwwXVfPHqvVIohVwlncUMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTi1xT3dxVFBEQmRWODhlcTlVaWlGWENXZHhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHe3Z+0kjHCNJX5ciwEE
MEOr47IrqvSsQDywUI+Rq8Kj0V3I3wsdP4wOLCaTG7V6m0/fLr5C1dKf490P2IYp
W1S0BCzP6SZa5+8S6lfsXrr3hsSGmlr7db9CH3FopwySWdPKQgDtxJ8z76r341NW
52wMR9dI5lAGBnODRq6Kk8AHr41eSbKmAIUfpumut0Wz1fQXGDACNV+KruwKMsU6
bWUzpq1FKSSi6o1rHwiECr/82YBwT1BLomvkcOIW996EUrPQo2kC5aLHmPhwkK7z
FCwlDYrLzjORZ0/H0uaZsHxMU7X3clQe4LQ4GKdH5DccXMLNGKNONPcVwX4SS10s
DmI=
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:34:56 2025 by rpki-client