Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Q3ppwijTyBCtVHGgA8Wq8tqAo3Y.roa
File: Q3ppwijTyBCtVHGgA8Wq8tqAo3Y.roa (raw, json)
Hash identifier: Nrn9SP8DP9cvSQDsbM2YRhisobEFVXuypHJCOf4APiU=
Subject key identifier: 43:7A:69:C2:28:D3:C8:10:AD:54:71:A0:03:C5:AA:F2:DA:80:A3:76
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018512AEA4F558925278D5BB808C46C4B374
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Q3ppwijTyBCtVHGgA8Wq8tqAo3Y.roa
Signing time: Wed 14 Dec 2022 22:08:33 +0000
ROA not before: Wed 14 Dec 2022 22:08:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:12:ae:a4:f5:58:92:52:78:d5:bb:80:8c:46:c4:b3:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 14 22:08:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=437a69c228d3c810ad5471a003c5aaf2da80a376
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:17:73:ee:a6:2b:56:94:f4:cd:18:0f:93:87:
b8:a9:f1:35:17:f3:59:f3:43:cc:9d:31:a2:a7:99:
b4:4f:6f:70:60:bd:68:32:bb:f3:df:5f:60:55:96:
b2:8f:99:7f:e8:90:0a:82:a0:ac:8a:02:ec:fa:8d:
21:d7:03:97:f4:21:83:40:99:51:78:0e:e5:29:67:
da:96:37:89:d3:b1:e1:87:5a:09:18:c9:f8:f8:66:
bc:7b:27:d6:a6:d6:cf:6e:81:fe:e1:81:ec:4c:9d:
7b:2c:14:16:35:c7:6f:e7:50:be:44:97:ec:65:5d:
ea:10:da:21:0b:07:80:1e:54:23:6b:39:9f:f7:7c:
c1:34:14:af:43:e3:a1:68:00:99:73:e9:8b:10:17:
a5:9c:0b:ea:f0:ee:ce:a6:a9:b9:27:8f:54:2f:64:
b0:51:ab:72:3d:06:d4:3f:4f:dd:70:66:07:4a:4c:
f3:38:31:40:95:9d:b0:21:b0:16:2c:fd:80:f6:72:
ba:7f:a3:49:9a:6f:9c:86:31:db:d8:55:83:e2:bc:
6e:94:cc:81:72:75:d8:50:24:a9:8c:b6:af:28:ba:
4c:9f:d3:fd:56:a4:dc:4f:f9:9a:36:64:84:41:63:
51:aa:94:4f:5f:6a:98:d4:ef:f0:47:50:ec:fb:b4:
d2:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:7A:69:C2:28:D3:C8:10:AD:54:71:A0:03:C5:AA:F2:DA:80:A3:76
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Q3ppwijTyBCtVHGgA8Wq8tqAo3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a6:3e:a9:f7:70:f7:f1:a4:f4:d6:15:ef:5a:db:8b:43:04:7b:
0d:c8:9a:f9:70:bd:af:41:1d:e6:8d:27:46:18:47:ea:04:a8:
64:6a:71:b7:9b:27:13:27:35:b8:ca:6e:57:46:7a:01:48:26:
0a:58:e9:1d:a2:0f:be:22:b8:00:f1:1a:bc:71:1d:e0:d3:a6:
de:b0:70:4f:78:d5:93:3b:5b:5f:38:f2:ad:95:58:67:cc:a1:
8b:32:d8:eb:be:f6:ce:93:cc:b2:94:ba:be:d3:75:88:3a:50:
03:15:f5:a8:9d:ce:ee:1f:26:61:2b:f0:29:75:32:2d:6d:49:
13:f2:67:06:78:9e:9e:20:37:95:9f:e6:db:1e:91:a1:24:fd:
39:f3:8f:8f:96:4a:54:6d:0d:da:0d:10:1d:86:42:b5:71:5f:
a8:8b:2c:1f:a5:42:b2:a2:83:ef:4d:45:5a:cc:1a:fa:28:46:
99:59:ac:b2:f7:fb:00:a8:3f:f0:aa:06:ef:a7:f5:82:c9:1f:
e4:ba:d0:3b:f7:9e:0a:f7:3b:a6:04:e2:0d:a2:94:85:41:e8:
75:d2:e7:b8:ac:8d:30:36:87:00:6c:a0:59:d3:5b:cc:48:4f:
f8:97:b1:d3:3f:4f:dd:6c:9e:99:db:ac:0c:92:69:bb:b8:81:
e4:ae:e8:49
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUSrqT1WJJSeNW7gIxGxLN0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE0MjIwODMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzdhNjljMjI4ZDNjODEwYWQ1NDcxYTAwM2M1YWFmMmRhODBhMzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBdz7qYrVpT0zRgPk4e4qfE1F/NZ
80PMnTGip5m0T29wYL1oMrvz319gVZayj5l/6JAKgqCsigLs+o0h1wOX9CGDQJlR
eA7lKWfaljeJ07Hhh1oJGMn4+Ga8eyfWptbPboH+4YHsTJ17LBQWNcdv51C+RJfs
ZV3qENohCweAHlQjazmf93zBNBSvQ+OhaACZc+mLEBelnAvq8O7Opqm5J49UL2Sw
UatyPQbUP0/dcGYHSkzzODFAlZ2wIbAWLP2A9nK6f6NJmm+chjHb2FWD4rxulMyB
cnXYUCSpjLavKLpMn9P9VqTcT/maNmSEQWNRqpRPX2qY1O/wR1Ds+7TSuQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEN6acIo08gQrVRxoAPFqvLagKN2MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUTNwcHdpalR5QkN0VkhHZ0E4V3E4dHFBbzNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKY+qfdw9/Gk9NYV71rb
i0MEew3Imvlwva9BHeaNJ0YYR+oEqGRqcbebJxMnNbjKbldGegFIJgpY6R2iD74i
uADxGrxxHeDTpt6wcE941ZM7W1848q2VWGfMoYsy2Ou+9s6TzLKUur7TdYg6UAMV
9aidzu4fJmEr8Cl1Mi1tSRPyZwZ4np4gN5Wf5tsekaEk/Tnzj4+WSlRtDdoNEB2G
QrVxX6iLLB+lQrKig+9NRVrMGvooRplZrLL3+wCoP/CqBu+n9YLJH+S60Dv3ngr3
O6YE4g2ilIVB6HXS57isjTA2hwBsoFnTW8xIT/iXsdM/T91snpnbrAySabu4geSu
6Ek=
-----END CERTIFICATE-----
Generated at Wed Jun 11 21:58:42 2025 by rpki-client