Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QB5TBb2p9qvh_kkoehrNBXjzxXc.roa
File: QB5TBb2p9qvh_kkoehrNBXjzxXc.roa (raw, json)
Hash identifier: /biosvH6s1KkdnO3nDlt0e1dPiPE0aspMoaUBbcMcGU=
Subject key identifier: 40:1E:53:05:BD:A9:F6:AB:E1:FE:49:28:7A:1A:CD:05:78:F3:C5:77
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185677388A9607198A32F9561242D0E700C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QB5TBb2p9qvh_kkoehrNBXjzxXc.roa
Signing time: Sat 31 Dec 2022 09:11:42 +0000
ROA not before: Sat 31 Dec 2022 09:11:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:67:73:88:a9:60:71:98:a3:2f:95:61:24:2d:0e:70:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 31 09:11:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=401e5305bda9f6abe1fe49287a1acd0578f3c577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:56:88:15:9d:08:f4:28:c5:51:93:c7:a2:4a:
e8:25:bc:af:ff:93:ba:19:28:aa:96:5a:a1:43:74:
bf:e3:66:dc:ae:54:c5:95:5c:07:93:db:d7:93:78:
dd:fe:ea:e5:93:80:ff:da:50:d8:2b:e0:28:fb:d3:
34:12:59:17:da:7f:0a:24:6d:c3:d5:d7:e6:b0:fb:
05:59:b5:76:0a:84:2d:91:94:e4:1e:78:92:f4:fe:
97:e4:cc:c8:7b:fa:bf:49:d5:7b:6b:2f:f5:8c:29:
5e:10:94:1d:b8:ca:91:eb:c8:e6:fb:fe:3a:00:2c:
5b:02:91:3d:c4:70:de:aa:de:4a:e7:54:2c:07:db:
5e:c6:28:ea:a3:e5:8e:36:ef:52:0b:97:05:f2:52:
12:92:7a:9d:1f:3a:7c:18:c4:aa:98:3d:19:42:4d:
0b:b4:95:23:82:66:a1:b6:7a:58:89:17:a3:47:4e:
7a:3d:41:ba:41:aa:9a:1c:71:09:a8:c4:9f:84:67:
38:cf:44:ff:94:f3:8b:ab:a9:e0:fc:06:60:85:2d:
14:ed:3b:4c:34:78:7e:f4:e2:d9:a5:b0:62:49:1b:
3a:7f:71:ab:da:e4:c0:33:8f:b5:f4:05:6b:43:9a:
9d:fc:c9:cf:d5:2a:32:93:c4:31:93:9d:54:b0:c7:
3b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:1E:53:05:BD:A9:F6:AB:E1:FE:49:28:7A:1A:CD:05:78:F3:C5:77
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QB5TBb2p9qvh_kkoehrNBXjzxXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
79:9b:7a:99:0b:12:07:28:3b:dd:1b:91:22:ce:8d:00:16:a4:
d5:4a:5c:40:c7:03:b2:03:4d:69:06:3a:04:e7:79:c9:be:b9:
b0:15:01:db:3c:99:2e:f9:1a:cf:4c:32:be:81:d0:f3:26:e3:
d5:70:bb:45:2a:0a:94:d6:91:4f:66:3f:56:7b:87:85:34:3d:
93:41:aa:f6:1b:7a:5d:cb:5b:4e:47:24:0b:d4:83:e0:b0:62:
c8:ad:2f:a9:7f:f6:e6:1d:01:95:71:9d:87:a5:5d:23:2f:da:
9b:7a:fc:db:c9:5f:b4:b5:56:1e:78:f4:71:03:47:61:13:be:
7c:e4:41:c0:4f:3e:6c:4c:46:cf:33:e5:57:10:ac:d2:35:58:
c5:d5:77:04:4c:6a:b2:1f:30:a5:17:e6:0e:57:35:2c:88:76:
60:c9:f1:a4:6b:ff:87:26:fe:32:b2:00:19:73:2a:23:5c:95:
c0:35:d4:ce:f8:26:d7:62:02:b3:00:d5:f2:be:3b:01:48:75:
18:c0:a1:33:53:91:b1:a4:85:9c:6d:cc:b5:05:92:97:b6:ac:
96:a2:94:78:a8:b4:82:6f:6e:e8:00:72:84:cf:7f:d7:e7:45:
b4:d0:68:f8:56:a4:1e:9e:e1:5d:7d:6e:c1:11:7d:87:e2:19:
c0:42:f0:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVnc4ipYHGYoy+VYSQtDnAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjMxMDkxMTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDFlNTMwNWJkYTlmNmFiZTFmZTQ5Mjg3YTFhY2QwNTc4ZjNjNTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFaIFZ0I9CjFUZPHokroJbyv/5O6
GSiqllqhQ3S/42bcrlTFlVwHk9vXk3jd/urlk4D/2lDYK+Ao+9M0ElkX2n8KJG3D
1dfmsPsFWbV2CoQtkZTkHniS9P6X5MzIe/q/SdV7ay/1jCleEJQduMqR68jm+/46
ACxbApE9xHDeqt5K51QsB9texijqo+WONu9SC5cF8lISknqdHzp8GMSqmD0ZQk0L
tJUjgmahtnpYiRejR056PUG6QaqaHHEJqMSfhGc4z0T/lPOLq6ng/AZghS0U7TtM
NHh+9OLZpbBiSRs6f3Gr2uTAM4+19AVrQ5qd/MnP1Soyk8Qxk51UsMc71wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEAeUwW9qfar4f5JKHoazQV488V3MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUUI1VEJiMnA5cXZoX2trb2Vock5CWGp6eFhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHmbepkLEgcoO90bkSLO
jQAWpNVKXEDHA7IDTWkGOgTnecm+ubAVAds8mS75Gs9MMr6B0PMm49Vwu0UqCpTW
kU9mP1Z7h4U0PZNBqvYbel3LW05HJAvUg+CwYsitL6l/9uYdAZVxnYelXSMv2pt6
/NvJX7S1Vh549HEDR2ETvnzkQcBPPmxMRs8z5VcQrNI1WMXVdwRMarIfMKUX5g5X
NSyIdmDJ8aRr/4cm/jKyABlzKiNclcA11M74JtdiArMA1fK+OwFIdRjAoTNTkbGk
hZxtzLUFkpe2rJailHiotIJvbugAcoTPf9fnRbTQaPhWpB6e4V19bsERfYfiGcBC
8D8=
-----END CERTIFICATE-----
Generated at Wed Jun 11 12:54:51 2025 by rpki-client