Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QNlkV57nATPcBQZPaeOjUkMOkpY.roa
File: QNlkV57nATPcBQZPaeOjUkMOkpY.roa (raw, json)
Hash identifier: WIy6FSdniHOhuQazA3gLf2GGthaboTGqXchqoddnXvo=
Subject key identifier: 40:D9:64:57:9E:E7:01:33:DC:05:06:4F:69:E3:A3:52:43:0E:92:96
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01850BD0D3C43F236BB35C6C70D1909D3B6D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QNlkV57nATPcBQZPaeOjUkMOkpY.roa
Signing time: Tue 13 Dec 2022 14:08:33 +0000
ROA not before: Tue 13 Dec 2022 14:08:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0b:d0:d3:c4:3f:23:6b:b3:5c:6c:70:d1:90:9d:3b:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 13 14:08:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40d964579ee70133dc05064f69e3a352430e9296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d4:69:ca:bb:bb:16:1e:3d:73:89:62:57:54:
64:e7:e4:80:01:a9:58:d6:f7:0a:51:ed:c6:cf:9a:
e8:8b:f5:6a:cd:c9:f5:1e:1a:af:bb:e9:c1:bd:99:
5f:c2:78:b8:02:c8:0c:b6:a1:a5:2f:fc:56:89:5e:
06:8a:c4:43:c6:b8:43:40:9d:96:0e:eb:20:50:0f:
85:e8:33:cc:75:6a:c5:c5:4a:8c:4a:40:4c:36:51:
83:8c:1d:ab:9d:a0:fe:13:b3:a1:f3:96:70:48:b1:
17:7b:07:65:18:e9:e5:55:b9:14:cf:74:dd:5f:bb:
c1:50:e9:f2:70:c2:3c:7e:dd:ac:f3:b2:b4:d7:c9:
01:ad:76:6a:b3:33:96:31:ba:e3:b9:e7:85:dd:aa:
b4:f7:cb:20:32:6d:78:d2:13:ef:0b:9d:4e:aa:a7:
ea:dc:0e:d2:56:95:f3:7f:50:24:bd:11:10:e3:64:
c9:55:1f:11:5e:d3:48:9f:76:e9:fb:24:c8:1d:ec:
14:8d:14:54:e8:99:42:3d:bb:c4:f8:db:28:34:47:
33:c6:44:93:39:ff:b1:51:0e:d6:ef:cd:b7:c4:c3:
c8:be:a2:de:84:86:c9:5f:13:8d:92:3b:61:27:7f:
a5:45:62:9e:0c:15:d9:d4:c8:6e:87:b0:d9:22:4e:
43:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D9:64:57:9E:E7:01:33:DC:05:06:4F:69:E3:A3:52:43:0E:92:96
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QNlkV57nATPcBQZPaeOjUkMOkpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
78:9e:b8:90:ab:03:a0:04:6a:4b:d9:60:f7:ae:ed:0b:ea:05:
39:5d:0e:bb:c0:05:35:10:ac:4b:4a:bf:c1:56:64:b3:d3:48:
43:6d:93:72:49:d2:00:1e:b9:52:a6:b7:e5:6a:a9:33:11:f1:
14:02:4c:f5:c4:82:84:81:61:f0:24:3a:82:80:1f:17:46:02:
66:3e:64:2a:f1:4e:b4:bc:d7:dd:cd:e9:a3:f3:d0:31:ff:53:
29:7b:db:f1:56:0a:20:b7:7b:56:d2:32:4b:62:26:a3:27:7e:
a1:55:be:8b:09:f7:27:ee:29:60:43:ca:c9:87:08:85:0d:f1:
e0:98:41:7e:18:19:62:8b:2d:ee:ef:1e:c4:14:9a:64:ed:4c:
83:0a:8f:1f:26:11:4f:11:05:40:57:40:59:00:4f:44:74:d6:
44:f7:53:e9:94:a9:d1:e9:55:f8:d4:52:2c:b7:23:cd:a2:79:
e2:0e:4f:97:22:bc:9e:f8:4a:04:0a:95:ea:18:df:d8:74:b3:
26:98:90:ed:2f:1e:91:1c:21:b8:4c:be:0c:d0:5b:17:8c:c7:
98:00:bd:69:2b:5c:93:3b:62:c8:a4:f6:d0:f3:43:f6:41:41:
de:b1:de:47:63:37:ad:e0:cf:7c:29:e3:bd:19:11:e5:a7:c5:
10:64:f3:b5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUL0NPEPyNrs1xscNGQnTttMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjEzMTQwODMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGQ5NjQ1NzllZTcwMTMzZGMwNTA2NGY2OWUzYTM1MjQzMGU5Mjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztRpyru7Fh49c4liV1Rk5+SAAalY
1vcKUe3Gz5roi/Vqzcn1Hhqvu+nBvZlfwni4AsgMtqGlL/xWiV4GisRDxrhDQJ2W
DusgUA+F6DPMdWrFxUqMSkBMNlGDjB2rnaD+E7Oh85ZwSLEXewdlGOnlVbkUz3Td
X7vBUOnycMI8ft2s87K018kBrXZqszOWMbrjueeF3aq098sgMm140hPvC51Oqqfq
3A7SVpXzf1AkvREQ42TJVR8RXtNIn3bp+yTIHewUjRRU6JlCPbvE+NsoNEczxkST
Of+xUQ7W7823xMPIvqLehIbJXxONkjthJ3+lRWKeDBXZ1Mhuh7DZIk5DDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEDZZFee5wEz3AUGT2njo1JDDpKWMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUU5sa1Y1N25BVFBjQlFaUGFlT2pVa01Pa3BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHieuJCrA6AEakvZYPeu
7QvqBTldDrvABTUQrEtKv8FWZLPTSENtk3JJ0gAeuVKmt+VqqTMR8RQCTPXEgoSB
YfAkOoKAHxdGAmY+ZCrxTrS8193N6aPz0DH/Uyl72/FWCiC3e1bSMktiJqMnfqFV
vosJ9yfuKWBDysmHCIUN8eCYQX4YGWKLLe7vHsQUmmTtTIMKjx8mEU8RBUBXQFkA
T0R01kT3U+mUqdHpVfjUUiy3I82ieeIOT5civJ74SgQKleoY39h0syaYkO0vHpEc
IbhMvgzQWxeMx5gAvWkrXJM7Ysik9tDzQ/ZBQd6x3kdjN63gz3wp470ZEeWnxRBk
87U=
-----END CERTIFICATE-----
Generated at Wed Jun 11 13:41:12 2025 by rpki-client