Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QUXFqVqCCv6bpjHma-R5INnaLdU.roa
File: QUXFqVqCCv6bpjHma-R5INnaLdU.roa (raw, json)
Hash identifier: SmYv5WjjlPoijwlTZnUCxzfaQYXOZ8+CpFWsQpkKNIY=
Subject key identifier: 41:45:C5:A9:5A:82:0A:FE:9B:A6:31:E6:6B:E4:79:20:D9:DA:2D:D5
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01831D3A4F8A898350B5D90027BDD5E48B62
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QUXFqVqCCv6bpjHma-R5INnaLdU.roa
Signing time: Thu 08 Sep 2022 13:11:44 +0000
ROA not before: Thu 08 Sep 2022 13:11:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:183:1279:659d/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:1d:3a:4f:8a:89:83:50:b5:d9:00:27:bd:d5:e4:8b:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 8 13:11:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4145c5a95a820afe9ba631e66be47920d9da2dd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:3e:a6:2d:2e:6f:8d:0a:12:1d:47:ba:ed:2d:
3f:ab:37:28:98:39:ce:25:8c:f6:7b:35:00:5f:77:
52:87:b5:2e:85:43:eb:68:8d:87:05:0f:1d:c7:6c:
1c:23:15:19:be:e7:83:3f:43:8d:fd:24:cd:6d:d0:
fd:54:60:63:3a:a2:f3:41:f7:c6:76:02:fb:67:86:
04:b8:d6:21:a4:e9:4e:95:d3:ef:c0:16:b7:e0:d1:
44:76:ef:df:46:26:10:f8:00:b9:da:db:ab:43:1d:
f4:86:83:1c:70:c1:6f:ee:46:89:79:cb:4d:4b:e1:
ab:8f:98:4d:d0:0d:aa:3d:00:74:fc:d4:56:1c:9f:
4f:47:a4:a4:01:ed:1b:f3:a9:54:65:35:aa:8d:c9:
bb:fe:85:bc:10:a3:4e:f0:ed:db:81:d8:1b:da:00:
88:1c:e4:d7:c9:47:7f:97:ff:86:7b:5f:20:7e:36:
03:52:7f:39:7a:3f:8e:27:0b:3e:93:9e:1a:f6:d7:
8c:cc:e6:6a:e7:d4:14:d1:c3:4b:4b:d6:f7:25:6d:
54:65:69:22:11:f8:63:21:31:38:e2:a5:76:b9:7c:
c8:0f:ac:9d:2f:c7:52:13:39:ed:5b:79:66:f7:43:
31:ac:5d:76:a0:11:be:d5:49:7a:ad:ed:cd:b6:b1:
aa:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:45:C5:A9:5A:82:0A:FE:9B:A6:31:E6:6B:E4:79:20:D9:DA:2D:D5
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QUXFqVqCCv6bpjHma-R5INnaLdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b2:2d:e5:c3:f7:eb:76:d1:7c:ad:32:92:6c:ca:aa:6c:82:c8:
ea:2a:6a:b3:1e:e0:cd:8b:54:ae:15:25:e1:92:d9:dc:a3:fd:
27:d7:5f:5a:24:d5:08:77:2f:ec:9c:78:e8:ec:47:e8:fb:14:
79:84:50:92:e0:bc:4c:80:05:e9:68:15:12:4c:b2:bc:d2:ff:
f4:1c:b5:07:1c:e3:03:cc:e3:d2:50:1c:5a:47:41:69:a2:40:
e5:c0:e1:28:b5:e5:b5:da:b4:6a:00:db:25:e7:8b:20:71:d3:
c6:7a:77:f6:b9:f7:17:46:4b:1c:aa:f9:92:74:bb:c6:34:be:
16:f3:2d:dc:92:3b:1f:39:3a:42:2b:a7:b2:28:e0:12:6f:5a:
d7:f5:c3:6f:d8:0a:04:d9:cf:1b:12:9e:b5:15:60:84:ac:8c:
a7:80:70:02:6e:f2:77:d8:67:1c:15:ca:60:ac:d4:9e:ce:09:
15:53:b1:63:7e:ff:41:5e:cb:6c:50:d7:bb:68:6f:85:a2:5d:
60:57:43:ef:ad:7f:b4:67:ca:76:e7:3c:36:11:bf:b7:f8:79:
ef:cc:e9:c7:54:96:4e:65:02:81:b5:38:22:92:41:5f:0c:ee:
6d:ed:96:89:8c:2b:fe:d4:c6:dd:92:c9:63:da:99:77:98:be:
cd:c9:a5:9d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMdOk+KiYNQtdkAJ73V5ItiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTA4MTMxMTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTQ1YzVhOTVhODIwYWZlOWJhNjMxZTY2YmU0NzkyMGQ5ZGEyZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8j6mLS5vjQoSHUe67S0/qzcomDnO
JYz2ezUAX3dSh7UuhUPraI2HBQ8dx2wcIxUZvueDP0ON/STNbdD9VGBjOqLzQffG
dgL7Z4YEuNYhpOlOldPvwBa34NFEdu/fRiYQ+AC52turQx30hoMccMFv7kaJectN
S+Grj5hN0A2qPQB0/NRWHJ9PR6SkAe0b86lUZTWqjcm7/oW8EKNO8O3bgdgb2gCI
HOTXyUd/l/+Ge18gfjYDUn85ej+OJws+k54a9teMzOZq59QU0cNLS9b3JW1UZWki
EfhjITE44qV2uXzID6ydL8dSEzntW3lm90MxrF12oBG+1Ul6re3NtrGqYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEFFxalaggr+m6Yx5mvkeSDZ2i3VMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUVVYRnFWcUNDdjZicGpIbWEtUjVJTm5hTGRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALIt5cP363bRfK0ykmzK
qmyCyOoqarMe4M2LVK4VJeGS2dyj/SfXX1ok1Qh3L+yceOjsR+j7FHmEUJLgvEyA
BeloFRJMsrzS//QctQcc4wPM49JQHFpHQWmiQOXA4Si15bXatGoA2yXniyBx08Z6
d/a59xdGSxyq+ZJ0u8Y0vhbzLdySOx85OkIrp7Io4BJvWtf1w2/YCgTZzxsSnrUV
YISsjKeAcAJu8nfYZxwVymCs1J7OCRVTsWN+/0Fey2xQ17tob4WiXWBXQ++tf7Rn
ynbnPDYRv7f4ee/M6cdUlk5lAoG1OCKSQV8M7m3tlomMK/7Uxt2SyWPamXeYvs3J
pZ0=
-----END CERTIFICATE-----
Generated at Wed Jun 11 11:04:50 2025 by rpki-client