Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QV4zOaj8b8lgOiulSInIdpjx-OQ.roa
File: QV4zOaj8b8lgOiulSInIdpjx-OQ.roa (raw, json)
Hash identifier: 8Qe4OgB6iVNQ1d6obh5FUZWPMYtsZR7GfhQj/rfbOZ0=
Subject key identifier: 41:5E:33:39:A8:FC:6F:C9:60:3A:2B:A5:48:89:C8:76:98:F1:F8:E4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185699616821167C5AA2AF8C8099D74665C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QV4zOaj8b8lgOiulSInIdpjx-OQ.roa
Signing time: Sat 31 Dec 2022 19:08:41 +0000
ROA not before: Sat 31 Dec 2022 19:08:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:69:96:16:82:11:67:c5:aa:2a:f8:c8:09:9d:74:66:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 31 19:08:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=415e3339a8fc6fc9603a2ba54889c87698f1f8e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b9:c0:86:63:f1:d6:bb:53:43:92:5e:8a:f3:
3f:9e:ba:9c:77:51:fd:46:c5:50:4f:56:c7:a4:1c:
49:f5:98:be:78:e5:0a:63:35:bf:59:10:a6:2d:e2:
23:7a:38:c6:37:f6:99:8c:45:aa:8a:6a:65:c0:e1:
73:07:1b:28:19:f9:6a:d6:c8:d3:35:02:3d:12:0b:
92:4e:16:5d:7c:95:7b:4b:26:9d:4f:5a:89:38:2d:
2c:4e:10:ac:c3:bf:7e:88:a8:eb:1c:fd:27:4b:67:
ef:cd:96:1a:c8:6a:4d:10:f6:be:cd:b2:d5:68:ae:
ea:d7:e0:20:f0:52:82:a4:bf:89:33:88:4f:6d:ff:
2d:87:47:23:70:fb:bd:ed:b3:88:8c:24:1a:42:a6:
29:ae:05:0c:08:03:00:4a:a9:a0:f5:8c:ec:f2:ae:
a3:7b:7e:32:e8:54:ae:b0:b9:de:a3:2c:28:cb:84:
cb:51:45:95:74:ed:0a:9e:62:d7:55:25:95:c9:7f:
a4:4b:27:3a:a3:5c:58:f6:e4:d1:60:98:3b:d3:89:
e9:86:2d:0b:65:c7:28:ae:2a:38:d7:b0:f0:f5:0c:
52:c2:6b:74:ee:eb:94:11:55:d4:eb:b9:60:7b:21:
f1:d3:49:c9:ec:12:8d:77:ad:7c:de:3f:ba:e1:26:
f4:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:5E:33:39:A8:FC:6F:C9:60:3A:2B:A5:48:89:C8:76:98:F1:F8:E4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QV4zOaj8b8lgOiulSInIdpjx-OQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0f:48:19:28:f1:60:94:ae:97:40:cc:b6:6f:70:bc:50:40:aa:
63:c8:10:58:78:5b:b6:d2:51:fa:84:80:b7:8a:03:13:28:24:
17:74:07:5f:7a:b1:9c:9d:e2:98:f6:88:4a:71:dd:ee:56:1f:
9a:f1:7b:33:a9:c6:dc:6b:c0:ae:6b:95:a4:a5:e3:ac:ac:a9:
e4:8e:fb:08:e0:09:ee:21:f9:52:fd:87:f8:f5:8a:1d:79:d8:
f8:62:31:ba:61:ae:90:be:b0:7b:05:75:aa:a0:51:1e:48:f5:
86:e8:ca:d6:4a:57:c2:2e:7c:96:85:be:49:27:cd:fd:a1:d3:
01:fe:39:0f:0f:20:4b:0f:7a:e9:85:1b:39:1c:05:41:de:fc:
9a:b7:7d:86:1e:b3:5a:9e:d1:65:3f:e2:28:1f:5a:b8:2f:4e:
99:3d:fd:1b:47:3f:d5:77:f3:06:19:7f:aa:20:c4:02:b9:9d:
52:82:fd:5f:42:b7:ae:b6:14:ac:ef:ba:3f:69:07:55:ad:af:
94:c9:d3:0f:b0:99:e9:a6:ce:08:f4:b8:7f:4e:f3:98:1a:ec:
7b:cf:84:d1:c9:58:5b:25:80:4c:20:7d:cd:e3:d3:49:ae:e8:
d6:53:9b:ed:41:13:64:02:1b:5c:0e:6b:74:6a:23:29:0f:2c:
ac:6c:68:dd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVplhaCEWfFqir4yAmddGZcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjMxMTkwODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTVlMzMzOWE4ZmM2ZmM5NjAzYTJiYTU0ODg5Yzg3Njk4ZjFmOGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLnAhmPx1rtTQ5JeivM/nrqcd1H9
RsVQT1bHpBxJ9Zi+eOUKYzW/WRCmLeIjejjGN/aZjEWqimplwOFzBxsoGflq1sjT
NQI9EguSThZdfJV7SyadT1qJOC0sThCsw79+iKjrHP0nS2fvzZYayGpNEPa+zbLV
aK7q1+Ag8FKCpL+JM4hPbf8th0cjcPu97bOIjCQaQqYprgUMCAMASqmg9Yzs8q6j
e34y6FSusLneoywoy4TLUUWVdO0KnmLXVSWVyX+kSyc6o1xY9uTRYJg704nphi0L
Zccorio417Dw9QxSwmt07uuUEVXU67lgeyHx00nJ7BKNd6183j+64Sb0uQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEFeMzmo/G/JYDorpUiJyHaY8fjkMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUVY0ek9hajhiOGxnT2l1bFNJbklkcGp4LU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA9IGSjxYJSul0DMtm9w
vFBAqmPIEFh4W7bSUfqEgLeKAxMoJBd0B196sZyd4pj2iEpx3e5WH5rxezOpxtxr
wK5rlaSl46ysqeSO+wjgCe4h+VL9h/j1ih152PhiMbphrpC+sHsFdaqgUR5I9Ybo
ytZKV8IufJaFvkknzf2h0wH+OQ8PIEsPeumFGzkcBUHe/Jq3fYYes1qe0WU/4igf
WrgvTpk9/RtHP9V38wYZf6ogxAK5nVKC/V9Ct662FKzvuj9pB1Wtr5TJ0w+wmemm
zgj0uH9O85ga7HvPhNHJWFslgEwgfc3j00mu6NZTm+1BE2QCG1wOa3RqIykPLKxs
aN0=
-----END CERTIFICATE-----
Generated at Sun Jun 8 22:50:12 2025 by rpki-client