Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QaSCJzHr0yzdO7Uddi4V61rHL08.roa
File: QaSCJzHr0yzdO7Uddi4V61rHL08.roa (raw, json)
Hash identifier: o3mM9lO+uRChncgf4JABydkwO7HGg2RTY2NoV38Una4=
Subject key identifier: 41:A4:82:27:31:EB:D3:2C:DD:3B:B5:1D:76:2E:15:EB:5A:C7:2F:4F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01869F3DBE7AAA95307C0EB74171EA754864
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QaSCJzHr0yzdO7Uddi4V61rHL08.roa
Signing time: Wed 01 Mar 2023 22:14:29 +0000
ROA not before: Wed 01 Mar 2023 22:14:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9f:3d:be:7a:aa:95:30:7c:0e:b7:41:71:ea:75:48:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 1 22:14:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41a4822731ebd32cdd3bb51d762e15eb5ac72f4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:7d:53:d6:87:22:11:d9:af:69:a2:5b:f5:fd:
03:2b:49:90:ef:60:4f:d3:fa:58:0f:93:dd:2e:f6:
f7:fa:9d:1b:41:0f:ea:a4:85:a9:97:44:02:24:bf:
43:b2:01:8f:07:53:d2:1b:4e:0b:5e:a6:f6:5d:46:
ad:39:d5:58:01:4b:c5:9f:d1:5a:a4:81:ef:43:34:
f6:3b:bc:ea:79:0a:08:d0:55:b7:0d:0f:1d:33:dc:
ad:77:c1:ea:d3:8f:35:a7:08:4c:68:01:89:6c:96:
ae:60:30:20:28:cf:28:16:ca:6e:66:8f:c2:24:69:
e6:1d:69:7e:7e:5a:15:81:de:18:0b:07:6d:4d:2e:
2f:8f:ac:66:25:6c:7b:05:88:25:8b:c7:bb:3b:4e:
66:eb:de:82:db:0e:14:05:b9:2f:58:9b:74:05:b1:
6a:74:b4:1b:14:20:f0:66:05:41:19:87:05:e1:5b:
3e:d8:44:cb:6e:0c:0f:4d:8d:33:21:4d:9a:b2:e2:
67:05:e0:68:e8:f7:20:1d:9a:fc:b4:c0:b3:d9:88:
04:62:bf:ed:52:81:81:be:b4:b7:2e:0e:e6:a1:a0:
dd:54:c2:0c:88:0c:bf:57:81:e7:0a:b2:d4:bb:86:
5d:3a:9a:d4:6c:b6:33:1a:6d:94:e3:59:89:a8:b5:
fd:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:A4:82:27:31:EB:D3:2C:DD:3B:B5:1D:76:2E:15:EB:5A:C7:2F:4F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/QaSCJzHr0yzdO7Uddi4V61rHL08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
92:58:98:5d:9b:b0:eb:78:16:ab:8d:8a:f1:96:a4:dd:50:64:
9a:59:a0:3c:7a:71:29:5f:e8:48:fb:02:c2:12:34:d1:60:5a:
36:61:85:be:a2:e9:3c:4b:25:54:3d:ca:65:f1:24:c7:58:45:
08:3c:d6:90:b9:43:2f:41:90:11:bb:a1:66:c4:48:a2:ef:59:
a4:00:2b:45:cd:10:27:52:8b:fe:b2:c1:69:a3:f4:2b:bd:d3:
c3:44:b8:5d:e9:ef:eb:5c:de:80:04:11:8c:01:b0:ae:c3:4b:
bd:48:7c:7c:c4:93:7e:13:51:55:6a:7c:d7:4b:2a:9b:58:1a:
a3:b4:87:af:45:70:ca:fb:f0:83:aa:33:50:d9:00:d1:bf:58:
27:14:ce:24:50:10:1d:97:96:85:59:9b:51:b9:56:b8:08:e4:
e9:e9:74:f7:f7:3b:9e:0c:7e:70:ac:1c:be:7d:1a:3e:1c:68:
21:61:34:ee:e5:02:c1:c4:19:4c:67:0c:92:53:eb:47:60:25:
7e:ee:3c:54:c8:a1:8e:cf:af:b3:f6:22:70:0a:0c:47:e2:48:
c3:e0:42:68:7d:db:c2:8b:7d:40:97:7f:4d:53:f4:6e:b2:de:
74:7f:a4:1b:0f:22:e2:6c:fe:33:a4:0f:da:8c:37:9f:ac:30:
dc:92:1b:15
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYafPb56qpUwfA63QXHqdUhkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzAxMjIxNDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWE0ODIyNzMxZWJkMzJjZGQzYmI1MWQ3NjJlMTVlYjVhYzcyZjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjX1T1ociEdmvaaJb9f0DK0mQ72BP
0/pYD5PdLvb3+p0bQQ/qpIWpl0QCJL9DsgGPB1PSG04LXqb2XUatOdVYAUvFn9Fa
pIHvQzT2O7zqeQoI0FW3DQ8dM9ytd8Hq0481pwhMaAGJbJauYDAgKM8oFspuZo/C
JGnmHWl+floVgd4YCwdtTS4vj6xmJWx7BYgli8e7O05m696C2w4UBbkvWJt0BbFq
dLQbFCDwZgVBGYcF4Vs+2ETLbgwPTY0zIU2asuJnBeBo6PcgHZr8tMCz2YgEYr/t
UoGBvrS3Lg7moaDdVMIMiAy/V4HnCrLUu4ZdOprUbLYzGm2U41mJqLX9+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEGkgicx69Ms3Tu1HXYuFetaxy9PMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUWFTQ0p6SHIweXpkTzdVZGRpNFY2MXJITDA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJJYmF2bsOt4FquNivGW
pN1QZJpZoDx6cSlf6Ej7AsISNNFgWjZhhb6i6TxLJVQ9ymXxJMdYRQg81pC5Qy9B
kBG7oWbESKLvWaQAK0XNECdSi/6ywWmj9Cu908NEuF3p7+tc3oAEEYwBsK7DS71I
fHzEk34TUVVqfNdLKptYGqO0h69FcMr78IOqM1DZANG/WCcUziRQEB2XloVZm1G5
VrgI5OnpdPf3O54MfnCsHL59Gj4caCFhNO7lAsHEGUxnDJJT60dgJX7uPFTIoY7P
r7P2InAKDEfiSMPgQmh928KLfUCXf01T9G6y3nR/pBsPIuJs/jOkD9qMN5+sMNyS
GxU=
-----END CERTIFICATE-----
Generated at Mon Jun 9 09:36:02 2025 by rpki-client