Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qLhnIz_bXWQtentAU7ENaLasSlU.roa
File: qLhnIz_bXWQtentAU7ENaLasSlU.roa (raw, json)
Hash identifier: aATWPm01LhzVq1zoBizJlGCxf+Rp2yZB06bmpXs9tzo=
Subject key identifier: A8:B8:67:23:3F:DB:5D:64:2D:7A:7B:40:53:B1:0D:68:B6:AC:4A:55
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185EE33C48D3833B710025B7B8793F488F7
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qLhnIz_bXWQtentAU7ENaLasSlU.roa
Signing time: Thu 26 Jan 2023 13:10:47 +0000
ROA not before: Thu 26 Jan 2023 13:10:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ee:33:c4:8d:38:33:b7:10:02:5b:7b:87:93:f4:88:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 26 13:10:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8b867233fdb5d642d7a7b4053b10d68b6ac4a55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:bb:4d:66:80:1a:ce:4b:cd:6c:af:84:4e:43:
94:fd:8c:2c:e6:d8:d6:6e:ff:65:3b:8e:57:db:c5:
5f:0c:d8:3b:6e:3d:a6:ec:6d:15:a7:df:8f:63:69:
ee:ad:5b:29:21:23:a0:c6:d2:b2:9a:61:28:fc:05:
b0:7f:cf:4d:c1:57:24:c9:2f:f0:c3:25:42:6a:42:
8a:bc:12:84:5e:78:88:e8:15:eb:94:70:43:13:11:
06:36:1f:b3:4e:19:f8:45:fc:dc:e6:f1:1f:1e:6b:
11:61:31:f1:f5:3c:af:60:9e:a2:fd:cb:4c:de:3b:
50:21:9b:7e:df:8d:81:87:cf:75:d2:61:7b:1e:0b:
13:57:15:0e:7d:06:08:3e:5c:bb:48:9b:5a:0d:f7:
d4:ba:20:53:1b:95:85:26:ff:e3:14:ff:c8:42:c1:
43:82:93:d2:c8:99:88:2f:ee:47:93:7b:31:5f:a7:
d7:48:1f:08:a3:15:93:66:70:35:50:37:79:e8:45:
0a:93:9a:13:ba:22:a0:ec:18:b8:bb:bd:d9:52:26:
5b:cc:24:64:1e:63:97:d1:1d:72:55:13:13:1a:00:
f8:3b:3b:f0:0e:e2:78:06:c6:6f:73:98:87:19:d4:
3b:52:7e:17:b4:88:f1:b8:71:06:c7:bc:16:68:79:
2e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:B8:67:23:3F:DB:5D:64:2D:7A:7B:40:53:B1:0D:68:B6:AC:4A:55
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qLhnIz_bXWQtentAU7ENaLasSlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a8:66:d4:d4:c3:25:d3:8f:04:30:6a:14:24:65:b1:8f:04:5d:
db:e4:c3:34:54:c0:5d:85:26:a4:e3:b5:37:84:de:1c:d7:6c:
4e:34:a7:4e:f4:16:40:d9:da:66:ef:40:1e:aa:59:52:be:70:
41:7e:8e:e2:58:ce:8f:f2:7c:b6:32:e2:e5:2b:53:31:9a:dd:
e2:b1:35:a4:ec:c4:37:56:33:99:84:d5:a3:ca:86:98:cd:b5:
dd:a7:c6:f3:79:1d:3d:f6:dd:13:83:14:a6:2b:49:af:b4:cd:
ec:1c:22:fa:20:28:df:55:1f:a5:cf:6a:c3:32:48:ca:41:81:
a5:9c:7c:a9:87:e8:95:e4:c3:de:a4:18:54:1d:90:76:1b:94:
ba:51:67:11:4b:63:33:50:48:fe:95:30:65:14:bf:e4:2c:c3:
aa:2c:86:80:e6:97:ad:a3:21:c7:17:49:c8:4d:a9:47:c0:e8:
98:ba:9f:35:ff:80:f1:d8:c4:cf:c3:7a:57:26:ab:e1:b4:1b:
92:6f:99:b3:1a:2a:82:83:05:1f:74:7f:3f:20:26:9b:06:bb:
2a:eb:33:6b:60:26:87:38:f1:b0:86:f3:92:be:8a:65:f1:58:
c3:b8:2a:c8:34:23:92:07:ac:27:b7:5d:41:bf:5e:da:ae:ca:
37:83:a8:5a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXuM8SNODO3EAJbe4eT9Ij3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTI2MTMxMDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGI4NjcyMzNmZGI1ZDY0MmQ3YTdiNDA1M2IxMGQ2OGI2YWM0YTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7tNZoAazkvNbK+ETkOU/Yws5tjW
bv9lO45X28VfDNg7bj2m7G0Vp9+PY2nurVspISOgxtKymmEo/AWwf89NwVckyS/w
wyVCakKKvBKEXniI6BXrlHBDExEGNh+zThn4Rfzc5vEfHmsRYTHx9TyvYJ6i/ctM
3jtQIZt+342Bh8910mF7HgsTVxUOfQYIPly7SJtaDffUuiBTG5WFJv/jFP/IQsFD
gpPSyJmIL+5Hk3sxX6fXSB8IoxWTZnA1UDd56EUKk5oTuiKg7Bi4u73ZUiZbzCRk
HmOX0R1yVRMTGgD4OzvwDuJ4BsZvc5iHGdQ7Un4XtIjxuHEGx7wWaHkuhwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKi4ZyM/211kLXp7QFOxDWi2rEpVMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcUxobkl6X2JYV1F0ZW50QVU3RU5hTGFzU2xVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKhm1NTDJdOPBDBqFCRl
sY8EXdvkwzRUwF2FJqTjtTeE3hzXbE40p070FkDZ2mbvQB6qWVK+cEF+juJYzo/y
fLYy4uUrUzGa3eKxNaTsxDdWM5mE1aPKhpjNtd2nxvN5HT323RODFKYrSa+0zewc
IvogKN9VH6XPasMySMpBgaWcfKmH6JXkw96kGFQdkHYblLpRZxFLYzNQSP6VMGUU
v+Qsw6oshoDml62jIccXSchNqUfA6Ji6nzX/gPHYxM/Delcmq+G0G5JvmbMaKoKD
BR90fz8gJpsGuyrrM2tgJoc48bCG85K+imXxWMO4Ksg0I5IHrCe3XUG/XtquyjeD
qFo=
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:15:34 2025 by rpki-client