Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qOkuiZePULhc7tgCeI-aqi34gQ8.roa
File: qOkuiZePULhc7tgCeI-aqi34gQ8.roa (raw, json)
Hash identifier: dfUBSyhltQRxOmOu0nd/XvFiBrIynpfolFeSe8T7vtQ=
Subject key identifier: A8:E9:2E:89:97:8F:50:B8:5C:EE:D8:02:78:8F:9A:AA:2D:F8:81:0F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 6A612659
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qOkuiZePULhc7tgCeI-aqi34gQ8.roa
Signing time: Sun 13 Feb 2022 22:08:29 +0000
ROA not before: Sun 13 Feb 2022 22:08:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1784751705 (0x6a612659)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 13 22:08:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8e92e89978f50b85ceed802788f9aaa2df8810f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:5e:f3:3c:25:92:15:c4:58:40:f5:6b:59:c9:
3e:98:68:4c:38:29:15:e0:d9:9d:26:65:b9:d8:e2:
5e:ac:06:6d:67:5c:a9:da:84:99:54:8e:83:9e:f4:
5a:4a:50:34:62:f7:6c:d1:a4:eb:36:28:81:23:38:
a8:e0:ee:24:62:2b:57:2b:12:17:da:15:b8:8c:66:
40:17:ba:81:b7:e1:2b:18:3f:51:e7:62:f9:45:3a:
51:92:06:62:44:e9:7a:cb:ca:ec:5d:34:0c:0d:5f:
fa:f4:f3:2d:0e:a0:67:8d:38:88:f9:0c:5c:83:1f:
dc:73:d8:f4:f3:2e:8d:19:03:48:2d:87:c2:52:12:
81:04:23:df:c2:ec:fb:c1:84:5f:da:c1:1d:90:93:
a0:3f:8d:7b:e5:b3:b5:c2:20:3b:b7:6d:1b:7b:86:
a4:4f:07:a9:62:bd:37:37:fe:42:9e:62:43:5b:f6:
19:da:3b:ce:51:ad:1f:5e:65:55:2a:5d:1c:0b:14:
77:68:83:56:78:a5:80:44:47:15:68:79:dc:8a:e7:
db:21:a2:aa:f2:8a:7a:b0:0d:99:75:8e:9c:42:b5:
92:4b:ed:c5:6c:ff:ca:d4:cc:d0:6f:2c:38:e4:ac:
4e:91:e2:c6:fc:ef:49:40:fa:12:d6:bd:9a:4f:c3:
7b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E9:2E:89:97:8F:50:B8:5C:EE:D8:02:78:8F:9A:AA:2D:F8:81:0F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qOkuiZePULhc7tgCeI-aqi34gQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
64:5e:d0:cf:61:ca:9d:3c:28:60:d1:fe:03:f2:ec:da:5a:f5:
dd:14:a7:fe:ed:d3:92:7d:bd:12:75:3e:40:4d:c7:3c:e4:42:
fa:c1:7e:75:b2:dc:6e:a6:03:42:c3:e7:0a:90:9d:50:33:66:
0f:1a:c1:f6:0d:a2:8c:9a:27:fb:14:f5:fc:ca:bb:03:06:c2:
4c:cb:3d:8a:bc:bb:ee:0f:05:16:aa:d9:1b:b1:df:fd:26:2c:
f6:25:93:07:b4:6b:e4:35:5d:a9:63:1d:71:2d:eb:30:30:5a:
80:0b:ee:41:de:2c:6c:1f:bc:c5:c3:3b:22:52:93:92:9b:0d:
0e:84:50:64:9b:c8:16:fc:b9:0c:8e:4d:24:fb:2a:27:4f:16:
3e:b8:ac:2c:97:48:92:c0:48:12:cf:e8:ff:29:3c:8e:ef:47:
64:17:41:1c:c4:9b:88:bb:b6:d6:dd:85:5f:1f:3e:11:d0:ec:
e9:8f:e9:86:98:d8:71:50:36:87:21:16:72:ab:ee:34:43:96:
84:a8:7e:d1:76:eb:36:d4:36:7f:c6:f6:ed:df:af:40:0d:00:
f3:d0:ef:9e:a4:54:09:a2:9d:fa:8f:4d:f6:6d:84:34:d8:f0:
65:37:27:fc:9d:ee:32:7b:17:8c:85:97:2f:c7:7c:a4:dd:27:
79:83:7c:e3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEamEmWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDIx
MzIyMDgyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYThlOTJlODk5Nzhm
NTBiODVjZWVkODAyNzg4ZjlhYWEyZGY4ODEwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJte8zwlkhXEWED1a1nJPphoTDgpFeDZnSZludjiXqwGbWdc
qdqEmVSOg570WkpQNGL3bNGk6zYogSM4qODuJGIrVysSF9oVuIxmQBe6gbfhKxg/
Uedi+UU6UZIGYkTpesvK7F00DA1f+vTzLQ6gZ404iPkMXIMf3HPY9PMujRkDSC2H
wlISgQQj38Ls+8GEX9rBHZCToD+Ne+WztcIgO7dtG3uGpE8HqWK9Nzf+Qp5iQ1v2
Gdo7zlGtH15lVSpdHAsUd2iDVnilgERHFWh53Irn2yGiqvKKerANmXWOnEK1kkvt
xWz/ytTM0G8sOOSsTpHixvzvSUD6Eta9mk/De1UCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSo6S6Jl49QuFzu2AJ4j5qqLfiBDzAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L3FPa3VpWmVQVUxoYzd0Z0NlSS1hcWkzNGdROC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQBkXtDPYcqdPChg0f4D8uzaWvXdFKf+7dOSfb0S
dT5ATcc85EL6wX51stxupgNCw+cKkJ1QM2YPGsH2DaKMmif7FPX8yrsDBsJMyz2K
vLvuDwUWqtkbsd/9Jiz2JZMHtGvkNV2pYx1xLeswMFqAC+5B3ixsH7zFwzsiUpOS
mw0OhFBkm8gW/LkMjk0k+yonTxY+uKwsl0iSwEgSz+j/KTyO70dkF0EcxJuIu7bW
3YVfHz4R0Ozpj+mGmNhxUDaHIRZyq+40Q5aEqH7Rdus21DZ/xvbt369ADQDz0O+e
pFQJop36j032bYQ02PBlNyf8ne4yexeMhZcvx3yk3Sd5g3zj
-----END CERTIFICATE-----
Generated at Wed Jun 11 10:16:46 2025 by rpki-client