
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qonwVQmV4OdQ88EsM2WKh8HCek0.roa
File: qonwVQmV4OdQ88EsM2WKh8HCek0.roa (raw, json)
Hash identifier: RhP3giSY32+QF3e87v1/iJcrFfAw+kkFlhM+K/QX2XM=
Subject key identifier: AA:89:F0:55:09:95:E0:E7:50:F3:C1:2C:33:65:8A:87:C1:C2:7A:4D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187470C81E29FD598797E33A95764B4F33F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qonwVQmV4OdQ88EsM2WKh8HCek0.roa
Signing time: Mon 03 Apr 2023 12:16:54 +0000
ROA not before: Mon 03 Apr 2023 12:16:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:47:0c:81:e2:9f:d5:98:79:7e:33:a9:57:64:b4:f3:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 3 12:16:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa89f0550995e0e750f3c12c33658a87c1c27a4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:56:64:78:58:ff:62:79:68:76:9d:7a:8c:12:
0f:56:4d:d2:bd:2e:b6:c8:a5:f1:e9:20:97:cd:a4:
dc:73:43:52:c4:d9:1b:ac:71:d4:d9:9c:c4:91:d7:
55:c7:13:38:50:91:97:b3:e7:a9:fd:6d:08:e6:d1:
35:45:cb:2a:8f:30:0e:c9:51:3d:e4:b7:7e:e6:d2:
1c:e7:87:d7:09:89:98:70:ea:9b:4a:7a:f2:5a:7f:
8d:69:62:ad:c9:94:53:97:64:02:ba:24:cd:e1:5c:
b2:50:5d:0a:0a:89:cd:fa:9e:5c:b9:0b:59:06:95:
e5:d9:d5:43:04:31:b3:f5:55:81:2c:30:cd:5e:8e:
13:cb:2a:c3:18:a9:ca:6e:81:db:d3:92:55:0a:40:
9f:77:48:dd:28:b8:c8:55:79:33:67:9f:19:89:bf:
41:36:2f:04:07:02:92:91:6a:e3:76:16:1a:08:7c:
66:a2:5c:28:73:25:61:dd:12:2d:55:e8:84:3a:21:
b1:26:9f:6b:13:f3:b6:c6:73:81:f4:0b:aa:32:bc:
c0:41:fa:cf:8e:38:7d:4a:0f:62:3b:c3:eb:6f:13:
79:0f:b3:0f:12:ba:f3:91:d4:1d:35:2f:69:28:41:
2d:6c:55:a7:a2:dd:3b:91:7f:a6:d1:8d:0d:8d:5c:
d6:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:89:F0:55:09:95:E0:E7:50:F3:C1:2C:33:65:8A:87:C1:C2:7A:4D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/qonwVQmV4OdQ88EsM2WKh8HCek0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ac:12:9d:a3:7f:31:03:48:3c:98:f3:fe:2d:e8:50:bf:79:d0:
75:6d:60:d8:01:26:6b:2c:bf:d2:96:52:a0:73:2f:25:20:04:
7b:79:34:78:4b:3d:70:5d:1f:29:19:72:95:5e:a8:97:92:7d:
35:ab:53:a1:3d:2a:ef:a6:43:99:c0:26:8b:b7:68:f2:43:7c:
64:6c:0a:51:27:d4:1c:b0:6e:84:2c:72:da:b8:a2:5c:0f:a9:
a4:33:5f:ed:93:11:67:28:33:d1:83:5f:47:93:16:6a:13:46:
b5:f1:03:7a:ca:ba:c7:41:94:61:a9:c7:e8:c3:eb:55:78:20:
4d:2f:aa:2a:75:e9:46:09:9f:f8:f2:51:74:24:14:c4:84:46:
ee:fc:7e:a3:cb:78:b2:0f:1f:c7:f7:62:8f:87:e6:ae:5e:fc:
38:e4:78:88:4e:34:1d:a7:a9:e2:a1:2a:76:cc:6b:db:7c:90:
48:01:c1:40:13:62:95:28:08:37:e1:c7:a9:29:82:97:26:8c:
74:da:c2:08:ea:7a:18:88:80:bd:da:f4:a8:37:2b:ab:11:cf:
e1:53:14:c3:2b:f1:55:56:30:a6:5d:62:f2:71:de:fb:c4:2a:
ec:9a:b4:ca:9d:dc:13:85:e7:9f:cf:21:48:35:f2:ea:f5:49:
15:5d:22:a0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYdHDIHin9WYeX4zqVdktPM/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDAzMTIxNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTg5ZjA1NTA5OTVlMGU3NTBmM2MxMmMzMzY1OGE4N2MxYzI3YTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxlZkeFj/Ynlodp16jBIPVk3SvS62
yKXx6SCXzaTcc0NSxNkbrHHU2ZzEkddVxxM4UJGXs+ep/W0I5tE1RcsqjzAOyVE9
5Ld+5tIc54fXCYmYcOqbSnryWn+NaWKtyZRTl2QCuiTN4VyyUF0KConN+p5cuQtZ
BpXl2dVDBDGz9VWBLDDNXo4TyyrDGKnKboHb05JVCkCfd0jdKLjIVXkzZ58Zib9B
Ni8EBwKSkWrjdhYaCHxmolwocyVh3RItVeiEOiGxJp9rE/O2xnOB9AuqMrzAQfrP
jjh9Sg9iO8PrbxN5D7MPErrzkdQdNS9pKEEtbFWnot07kX+m0Y0NjVzWHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKqJ8FUJleDnUPPBLDNliofBwnpNMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcW9ud1ZRbVY0T2RRODhFc00yV0toOEhDZWswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKwSnaN/MQNIPJjz/i3o
UL950HVtYNgBJmssv9KWUqBzLyUgBHt5NHhLPXBdHykZcpVeqJeSfTWrU6E9Ku+m
Q5nAJou3aPJDfGRsClEn1BywboQsctq4olwPqaQzX+2TEWcoM9GDX0eTFmoTRrXx
A3rKusdBlGGpx+jD61V4IE0vqip16UYJn/jyUXQkFMSERu78fqPLeLIPH8f3Yo+H
5q5e/DjkeIhONB2nqeKhKnbMa9t8kEgBwUATYpUoCDfhx6kpgpcmjHTawgjqehiI
gL3a9Kg3K6sRz+FTFMMr8VVWMKZdYvJx3vvEKuyatMqd3BOF55/PIUg18ur1SRVd
IqA=
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:44:26 2025 by rpki-client