Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2PPi-9Rqfx7izbG03lqhEC1MswA.roa
File: 2PPi-9Rqfx7izbG03lqhEC1MswA.roa (raw, json)
Hash identifier: HQicHNCBij51SDBry2dBuxz6ctb0AtC5AwOXfqN3XgI=
Subject key identifier: D8:F3:E2:FB:D4:6A:7F:1E:E2:CD:B1:B4:DE:5A:A1:10:2D:4C:B3:00
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01873049B44289AA7051C04A5C5F940B1B7B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2PPi-9Rqfx7izbG03lqhEC1MswA.roa
Signing time: Thu 30 Mar 2023 02:12:29 +0000
ROA not before: Thu 30 Mar 2023 02:12:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:30:49:b4:42:89:aa:70:51:c0:4a:5c:5f:94:0b:1b:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 30 02:12:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8f3e2fbd46a7f1ee2cdb1b4de5aa1102d4cb300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a2:db:9a:ea:8c:d3:cd:f7:94:8f:10:6a:c9:
40:23:94:14:40:7b:7c:73:27:6c:dd:f1:c2:1e:f5:
17:b0:3f:96:10:61:a9:1e:0e:2a:c6:f1:59:70:99:
74:83:6b:83:69:d2:a3:d8:0b:14:fa:bb:d4:9a:6c:
e2:b0:47:7d:d9:60:57:d8:a2:25:c6:d6:29:91:e9:
8d:1a:b8:d6:85:92:f9:e6:8a:2a:26:6e:7a:00:60:
76:d0:72:db:f4:de:14:c0:94:ec:0f:47:73:b2:fe:
64:14:55:b1:b9:52:77:81:83:13:fb:e9:83:86:53:
7a:47:3f:37:4d:ea:b9:4d:8b:14:99:99:d5:81:d0:
d7:9e:66:ce:0d:d2:09:98:f1:38:2f:7c:ce:a0:c0:
d6:de:00:a6:d7:33:5b:12:d4:87:4f:4e:eb:3c:ab:
bf:a4:6d:07:a2:9e:2e:cf:dc:d8:5c:99:e4:02:88:
11:da:d1:34:52:3c:87:a9:cd:9d:28:64:b3:1c:8c:
7e:29:8d:2f:28:4d:0a:ee:69:e4:61:59:9b:c3:35:
bc:df:a2:66:cd:1f:d4:b6:3a:ae:5b:7e:dc:57:24:
44:26:ef:e5:86:7b:e9:b7:f9:5b:5e:49:b7:4b:d3:
50:2b:17:ba:9d:2f:81:ff:1d:a3:0f:f3:d7:d2:95:
05:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:F3:E2:FB:D4:6A:7F:1E:E2:CD:B1:B4:DE:5A:A1:10:2D:4C:B3:00
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/2PPi-9Rqfx7izbG03lqhEC1MswA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
15:57:f6:c2:05:03:bd:e6:a2:c7:a6:91:46:18:d1:c0:1d:5f:
e6:61:b2:14:c0:ae:1b:26:44:ff:e0:dc:26:35:45:f0:22:38:
f8:d1:ea:6c:0f:50:ff:a7:9a:83:0a:6c:34:c9:0c:7b:5d:31:
64:50:08:b4:ff:2e:00:ab:31:07:8c:0e:7f:9b:0a:ab:ce:5a:
02:95:e9:84:e2:19:3c:db:d8:9a:8a:01:ae:bc:4c:0b:b5:36:
94:2b:3a:25:e2:89:ea:4f:4f:f6:70:fe:5a:82:4d:84:ec:09:
22:1d:69:f8:48:7c:57:ba:a0:88:f0:b5:d8:a9:64:e8:da:da:
91:0c:c9:c2:52:94:fc:34:8b:47:f8:a9:81:5a:df:6e:24:f8:
48:ae:ec:b7:3c:89:39:03:b0:bd:ee:e0:bd:07:09:a6:47:4d:
a3:80:33:56:b0:b7:20:76:ab:77:4d:c7:71:ca:00:f6:e1:ce:
e9:37:69:59:d6:71:22:d1:bc:a5:46:4a:92:54:2a:ed:f9:5f:
6d:80:f0:6d:84:f9:bf:a8:ef:f5:aa:3e:f3:34:aa:9f:77:d8:
f0:10:f9:bb:b1:23:a2:98:37:02:9b:12:43:4b:70:86:1a:8f:
0a:f4:ac:20:79:b5:fd:63:26:bf:45:cd:2c:e0:18:92:95:71:
b5:27:7f:6c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcwSbRCiapwUcBKXF+UCxt7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzMwMDIxMjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGYzZTJmYmQ0NmE3ZjFlZTJjZGIxYjRkZTVhYTExMDJkNGNiMzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6LbmuqM0833lI8QaslAI5QUQHt8
cyds3fHCHvUXsD+WEGGpHg4qxvFZcJl0g2uDadKj2AsU+rvUmmzisEd92WBX2KIl
xtYpkemNGrjWhZL55ooqJm56AGB20HLb9N4UwJTsD0dzsv5kFFWxuVJ3gYMT++mD
hlN6Rz83Teq5TYsUmZnVgdDXnmbODdIJmPE4L3zOoMDW3gCm1zNbEtSHT07rPKu/
pG0Hop4uz9zYXJnkAogR2tE0UjyHqc2dKGSzHIx+KY0vKE0K7mnkYVmbwzW836Jm
zR/UtjquW37cVyREJu/lhnvpt/lbXkm3S9NQKxe6nS+B/x2jD/PX0pUFdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNjz4vvUan8e4s2xtN5aoRAtTLMAMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMlBQaS05UnFmeDdpemJHMDNscWhFQzFNc3dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABVX9sIFA73mosemkUYY
0cAdX+ZhshTArhsmRP/g3CY1RfAiOPjR6mwPUP+nmoMKbDTJDHtdMWRQCLT/LgCr
MQeMDn+bCqvOWgKV6YTiGTzb2JqKAa68TAu1NpQrOiXiiepPT/Zw/lqCTYTsCSId
afhIfFe6oIjwtdipZOja2pEMycJSlPw0i0f4qYFa324k+Eiu7Lc8iTkDsL3u4L0H
CaZHTaOAM1awtyB2q3dNx3HKAPbhzuk3aVnWcSLRvKVGSpJUKu35X22A8G2E+b+o
7/WqPvM0qp932PAQ+buxI6KYNwKbEkNLcIYajwr0rCB5tf1jJr9FzSzgGJKVcbUn
f2w=
-----END CERTIFICATE-----
Generated at Fri May 2 14:28:11 2025 by rpki-client