Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/P45xuaBcJx94jFinqJrXiH2OKpo.roa
File: P45xuaBcJx94jFinqJrXiH2OKpo.roa (raw, json)
Hash identifier: fs91+NspluxPvr3U6FtDWCpBMSw8EyMmVwhMJfGKfk4=
Subject key identifier: 3F:8E:71:B9:A0:5C:27:1F:78:8C:58:A7:A8:9A:D7:88:7D:8E:2A:9A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186F7389B5529457A447E286470D4D5BEA4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/P45xuaBcJx94jFinqJrXiH2OKpo.roa
Signing time: Sun 19 Mar 2023 00:15:27 +0000
ROA not before: Sun 19 Mar 2023 00:15:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f7:38:9b:55:29:45:7a:44:7e:28:64:70:d4:d5:be:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 19 00:15:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f8e71b9a05c271f788c58a7a89ad7887d8e2a9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d8:c1:f8:1c:30:40:fc:16:35:aa:e8:f0:29:
e3:78:42:61:9a:b3:7d:86:e3:81:35:aa:04:1d:91:
64:0f:bb:d6:92:d7:c2:fc:68:e9:b6:b6:24:ec:85:
ff:47:be:03:87:d6:1e:51:fa:fc:9a:5a:a7:0b:be:
04:8d:ce:9f:d3:e7:63:1c:c5:47:7b:08:67:41:30:
9b:9a:4b:0a:fa:08:98:23:8e:0d:85:89:22:b3:93:
0b:82:c3:09:a6:df:72:63:86:d6:30:b1:d2:3a:97:
d9:88:36:48:15:16:0f:8e:3b:7b:13:eb:15:b6:00:
26:69:ef:1b:ad:dd:2f:87:79:9b:bd:3b:45:7f:c6:
c5:9f:1f:8e:be:b5:d8:30:5b:8a:7a:54:ff:1b:00:
4a:ec:87:7e:8d:80:df:70:fd:55:af:8f:f2:af:b6:
7a:1c:50:81:8f:ac:cb:3d:68:a6:c4:3d:cb:35:d7:
4e:a2:23:fb:07:10:88:5d:fb:db:97:39:c0:d1:46:
ca:5b:f6:45:7d:b4:ea:cb:9e:3e:42:df:64:02:a3:
5f:d7:c1:a9:24:ed:e2:1c:3e:d1:0f:1a:06:a0:d6:
79:3f:18:e7:c8:7a:fd:e0:8a:4a:cc:5f:73:9c:4b:
11:20:e4:1f:5f:d8:10:d8:6b:35:e0:bd:77:3f:35:
0a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:8E:71:B9:A0:5C:27:1F:78:8C:58:A7:A8:9A:D7:88:7D:8E:2A:9A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/P45xuaBcJx94jFinqJrXiH2OKpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
96:74:09:2e:e8:45:78:2d:a3:74:35:07:a9:2c:4e:23:0c:ea:
4c:3b:4a:75:5a:6f:fe:f9:3a:a5:6c:c2:27:92:d6:82:ec:6d:
82:69:03:09:04:36:12:e7:4c:d6:83:79:a5:40:7c:62:12:b0:
f5:e2:d4:6d:3c:a6:44:51:10:a3:3f:4e:52:d0:c7:fa:23:d5:
65:b4:79:cc:8a:58:45:21:58:c2:f8:4f:45:27:0f:61:90:1d:
f7:f0:78:22:1a:04:d0:38:6d:0e:90:20:6f:3e:a8:ff:52:ac:
89:92:00:e3:32:4f:3c:37:c8:4d:5f:f1:87:9a:2f:2d:44:98:
5e:0b:2b:48:fc:f1:3b:9f:25:59:af:33:5a:52:f5:07:bc:ff:
95:bb:a5:16:61:e9:04:30:56:90:a8:fd:70:25:3d:5c:6c:bd:
65:62:33:14:41:9b:97:a1:a9:2b:9f:49:1d:dc:ab:23:72:82:
a9:49:9f:42:d7:aa:63:9c:9a:d5:34:9b:d2:c9:63:a2:a0:0b:
b7:b6:5d:00:c9:bb:2e:19:d6:e9:10:a1:83:84:f1:97:a1:a8:
6f:84:5f:a5:ce:d8:ce:5f:56:83:9e:fc:2d:fb:2c:74:53:1e:
68:cc:26:ed:6a:56:58:24:27:01:41:47:0a:51:4c:61:7f:80:
eb:e2:3b:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYb3OJtVKUV6RH4oZHDU1b6kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzE5MDAxNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjhlNzFiOWEwNWMyNzFmNzg4YzU4YTdhODlhZDc4ODdkOGUyYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tjB+BwwQPwWNaro8CnjeEJhmrN9
huOBNaoEHZFkD7vWktfC/GjptrYk7IX/R74Dh9YeUfr8mlqnC74Ejc6f0+djHMVH
ewhnQTCbmksK+giYI44NhYkis5MLgsMJpt9yY4bWMLHSOpfZiDZIFRYPjjt7E+sV
tgAmae8brd0vh3mbvTtFf8bFnx+OvrXYMFuKelT/GwBK7Id+jYDfcP1Vr4/yr7Z6
HFCBj6zLPWimxD3LNddOoiP7BxCIXfvblznA0UbKW/ZFfbTqy54+Qt9kAqNf18Gp
JO3iHD7RDxoGoNZ5PxjnyHr94IpKzF9znEsRIOQfX9gQ2Gs14L13PzUKVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD+OcbmgXCcfeIxYp6ia14h9jiqaMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUDQ1eHVhQmNKeDk0akZpbnFKclhpSDJPS3BvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJZ0CS7oRXgto3Q1B6ks
TiMM6kw7SnVab/75OqVswieS1oLsbYJpAwkENhLnTNaDeaVAfGISsPXi1G08pkRR
EKM/TlLQx/oj1WW0ecyKWEUhWML4T0UnD2GQHffweCIaBNA4bQ6QIG8+qP9SrImS
AOMyTzw3yE1f8YeaLy1EmF4LK0j88TufJVmvM1pS9Qe8/5W7pRZh6QQwVpCo/XAl
PVxsvWViMxRBm5ehqSufSR3cqyNygqlJn0LXqmOcmtU0m9LJY6KgC7e2XQDJuy4Z
1ukQoYOE8ZehqG+EX6XO2M5fVoOe/C37LHRTHmjMJu1qVlgkJwFBRwpRTGF/gOvi
O5Q=
-----END CERTIFICATE-----
Generated at Thu May 1 00:43:32 2025 by rpki-client