Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PBaccZ68CYHzeIyHEpq0PA51HB0.roa
File: PBaccZ68CYHzeIyHEpq0PA51HB0.roa (raw, json)
Hash identifier: P+xKa2JSf+fsh/u1klzSYn/lJZ4hDeJS8mBDVh7CF90=
Subject key identifier: 3C:16:9C:71:9E:BC:09:81:F3:78:8C:87:12:9A:B4:3C:0E:75:1C:1D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185BDEC5ACB50E649547829D30AA8B5E962
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PBaccZ68CYHzeIyHEpq0PA51HB0.roa
Signing time: Tue 17 Jan 2023 04:11:01 +0000
ROA not before: Tue 17 Jan 2023 04:11:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:ba40:6692/128 maxlen: 128
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:bd:ec:5a:cb:50:e6:49:54:78:29:d3:0a:a8:b5:e9:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 17 04:11:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c169c719ebc0981f3788c87129ab43c0e751c1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:24:0e:61:77:b6:ef:fc:05:46:e2:b1:d4:ea:
67:65:8f:18:0b:84:f8:d7:f1:1b:1e:13:10:74:08:
97:1f:18:c5:fb:ce:d8:9d:0b:91:15:35:4b:66:80:
94:c7:a8:7e:e7:90:2d:b9:6c:49:2e:0e:12:17:6d:
7d:c5:e2:9d:b8:7a:1c:24:54:66:ef:49:bf:ca:50:
c9:c2:f0:b8:fd:b3:03:e7:8c:c2:20:74:35:a0:46:
b5:6e:78:43:fa:b4:6a:04:ef:ed:14:91:26:44:c5:
66:8f:dc:f6:e4:8d:54:8d:01:ae:04:3b:d5:99:79:
86:40:4c:b4:1d:f6:43:0e:5d:9c:50:b3:25:cc:1e:
6f:49:91:53:bd:bf:db:3c:8c:c4:b2:6b:50:34:ea:
f4:59:12:79:2b:bb:d6:70:f2:c0:28:8a:c4:22:df:
d4:84:65:86:9a:d4:3e:37:8b:9c:cc:dc:48:92:a7:
0d:1a:28:b2:af:ab:79:74:f8:57:90:12:8a:01:6d:
45:ee:1f:10:34:a4:95:16:00:de:36:40:69:7f:c2:
57:39:ef:fe:23:64:ae:b2:7d:2e:9a:c2:7c:03:fd:
1d:97:f9:61:8f:0a:84:1d:86:8e:39:66:8e:d4:9d:
f1:e4:a2:25:08:20:f7:f0:c2:da:8c:52:e2:d7:b1:
7a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:16:9C:71:9E:BC:09:81:F3:78:8C:87:12:9A:B4:3C:0E:75:1C:1D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PBaccZ68CYHzeIyHEpq0PA51HB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4d:01:05:48:0c:a5:c7:bf:0d:cb:18:3a:48:b1:1f:45:d8:37:
92:41:8b:82:4c:89:ad:27:fc:5d:89:9c:3c:47:6e:85:83:af:
2e:97:b7:af:07:6b:0a:99:dc:0e:d9:7b:ff:37:0d:33:53:17:
11:c7:eb:6b:3e:25:33:ef:fe:58:e8:92:c4:24:42:f7:16:f8:
8c:82:c0:34:6b:2f:ae:a8:c3:48:cc:96:00:7a:51:d5:00:89:
99:6f:76:b7:e5:d7:0d:b9:b0:31:d0:f8:16:b4:25:8b:e1:df:
ae:c6:d2:2c:8c:da:c5:ac:1e:c0:d2:2f:bc:4b:85:61:f1:32:
8e:0b:45:d6:cd:57:1e:04:96:a1:d8:6b:a1:7d:91:c2:c1:98:
74:e1:9b:05:91:c1:14:3b:01:4b:a8:f9:74:53:78:fb:b7:99:
17:4b:b4:86:fa:5e:c9:05:97:3f:30:3c:fc:bb:c2:10:eb:01:
ac:90:90:ae:2d:d8:a3:a3:7c:f9:6e:fb:3e:f0:70:9b:22:39:
58:84:6b:0f:11:7b:ba:83:bc:84:94:1f:44:ba:62:9f:c2:22:
f2:25:03:c0:8a:66:70:50:cf:67:22:64:65:9c:97:93:38:f6:
e6:38:c5:a2:dd:70:d7:7d:d5:03:71:21:45:8e:c1:1d:4b:80:
3c:8d:04:2a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYW97FrLUOZJVHgp0wqoteliMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTE3MDQxMTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzE2OWM3MTllYmMwOTgxZjM3ODhjODcxMjlhYjQzYzBlNzUxYzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCQOYXe27/wFRuKx1OpnZY8YC4T4
1/EbHhMQdAiXHxjF+87YnQuRFTVLZoCUx6h+55AtuWxJLg4SF219xeKduHocJFRm
70m/ylDJwvC4/bMD54zCIHQ1oEa1bnhD+rRqBO/tFJEmRMVmj9z25I1UjQGuBDvV
mXmGQEy0HfZDDl2cULMlzB5vSZFTvb/bPIzEsmtQNOr0WRJ5K7vWcPLAKIrEIt/U
hGWGmtQ+N4uczNxIkqcNGiiyr6t5dPhXkBKKAW1F7h8QNKSVFgDeNkBpf8JXOe/+
I2Susn0umsJ8A/0dl/lhjwqEHYaOOWaO1J3x5KIlCCD38MLajFLi17F6ZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDwWnHGevAmB83iMhxKatDwOdRwdMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUEJhY2NaNjhDWUh6ZUl5SEVwcTBQQTUxSEIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE0BBUgMpce/DcsYOkix
H0XYN5JBi4JMia0n/F2JnDxHboWDry6Xt68HawqZ3A7Ze/83DTNTFxHH62s+JTPv
/ljoksQkQvcW+IyCwDRrL66ow0jMlgB6UdUAiZlvdrfl1w25sDHQ+Ba0JYvh367G
0iyM2sWsHsDSL7xLhWHxMo4LRdbNVx4ElqHYa6F9kcLBmHThmwWRwRQ7AUuo+XRT
ePu3mRdLtIb6XskFlz8wPPy7whDrAayQkK4t2KOjfPlu+z7wcJsiOViEaw8Re7qD
vISUH0S6Yp/CIvIlA8CKZnBQz2ciZGWcl5M49uY4xaLdcNd91QNxIUWOwR1LgDyN
BCo=
-----END CERTIFICATE-----
Generated at Wed Apr 30 23:12:47 2025 by rpki-client