Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PCurQaBapc6bEW7W_eVZUi0AwDU.roa
File: PCurQaBapc6bEW7W_eVZUi0AwDU.roa (raw, json)
Hash identifier: qe6NVpaev6SvV1eMxLdh1Av8Jv95eNmEWf+hYcb2JFs=
Subject key identifier: 3C:2B:AB:41:A0:5A:A5:CE:9B:11:6E:D6:FD:E5:59:52:2D:00:C0:35
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187F431EE374ACB81BEDB1133821DADFF75
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PCurQaBapc6bEW7W_eVZUi0AwDU.roa
Signing time: Sun 07 May 2023 03:12:05 +0000
ROA not before: Sun 07 May 2023 03:12:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f4:31:ee:37:4a:cb:81:be:db:11:33:82:1d:ad:ff:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 7 03:12:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c2bab41a05aa5ce9b116ed6fde559522d00c035
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:2e:8b:e7:45:4a:43:aa:b3:37:ce:2f:ca:f1:
57:ae:30:75:bb:18:94:b4:0f:cd:b2:87:04:79:ae:
97:0a:43:aa:34:db:06:7f:17:f5:f9:a8:81:9a:08:
b0:eb:72:c7:96:ee:6f:9a:bf:dc:cd:d7:cc:ad:74:
76:98:27:3b:12:8e:b3:7b:02:f0:ae:21:70:7d:7a:
b2:76:52:34:8b:41:b0:a7:87:f9:4d:85:0d:3f:ab:
98:7c:10:7c:21:60:da:cb:62:fd:f0:ca:62:53:0c:
31:42:0f:b2:60:b8:15:67:d2:5c:ba:89:b1:13:d7:
66:4e:fc:93:8b:67:96:8b:5c:01:b4:47:76:e9:c5:
1a:eb:48:7a:a1:d3:80:4c:c4:61:2b:86:b2:69:0f:
e1:f4:7c:21:b9:95:6e:c9:7c:dd:cc:80:23:93:f1:
2c:af:07:ae:c4:b9:af:ee:9a:bd:9b:99:91:db:33:
3a:a7:52:09:23:18:f9:07:81:fb:f4:e9:15:91:e1:
de:f3:b6:16:da:83:13:ec:f1:c7:d0:99:c4:9b:b1:
cf:a3:a1:63:9c:35:82:91:e5:5e:cd:05:0e:cb:76:
69:f7:0b:fe:90:9b:15:1d:fd:d8:3e:49:2d:eb:98:
59:59:62:8b:df:e7:db:5c:f9:58:81:ec:93:f7:42:
8b:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:2B:AB:41:A0:5A:A5:CE:9B:11:6E:D6:FD:E5:59:52:2D:00:C0:35
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PCurQaBapc6bEW7W_eVZUi0AwDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:08:fa:8a:3b:e4:e2:56:d5:96:c4:67:92:93:7e:64:90:2e:
b0:e0:62:50:36:51:5f:51:4b:62:50:06:61:9b:35:0b:1b:55:
00:01:d6:67:d5:25:0b:47:09:6b:71:a9:1e:86:af:05:51:1b:
38:4f:c1:ae:74:98:5d:33:9d:d3:4c:6d:07:d0:f8:a2:54:9e:
9d:1a:e6:87:aa:b9:0d:31:d0:0e:de:62:74:40:5f:96:34:6c:
60:a3:0e:74:1a:12:06:16:f0:f5:e6:d1:91:5c:cf:6a:26:c1:
cb:28:e7:08:88:22:35:09:9a:24:38:83:7a:f5:27:03:45:77:
e8:3e:50:91:8b:c0:3b:dd:14:00:ae:b1:df:3f:a0:e3:93:11:
05:4c:a7:21:f8:af:df:24:7e:e4:1b:3c:82:a9:01:e9:51:76:
4a:e9:88:a6:95:e2:9c:48:4d:4b:42:38:5f:15:0e:04:6f:b7:
0f:17:ff:7c:6a:83:7d:b7:aa:85:3d:b9:38:fa:60:13:d0:04:
53:ca:d9:1c:01:06:3f:e1:24:c2:c6:9b:ef:66:70:b1:bb:9b:
22:cb:0f:59:4a:f5:15:03:7e:fd:36:5a:df:da:4e:fb:a3:d5:
7d:65:d3:81:9a:a6:4b:39:e4:b7:3e:83:23:98:cc:23:01:27:
22:27:d0:c9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYf0Me43SsuBvtsRM4Idrf91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTA3MDMxMjA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzJiYWI0MWEwNWFhNWNlOWIxMTZlZDZmZGU1NTk1MjJkMDBjMDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzC6L50VKQ6qzN84vyvFXrjB1uxiU
tA/NsocEea6XCkOqNNsGfxf1+aiBmgiw63LHlu5vmr/czdfMrXR2mCc7Eo6zewLw
riFwfXqydlI0i0Gwp4f5TYUNP6uYfBB8IWDay2L98MpiUwwxQg+yYLgVZ9Jcuomx
E9dmTvyTi2eWi1wBtEd26cUa60h6odOATMRhK4ayaQ/h9HwhuZVuyXzdzIAjk/Es
rweuxLmv7pq9m5mR2zM6p1IJIxj5B4H79OkVkeHe87YW2oMT7PHH0JnEm7HPo6Fj
nDWCkeVezQUOy3Zp9wv+kJsVHf3YPkkt65hZWWKL3+fbXPlYgeyT90KLZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDwrq0GgWqXOmxFu1v3lWVItAMA1MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUEN1clFhQmFwYzZiRVc3V19lVlpVaTBBd0RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGMI+oo75OJW1ZbEZ5KT
fmSQLrDgYlA2UV9RS2JQBmGbNQsbVQAB1mfVJQtHCWtxqR6GrwVRGzhPwa50mF0z
ndNMbQfQ+KJUnp0a5oequQ0x0A7eYnRAX5Y0bGCjDnQaEgYW8PXm0ZFcz2omwcso
5wiIIjUJmiQ4g3r1JwNFd+g+UJGLwDvdFACusd8/oOOTEQVMpyH4r98kfuQbPIKp
AelRdkrpiKaV4pxITUtCOF8VDgRvtw8X/3xqg323qoU9uTj6YBPQBFPK2RwBBj/h
JMLGm+9mcLG7myLLD1lK9RUDfv02Wt/aTvuj1X1l04Gapks55Lc+gyOYzCMBJyIn
0Mk=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:07:48 2025 by rpki-client