Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PMZ2ulLopVwH3_iDtmDxMm-QEjQ.roa
File: PMZ2ulLopVwH3_iDtmDxMm-QEjQ.roa (raw, json)
Hash identifier: GU2rx95t3xJVOHCEmfyA3nhxYiMTo5hpEf/FBjJg2w8=
Subject key identifier: 3C:C6:76:BA:52:E8:A5:5C:07:DF:F8:83:B6:60:F1:32:6F:90:12:34
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186526DCCD81741C54F1C69E57BF3FC171D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PMZ2ulLopVwH3_iDtmDxMm-QEjQ.roa
Signing time: Wed 15 Feb 2023 00:16:12 +0000
ROA not before: Wed 15 Feb 2023 00:16:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:52:6d:cc:d8:17:41:c5:4f:1c:69:e5:7b:f3:fc:17:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 15 00:16:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3cc676ba52e8a55c07dff883b660f1326f901234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:2f:2b:e7:2c:bb:86:75:a3:0c:1c:2f:a0:d3:
54:a5:56:56:f7:1b:8a:0f:c0:cb:2d:04:7c:ff:bd:
56:ab:98:42:50:80:58:61:6e:92:03:cb:ba:c7:d5:
86:b4:9c:4e:81:d4:df:03:f3:4f:4d:ee:43:0d:cb:
5d:ba:9f:82:a1:49:78:57:ef:ad:14:2e:79:4a:d9:
c0:26:5a:13:3a:0e:b6:f8:5b:74:66:de:64:e7:0e:
52:da:a5:6b:c9:9a:af:73:77:07:69:85:76:e4:ac:
f3:70:e0:25:34:2f:88:75:af:43:9e:f0:81:0a:5b:
d6:f9:c9:3d:23:ed:a2:f6:6c:d4:fd:fb:62:39:f6:
9a:b0:ae:75:de:3e:62:dd:75:e0:5c:58:72:2d:69:
55:59:00:58:06:f9:a6:10:67:82:98:b7:79:e1:56:
42:67:d9:4f:e1:bf:4c:f0:12:c1:c2:8a:66:a2:a1:
60:39:69:bb:ad:6b:a7:b7:d3:c5:cf:1a:c5:54:be:
16:1e:99:5c:47:24:d3:2b:4c:71:8f:0b:0f:55:26:
35:32:d4:a2:79:83:56:d2:2d:a5:6e:ba:7a:f8:f8:
78:9f:d5:43:c6:2f:bd:63:bd:b1:b7:64:c1:3e:b4:
16:66:fa:e1:f7:c9:2b:0e:69:13:c2:1d:f0:45:54:
64:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:C6:76:BA:52:E8:A5:5C:07:DF:F8:83:B6:60:F1:32:6F:90:12:34
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PMZ2ulLopVwH3_iDtmDxMm-QEjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4c:be:96:13:43:79:07:b9:4a:8f:a9:6c:fe:9d:df:21:40:e0:
cc:d0:a4:7a:05:97:09:c1:35:64:75:75:fc:b5:6b:9e:2b:44:
95:48:05:de:92:57:b5:98:bb:99:12:74:92:d4:68:71:a3:00:
fc:99:41:64:80:aa:98:0b:b0:71:10:c9:8a:9c:74:7a:c5:3e:
40:b3:53:95:96:dd:cd:c8:77:ad:8b:ad:69:44:48:40:c9:71:
51:56:58:0c:6f:3f:c4:d4:6b:c2:3d:a4:0a:bd:22:63:5b:79:
1f:df:04:79:c8:ff:5c:81:48:ce:61:8a:a6:1c:c1:68:8b:ab:
b8:9f:0d:d1:78:5b:f4:16:b8:cd:6a:ca:2c:6d:d8:1f:72:87:
9d:01:3d:04:ed:cd:90:56:54:6e:8f:67:ee:8e:be:b1:32:64:
0b:93:35:03:35:a0:a3:e0:da:17:56:49:c1:c0:21:bc:a5:1f:
75:51:e0:7a:66:04:d0:d9:f7:25:73:f7:7e:6b:a3:10:5d:3d:
45:50:67:2d:dc:50:b5:39:9f:8c:fe:25:7e:8b:e4:70:12:24:
4e:c3:f7:c6:e5:d6:b9:91:f5:66:6c:48:62:43:07:86:09:e4:
c3:14:b8:36:9e:70:fa:37:c3:37:69:14:8f:20:22:19:8e:d1:
16:e2:6e:f5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZSbczYF0HFTxxp5Xvz/BcdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE1MDAxNjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2M2NzZiYTUyZThhNTVjMDdkZmY4ODNiNjYwZjEzMjZmOTAxMjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgi8r5yy7hnWjDBwvoNNUpVZW9xuK
D8DLLQR8/71Wq5hCUIBYYW6SA8u6x9WGtJxOgdTfA/NPTe5DDctdup+CoUl4V++t
FC55StnAJloTOg62+Ft0Zt5k5w5S2qVryZqvc3cHaYV25KzzcOAlNC+Ida9DnvCB
ClvW+ck9I+2i9mzU/ftiOfaasK513j5i3XXgXFhyLWlVWQBYBvmmEGeCmLd54VZC
Z9lP4b9M8BLBwopmoqFgOWm7rWunt9PFzxrFVL4WHplcRyTTK0xxjwsPVSY1MtSi
eYNW0i2lbrp6+Ph4n9VDxi+9Y72xt2TBPrQWZvrh98krDmkTwh3wRVRkbwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDzGdrpS6KVcB9/4g7Zg8TJvkBI0MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUE1aMnVsTG9wVndIM19pRHRtRHhNbS1RRWpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEy+lhNDeQe5So+pbP6d
3yFA4MzQpHoFlwnBNWR1dfy1a54rRJVIBd6SV7WYu5kSdJLUaHGjAPyZQWSAqpgL
sHEQyYqcdHrFPkCzU5WW3c3Id62LrWlESEDJcVFWWAxvP8TUa8I9pAq9ImNbeR/f
BHnI/1yBSM5hiqYcwWiLq7ifDdF4W/QWuM1qyixt2B9yh50BPQTtzZBWVG6PZ+6O
vrEyZAuTNQM1oKPg2hdWScHAIbylH3VR4HpmBNDZ9yVz935roxBdPUVQZy3cULU5
n4z+JX6L5HASJE7D98bl1rmR9WZsSGJDB4YJ5MMUuDaecPo3wzdpFI8gIhmO0Rbi
bvU=
-----END CERTIFICATE-----
Generated at Thu May 1 06:46:43 2025 by rpki-client