Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PUFrBVwtTNVct3eAMbMBmsMoVEE.roa
File: PUFrBVwtTNVct3eAMbMBmsMoVEE.roa (raw, json)
Hash identifier: mrr8hoUF/CuFoN4zZQSDv6GIBbfDsxjGHpmeilUp1Ck=
Subject key identifier: 3D:41:6B:05:5C:2D:4C:D5:5C:B7:77:80:31:B3:01:9A:C3:28:54:41
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 6D668B57
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PUFrBVwtTNVct3eAMbMBmsMoVEE.roa
Signing time: Thu 24 Feb 2022 20:12:18 +0000
ROA not before: Thu 24 Feb 2022 20:12:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64:ffff:0:17f:20ac:a2bd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1835436887 (0x6d668b57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 24 20:12:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d416b055c2d4cd55cb7778031b3019ac3285441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:46:46:4c:98:37:31:19:60:d5:7c:1b:35:64:
a8:54:69:3b:10:6e:04:7a:77:60:1c:b3:46:8b:e1:
14:1b:19:34:02:03:61:b6:f1:bf:30:16:3d:9e:6f:
25:43:fa:0d:5b:fa:7e:4f:ea:a4:cd:a8:53:e4:6b:
e5:1e:47:c9:76:6e:fc:06:4e:ef:14:a9:60:2f:69:
75:3c:8c:1a:c7:cf:a8:80:0c:d5:6c:a1:6e:9a:d4:
7d:96:c7:a1:bd:91:56:fb:41:fa:db:32:cb:b5:1f:
a9:f7:2f:b1:af:28:f4:32:ab:c7:50:53:1a:8a:f5:
bf:e5:7f:6e:22:e9:75:79:d9:b9:05:6e:e8:45:dc:
00:34:1f:77:34:60:5a:7c:93:33:22:5b:3c:5f:91:
3a:dc:68:a9:39:16:f1:8a:58:01:5b:02:3a:53:ad:
15:48:15:35:6a:0c:d0:fc:54:7e:5e:78:65:0b:4c:
90:cf:0b:6f:ea:bf:56:53:ab:b6:50:bb:d7:30:51:
8f:a1:10:32:99:3c:5a:96:97:9e:08:0f:64:65:ba:
66:cd:7f:26:3b:5b:35:e3:7e:c5:68:4f:56:35:ce:
60:ef:8e:cb:56:76:3d:c1:95:24:43:2e:7c:42:24:
3b:74:c2:dd:42:de:2e:c6:6f:33:f3:1d:ee:76:f8:
3a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:41:6B:05:5C:2D:4C:D5:5C:B7:77:80:31:B3:01:9A:C3:28:54:41
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PUFrBVwtTNVct3eAMbMBmsMoVEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
48:72:f3:b0:bb:c3:a7:d1:99:a7:f1:55:53:6c:c8:7f:a5:b2:
14:f2:53:24:cb:61:73:35:2d:6c:e2:15:8f:fd:29:0f:50:93:
75:9f:9a:ba:69:4d:d1:eb:fa:aa:0e:e9:ee:a0:b7:85:98:da:
8d:c2:a5:5a:5a:d9:b2:a1:c8:e6:aa:12:92:a4:dd:34:08:3d:
ff:70:c8:b0:d9:23:d2:d8:f2:b9:56:47:c7:bd:d7:38:ec:75:
0d:f4:06:94:06:d4:81:32:87:a7:17:ea:1c:80:e2:32:76:44:
66:b2:4a:ce:65:b7:66:21:65:7c:25:fe:8c:6b:fe:62:ec:5f:
14:54:34:1d:ed:ab:1c:30:5c:41:db:17:ba:ca:24:e7:e5:45:
0a:06:8f:02:1a:fc:b9:e9:12:2e:05:9a:44:83:8e:fb:87:45:
60:59:87:34:36:45:db:41:df:04:f1:be:eb:63:0c:7c:bd:ac:
8c:c7:1f:20:9d:c8:13:37:27:3c:50:83:36:a7:7e:21:ec:b4:
43:f3:9a:41:0d:5c:79:e7:b2:45:5a:29:a8:e1:97:af:bf:4c:
9e:f7:94:b5:96:00:4b:3b:ac:d0:0e:74:d5:e9:2d:3b:98:2c:
52:b9:bd:e8:53:b3:90:4e:bd:90:b8:96:23:78:7e:a7:85:58:
eb:ee:d3:a4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEbWaLVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDIy
NDIwMTIxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2Q0MTZiMDU1YzJk
NGNkNTVjYjc3NzgwMzFiMzAxOWFjMzI4NTQ0MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN5GRkyYNzEZYNV8GzVkqFRpOxBuBHp3YByzRovhFBsZNAID
YbbxvzAWPZ5vJUP6DVv6fk/qpM2oU+Rr5R5HyXZu/AZO7xSpYC9pdTyMGsfPqIAM
1WyhbprUfZbHob2RVvtB+tsyy7Ufqfcvsa8o9DKrx1BTGor1v+V/biLpdXnZuQVu
6EXcADQfdzRgWnyTMyJbPF+ROtxoqTkW8YpYAVsCOlOtFUgVNWoM0PxUfl54ZQtM
kM8Lb+q/VlOrtlC71zBRj6EQMpk8WpaXnggPZGW6Zs1/JjtbNeN+xWhPVjXOYO+O
y1Z2PcGVJEMufEIkO3TC3ULeLsZvM/Md7nb4OokCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQ9QWsFXC1M1Vy3d4AxswGawyhUQTAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L1BVRnJCVnd0VE5WY3QzZUFNYk1CbXNNb1ZFRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQBIcvOwu8On0Zmn8VVTbMh/pbIU8lMky2FzNS1s
4hWP/SkPUJN1n5q6aU3R6/qqDunuoLeFmNqNwqVaWtmyocjmqhKSpN00CD3/cMiw
2SPS2PK5VkfHvdc47HUN9AaUBtSBMoenF+ocgOIydkRmskrOZbdmIWV8Jf6Ma/5i
7F8UVDQd7ascMFxB2xe6yiTn5UUKBo8CGvy56RIuBZpEg477h0VgWYc0NkXbQd8E
8b7rYwx8vayMxx8gncgTNyc8UIM2p34h7LRD85pBDVx557JFWimo4Zevv0ye95S1
lgBLO6zQDnTV6S07mCxSub3oU7OQTr2QuJYjeH6nhVjr7tOk
-----END CERTIFICATE-----
Generated at Thu May 1 09:36:10 2025 by rpki-client