Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PWslLAOLb3OjNExa2W63z8K-W_o.roa
File: PWslLAOLb3OjNExa2W63z8K-W_o.roa (raw, json)
Hash identifier: 763h+339KnUc0SpBrrKxy6CdV1XuBPS7pVnp8C/jgeQ=
Subject key identifier: 3D:6B:25:2C:03:8B:6F:73:A3:34:4C:5A:D9:6E:B7:CF:C2:BE:5B:FA
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189BDE3EB5BCC244116C49BE103DB448684
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PWslLAOLb3OjNExa2W63z8K-W_o.roa
Signing time: Fri 04 Aug 2023 00:12:58 +0000
ROA not before: Fri 04 Aug 2023 00:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bd:e3:eb:5b:cc:24:41:16:c4:9b:e1:03:db:44:86:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 4 00:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d6b252c038b6f73a3344c5ad96eb7cfc2be5bfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:53:dd:74:dd:7d:a6:58:0b:86:58:78:72:18:
ee:16:a2:15:43:35:f6:2c:19:2b:70:6e:9b:e7:8b:
c7:d5:7a:72:73:d2:70:f8:57:69:de:28:5e:2e:1f:
7c:9c:ef:57:10:77:a8:f8:47:82:69:41:d5:89:32:
0f:d6:5f:8f:4a:f9:79:d9:96:33:e3:84:3b:02:8d:
fe:2b:a7:46:75:51:e9:86:88:d5:c7:ff:9e:73:ad:
c1:28:f0:fb:1c:9f:f9:09:f0:78:e4:77:9e:93:c9:
ec:bf:a4:2a:df:73:3a:c2:5a:ca:be:f5:90:24:b4:
a8:97:8d:46:53:3b:f7:e2:d9:e8:8a:91:9e:19:a7:
b2:da:32:1c:c5:58:d9:f7:cb:17:6d:0c:03:4f:db:
ae:25:cf:85:fe:00:90:ec:14:68:bc:71:95:96:8e:
34:16:71:e9:0e:23:5d:90:95:40:b9:58:ba:e1:75:
6f:3c:ff:8f:c4:56:75:b4:0e:bf:31:18:b7:c2:e2:
a0:b0:1c:2e:a0:00:4d:de:f6:d8:07:3f:fe:81:28:
7d:9c:88:2d:84:c5:ea:12:25:ab:19:db:b0:0e:2b:
f0:55:69:c3:b2:1e:fd:ac:ca:db:4e:ab:76:6e:7b:
40:5d:94:9d:c7:81:fa:12:e1:39:22:e1:0c:45:bf:
a7:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:6B:25:2C:03:8B:6F:73:A3:34:4C:5A:D9:6E:B7:CF:C2:BE:5B:FA
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PWslLAOLb3OjNExa2W63z8K-W_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
37:8f:e7:35:fe:6b:80:5b:af:4c:fb:9a:00:74:51:68:bb:7b:
da:e3:16:1c:97:9e:ce:9f:cc:5b:84:72:0a:cf:11:36:1d:53:
82:3a:45:c3:7e:9d:44:81:cf:2a:10:f5:6b:81:19:ac:b0:be:
f9:67:29:3a:e8:b0:d5:b6:7c:4d:d3:e1:d0:9b:3b:13:fe:33:
dc:9e:1f:47:38:62:8e:3b:8b:ae:27:81:a5:8f:5d:ff:b9:91:
01:bd:dd:54:c0:d2:a6:ea:fb:a4:ec:01:c3:eb:bb:cf:77:b1:
89:3b:a6:9a:a2:ce:65:24:89:0c:55:bb:b0:d3:d6:44:9b:7c:
d3:c7:a6:60:24:b4:17:0f:aa:47:f7:f8:ed:19:c8:50:0e:ca:
81:b9:56:55:56:46:c1:f9:34:eb:a9:5b:c4:e9:d8:9a:0d:de:
46:a6:c4:cd:48:a0:28:29:72:03:c5:6c:b3:5c:ea:cd:20:e1:
18:85:5a:be:79:bb:10:e1:e1:88:1d:22:ad:6e:b1:43:52:bc:
e3:1a:75:6c:6d:07:61:08:3c:cf:59:f0:79:ab:09:c9:40:19:
d8:06:80:50:54:e9:3d:7c:2c:fc:79:0f:cf:ee:a5:20:76:a4:
19:9c:10:54:6c:2a:73:c4:4b:3d:ec:90:03:b6:a8:97:13:bc:
00:b2:b6:e3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYm94+tbzCRBFsSb4QPbRIaEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA0MDAxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDZiMjUyYzAzOGI2ZjczYTMzNDRjNWFkOTZlYjdjZmMyYmU1YmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlPddN19plgLhlh4chjuFqIVQzX2
LBkrcG6b54vH1Xpyc9Jw+Fdp3iheLh98nO9XEHeo+EeCaUHViTIP1l+PSvl52ZYz
44Q7Ao3+K6dGdVHphojVx/+ec63BKPD7HJ/5CfB45Heek8nsv6Qq33M6wlrKvvWQ
JLSol41GUzv34tnoipGeGaey2jIcxVjZ98sXbQwDT9uuJc+F/gCQ7BRovHGVlo40
FnHpDiNdkJVAuVi64XVvPP+PxFZ1tA6/MRi3wuKgsBwuoABN3vbYBz/+gSh9nIgt
hMXqEiWrGduwDivwVWnDsh79rMrbTqt2bntAXZSdx4H6EuE5IuEMRb+nzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD1rJSwDi29zozRMWtlut8/Cvlv6MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUFdzbExBT0xiM09qTkV4YTJXNjN6OEstV19vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADeP5zX+a4Bbr0z7mgB0
UWi7e9rjFhyXns6fzFuEcgrPETYdU4I6RcN+nUSBzyoQ9WuBGaywvvlnKTrosNW2
fE3T4dCbOxP+M9yeH0c4Yo47i64ngaWPXf+5kQG93VTA0qbq+6TsAcPru893sYk7
ppqizmUkiQxVu7DT1kSbfNPHpmAktBcPqkf3+O0ZyFAOyoG5VlVWRsH5NOupW8Tp
2JoN3kamxM1IoCgpcgPFbLNc6s0g4RiFWr55uxDh4YgdIq1usUNSvOMadWxtB2EI
PM9Z8HmrCclAGdgGgFBU6T18LPx5D8/upSB2pBmcEFRsKnPESz3skAO2qJcTvACy
tuM=
-----END CERTIFICATE-----
Generated at Wed Apr 30 23:44:55 2025 by rpki-client