Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PXAYWQLBblP7w4PPUX2j5xeH0N8.roa
File: PXAYWQLBblP7w4PPUX2j5xeH0N8.roa (raw, json)
Hash identifier: FCtQDXtMXJrojDfO3c1jysZM/wpw+rg5sBES3+G/gRc=
Subject key identifier: 3D:70:18:59:02:C1:6E:53:FB:C3:83:CF:51:7D:A3:E7:17:87:D0:DF
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A28FCA2388B2EA9F9EBDAF2B827580FEC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PXAYWQLBblP7w4PPUX2j5xeH0N8.roa
Signing time: Thu 24 Aug 2023 19:19:19 +0000
ROA not before: Thu 24 Aug 2023 19:19:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:28:fc:a2:38:8b:2e:a9:f9:eb:da:f2:b8:27:58:0f:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 24 19:19:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d70185902c16e53fbc383cf517da3e71787d0df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e3:1a:15:bc:72:df:3b:ca:96:39:76:a2:08:
c0:36:c1:66:6c:8d:1b:f5:72:bf:cb:40:d8:93:cc:
6e:d9:6e:1f:67:08:1b:37:89:11:ec:f8:ef:e0:58:
25:cf:bd:d5:98:5b:a2:3a:c7:30:07:23:8d:02:2e:
2f:e8:70:60:db:23:65:cf:61:14:9f:db:70:8f:e6:
f2:6b:f5:c8:6e:6c:3d:4e:43:c0:29:0d:14:9f:0c:
67:c5:a6:51:ad:57:78:e2:4c:98:df:b6:26:23:11:
2a:9f:98:03:03:c1:4e:7a:ef:4d:24:2c:0d:00:38:
09:bb:3d:bf:86:1b:06:22:fa:86:41:e6:b3:24:43:
38:66:2b:50:59:c6:84:3e:f9:00:85:5f:c8:d8:60:
6c:cc:24:52:1d:13:dc:e2:72:ae:ef:17:a7:4a:92:
f9:46:47:75:77:d9:42:1b:f2:9d:61:90:30:84:a1:
8b:46:64:85:db:aa:8d:26:67:a4:dd:fc:1b:9b:8a:
bf:30:cf:f5:c5:2c:bd:fc:0f:c4:0e:e6:47:ae:9c:
84:d6:0f:fc:09:c9:99:21:7d:a6:e1:f6:da:45:c7:
b6:59:76:89:61:87:cb:4b:35:c3:a1:30:95:e1:4d:
db:77:8e:95:c0:44:2b:c6:92:c4:c6:14:91:f2:e0:
1e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:70:18:59:02:C1:6E:53:FB:C3:83:CF:51:7D:A3:E7:17:87:D0:DF
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PXAYWQLBblP7w4PPUX2j5xeH0N8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
16:c9:3f:b0:e8:84:55:ee:61:37:ce:50:7f:c3:eb:36:2e:08:
27:e6:65:8a:b1:f3:7b:87:cf:d3:78:11:e0:fb:7f:be:f1:7d:
5d:ce:60:81:f0:c1:6d:54:c1:83:1d:74:1e:75:63:9e:1b:c7:
0b:82:c1:38:b9:3b:58:6b:98:35:28:09:4f:91:67:cc:f9:18:
b6:66:32:f6:04:49:3c:89:a9:26:2d:19:db:3c:58:91:49:e2:
af:32:a0:6f:88:3f:64:67:18:0e:07:d7:74:e9:b3:68:de:ef:
5c:74:8b:44:39:4e:ed:18:d2:ff:fa:c7:b7:85:0b:9b:97:b7:
6a:d6:f7:d3:c1:80:bd:cf:30:43:6d:e7:19:f4:50:ee:3e:1c:
9c:ee:9b:cc:9f:3d:bb:2f:50:11:8b:b1:7e:ac:1d:6d:36:e8:
db:ae:a2:69:14:60:a3:8e:3e:30:e1:fe:94:ff:95:f6:46:4f:
83:a4:b5:98:6b:ab:23:f4:33:aa:68:9b:de:6b:48:f0:56:78:
76:48:1a:b0:28:d4:64:8e:2e:f6:ab:b3:ae:7a:02:cf:3e:bf:
cd:56:24:84:16:c0:bf:3f:b6:9b:f2:5a:e2:55:b7:eb:77:b2:
3b:fb:e8:1f:36:42:49:fc:96:fa:a5:6f:21:55:24:3e:2e:84:
3c:4c:e5:7a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoo/KI4iy6p+eva8rgnWA/sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI0MTkxOTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDcwMTg1OTAyYzE2ZTUzZmJjMzgzY2Y1MTdkYTNlNzE3ODdkMGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0eMaFbxy3zvKljl2ogjANsFmbI0b
9XK/y0DYk8xu2W4fZwgbN4kR7Pjv4Fglz73VmFuiOscwByONAi4v6HBg2yNlz2EU
n9twj+bya/XIbmw9TkPAKQ0UnwxnxaZRrVd44kyY37YmIxEqn5gDA8FOeu9NJCwN
ADgJuz2/hhsGIvqGQeazJEM4ZitQWcaEPvkAhV/I2GBszCRSHRPc4nKu7xenSpL5
Rkd1d9lCG/KdYZAwhKGLRmSF26qNJmek3fwbm4q/MM/1xSy9/A/EDuZHrpyE1g/8
CcmZIX2m4fbaRce2WXaJYYfLSzXDoTCV4U3bd46VwEQrxpLExhSR8uAeAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD1wGFkCwW5T+8ODz1F9o+cXh9DfMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUFhBWVdRTEJibFA3dzRQUFVYMmo1eGVIME44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABbJP7DohFXuYTfOUH/D
6zYuCCfmZYqx83uHz9N4EeD7f77xfV3OYIHwwW1UwYMddB51Y54bxwuCwTi5O1hr
mDUoCU+RZ8z5GLZmMvYESTyJqSYtGds8WJFJ4q8yoG+IP2RnGA4H13Tps2je71x0
i0Q5Tu0Y0v/6x7eFC5uXt2rW99PBgL3PMENt5xn0UO4+HJzum8yfPbsvUBGLsX6s
HW026NuuomkUYKOOPjDh/pT/lfZGT4OktZhrqyP0M6pom95rSPBWeHZIGrAo1GSO
Lvars656As8+v81WJIQWwL8/tpvyWuJVt+t3sjv76B82Qkn8lvqlbyFVJD4uhDxM
5Xo=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:28:00 2025 by rpki-client