Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PXXP42ovzMvOmiaaJg83Fne1T7s.roa
File: PXXP42ovzMvOmiaaJg83Fne1T7s.roa (raw, json)
Hash identifier: tuec/FPvCbIuvSygMYexwOm2vsp5R5ziu9d6hD9plyk=
Subject key identifier: 3D:75:CF:E3:6A:2F:CC:CB:CE:9A:26:9A:26:0F:37:16:77:B5:4F:BB
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018843CB1D94A78AECC74F26CD55A2488DE0
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PXXP42ovzMvOmiaaJg83Fne1T7s.roa
Signing time: Mon 22 May 2023 14:09:24 +0000
ROA not before: Mon 22 May 2023 14:09:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:43:cb:1d:94:a7:8a:ec:c7:4f:26:cd:55:a2:48:8d:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 22 14:09:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d75cfe36a2fcccbce9a269a260f371677b54fbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:41:14:dc:78:38:e0:02:ed:7f:5a:1f:71:8e:
17:a2:c6:0b:d7:26:a9:f6:8b:bb:7c:95:77:94:65:
13:1f:ad:82:eb:38:51:fd:c3:4e:58:32:e4:73:93:
ad:4f:17:15:61:7a:9e:04:67:60:6b:66:82:94:df:
95:fb:66:87:80:b5:2e:fd:6d:96:25:22:14:52:b0:
cb:a3:e8:99:27:c2:cf:61:23:8d:47:e1:ea:bf:6e:
35:50:66:12:a7:25:d3:16:c1:6f:d6:9a:c7:4c:ec:
b5:32:1c:85:4f:d2:77:4a:de:74:3c:a8:1a:5d:e9:
33:37:35:57:25:73:33:f8:e6:32:5b:07:60:7f:5f:
83:ef:ac:64:27:d7:b7:3b:52:e7:89:d9:23:e7:f1:
61:44:fe:38:e2:7f:2d:5f:0a:88:be:c7:03:82:1f:
16:86:af:4e:a1:25:5e:9f:65:4f:55:64:59:8e:a4:
a2:c5:58:f4:12:f6:33:f6:4a:4c:c4:a8:3e:39:76:
a8:66:92:41:f0:22:fc:a9:af:b3:97:98:a4:d8:be:
98:b5:2e:3b:48:28:63:96:77:f3:2b:9a:93:32:81:
41:dc:30:4a:2c:65:93:28:fd:b1:20:2d:10:b5:e9:
e7:18:f7:3b:fe:64:8e:d2:ff:19:2b:34:8e:5f:0b:
1d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:75:CF:E3:6A:2F:CC:CB:CE:9A:26:9A:26:0F:37:16:77:B5:4F:BB
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PXXP42ovzMvOmiaaJg83Fne1T7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
62:b0:dc:9d:a1:eb:d1:1d:15:21:7e:33:8b:cb:a8:21:29:5d:
ef:27:67:dd:68:7c:30:5f:b7:26:e7:ea:e6:53:9a:25:29:98:
c0:5b:a6:0f:73:34:d8:4c:8b:f9:7c:c4:1a:95:97:bc:6d:08:
40:72:25:c2:d2:12:7d:94:32:96:49:1d:aa:dd:29:b1:74:d8:
4e:ff:b2:55:b3:0b:29:ac:f7:75:e5:8c:02:f7:c5:87:e0:6d:
12:81:68:a7:70:f3:0d:85:f4:10:fa:20:0c:01:dd:6f:5c:54:
23:02:bc:73:b9:13:95:9f:9f:83:f8:da:d1:bc:46:9e:23:3c:
6e:fe:66:42:6b:ab:e7:67:e6:b4:4a:af:15:69:32:c1:46:5f:
b5:24:35:2f:39:17:1f:e3:14:97:44:e6:9e:22:60:d2:f6:51:
23:3f:8b:9e:b5:15:50:f8:22:b1:ab:df:8d:c3:6a:c2:b7:77:
2b:59:61:9b:d1:18:c4:fd:24:38:a5:07:5b:c0:ab:7f:41:ff:
42:0b:d4:06:0e:b6:94:4f:78:bb:f0:3d:67:94:8c:46:5e:77:
f7:1f:98:6d:18:d0:c3:90:8d:48:af:ae:a9:65:50:c7:89:d4:
07:57:3d:99:7a:b3:73:d2:b4:fc:5b:95:06:4d:ec:b2:90:f3:
53:17:c3:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYhDyx2Up4rsx08mzVWiSI3gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTIyMTQwOTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDc1Y2ZlMzZhMmZjY2NiY2U5YTI2OWEyNjBmMzcxNjc3YjU0ZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkEU3Hg44ALtf1ofcY4XosYL1yap
9ou7fJV3lGUTH62C6zhR/cNOWDLkc5OtTxcVYXqeBGdga2aClN+V+2aHgLUu/W2W
JSIUUrDLo+iZJ8LPYSONR+Hqv241UGYSpyXTFsFv1prHTOy1MhyFT9J3St50PKga
XekzNzVXJXMz+OYyWwdgf1+D76xkJ9e3O1Lnidkj5/FhRP444n8tXwqIvscDgh8W
hq9OoSVen2VPVWRZjqSixVj0EvYz9kpMxKg+OXaoZpJB8CL8qa+zl5ik2L6YtS47
SChjlnfzK5qTMoFB3DBKLGWTKP2xIC0QtennGPc7/mSO0v8ZKzSOXwsdMQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD11z+NqL8zLzpommiYPNxZ3tU+7MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUFhYUDQyb3Z6TXZPbWlhYUpnODNGbmUxVDdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGKw3J2h69EdFSF+M4vL
qCEpXe8nZ91ofDBftybn6uZTmiUpmMBbpg9zNNhMi/l8xBqVl7xtCEByJcLSEn2U
MpZJHardKbF02E7/slWzCyms93XljAL3xYfgbRKBaKdw8w2F9BD6IAwB3W9cVCMC
vHO5E5Wfn4P42tG8Rp4jPG7+ZkJrq+dn5rRKrxVpMsFGX7UkNS85Fx/jFJdE5p4i
YNL2USM/i561FVD4IrGr343DasK3dytZYZvRGMT9JDilB1vAq39B/0IL1AYOtpRP
eLvwPWeUjEZed/cfmG0Y0MOQjUivrqllUMeJ1AdXPZl6s3PStPxblQZN7LKQ81MX
wyQ=
-----END CERTIFICATE-----
Generated at Fri May 2 14:13:55 2025 by rpki-client