Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PXehFlz7sC0sPFjXIoYoEkYfpew.roa
File: PXehFlz7sC0sPFjXIoYoEkYfpew.roa (raw, json)
Hash identifier: hGtZ/0B5ZqooJqipSgTly0l3AiDP4IO3ktlzmSMF0nU=
Subject key identifier: 3D:77:A1:16:5C:FB:B0:2D:2C:3C:58:D7:22:86:28:12:46:1F:A5:EC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 76FAF507
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PXehFlz7sC0sPFjXIoYoEkYfpew.roa
Signing time: Wed 30 Mar 2022 14:09:27 +0000
ROA not before: Wed 30 Mar 2022 14:09:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64:ffff:0:17f:20ac:a2bd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:17f:87e3:2531/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1996158215 (0x76faf507)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 30 14:09:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d77a1165cfbb02d2c3c58d722862812461fa5ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ea:ec:f9:b0:b5:f2:c7:d6:c7:2a:8f:16:7c:
70:64:1e:ee:e0:ed:98:3a:9a:a1:d1:ff:b8:16:65:
64:ad:c5:f8:f0:95:f8:5f:43:67:a3:46:3d:1c:5b:
68:f8:01:ff:93:e2:af:44:3b:81:2d:cd:80:c6:21:
2a:93:be:85:04:a4:09:31:0d:da:f5:b4:81:c6:82:
3a:f3:7c:27:c6:89:0e:01:c1:b9:1e:cf:31:91:ec:
c4:a6:c7:d3:04:4c:a9:62:e0:8a:69:0d:d8:55:50:
fd:49:39:fa:c4:6e:ef:cf:e4:88:46:f6:a8:13:66:
7d:2f:bc:6b:65:a4:f8:41:17:f1:aa:e4:bf:da:0b:
a4:54:3a:62:6e:0e:eb:54:71:42:95:e4:e6:d7:9b:
3a:26:3e:af:0f:5a:54:e5:75:9f:97:60:8d:5a:ca:
ec:f2:73:8f:9a:96:85:66:9c:6d:60:b4:0c:6e:bc:
10:2f:1e:9e:48:40:d3:59:3b:8c:d2:d5:58:52:f2:
dd:be:74:79:e5:a4:85:b2:34:f3:c5:21:6f:9a:f2:
85:38:2e:f1:5a:27:ca:2b:fc:d2:eb:3f:6c:c1:f8:
f0:a6:e4:a2:b6:10:0c:4f:0b:a4:10:c5:a8:ec:78:
4d:c4:4e:0f:c5:4e:5c:87:2a:8c:41:45:e3:d1:15:
6a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:77:A1:16:5C:FB:B0:2D:2C:3C:58:D7:22:86:28:12:46:1F:A5:EC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PXehFlz7sC0sPFjXIoYoEkYfpew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8f:35:43:db:b6:75:f0:6d:fb:78:02:39:c8:fd:a1:0f:4a:58:
b5:00:ba:9b:af:98:23:a7:bb:7c:fa:cc:b4:43:d5:60:b2:ae:
16:55:34:04:b7:22:cc:d6:78:47:3d:cf:93:7e:b7:e1:7a:e1:
d7:7e:4e:79:07:d2:4f:81:dc:e9:37:92:04:6f:22:60:6b:ef:
33:d3:9e:88:d2:57:0b:f5:c4:69:c8:35:7a:56:49:8a:39:1b:
87:0b:1c:7b:99:b4:51:59:c9:e3:d9:ac:91:d4:8d:ce:a0:74:
61:58:3c:a7:74:50:4b:ba:e1:6e:47:57:f3:33:96:cb:45:eb:
4b:16:66:25:63:fc:12:a3:e3:55:a2:df:5c:2b:93:1f:5c:21:
0c:4c:04:c9:99:36:08:87:bf:77:0f:e1:16:2e:4b:66:28:58:
e6:7c:cd:95:e1:27:f4:81:31:dc:15:53:44:57:d3:4e:81:71:
ce:bc:49:ba:e0:1c:83:ef:7b:b0:5c:37:46:15:d0:72:b9:3e:
0b:d4:28:eb:4f:fb:0f:0e:00:ed:d8:ec:ce:76:52:81:9d:a3:
b6:7a:64:e9:1d:c8:06:49:46:a3:51:91:e1:ef:93:3b:f0:1f:
b3:94:89:42:ff:95:74:a9:e3:e6:74:e7:7a:8e:c7:ce:36:ce:
dc:5e:aa:13
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEdvr1BzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDMz
MDE0MDkyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2Q3N2ExMTY1Y2Zi
YjAyZDJjM2M1OGQ3MjI4NjI4MTI0NjFmYTVlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM7q7PmwtfLH1scqjxZ8cGQe7uDtmDqaodH/uBZlZK3F+PCV
+F9DZ6NGPRxbaPgB/5Pir0Q7gS3NgMYhKpO+hQSkCTEN2vW0gcaCOvN8J8aJDgHB
uR7PMZHsxKbH0wRMqWLgimkN2FVQ/Uk5+sRu78/kiEb2qBNmfS+8a2Wk+EEX8ark
v9oLpFQ6Ym4O61RxQpXk5tebOiY+rw9aVOV1n5dgjVrK7PJzj5qWhWacbWC0DG68
EC8enkhA01k7jNLVWFLy3b50eeWkhbI088Uhb5ryhTgu8Vonyiv80us/bMH48Kbk
orYQDE8LpBDFqOx4TcROD8VOXIcqjEFF49EVag0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQ9d6EWXPuwLSw8WNcihigSRh+l7DAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L1BYZWhGbHo3c0Mwc1BGalhJb1lvRWtZZnBldy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQCPNUPbtnXwbft4AjnI/aEPSli1ALqbr5gjp7t8
+sy0Q9Vgsq4WVTQEtyLM1nhHPc+TfrfheuHXfk55B9JPgdzpN5IEbyJga+8z056I
0lcL9cRpyDV6VkmKORuHCxx7mbRRWcnj2ayR1I3OoHRhWDyndFBLuuFuR1fzM5bL
RetLFmYlY/wSo+NVot9cK5MfXCEMTATJmTYIh793D+EWLktmKFjmfM2V4Sf0gTHc
FVNEV9NOgXHOvEm64ByD73uwXDdGFdByuT4L1CjrT/sPDgDt2OzOdlKBnaO2emTp
HcgGSUajUZHh75M78B+zlIlC/5V0qePmdOd6jsfONs7cXqoT
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:24:59 2025 by rpki-client