Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PXks5oY38fM5z34myDJvCTA9XDQ.roa
File: PXks5oY38fM5z34myDJvCTA9XDQ.roa (raw, json)
Hash identifier: YfNxEX4Y7L5m2/OE3yV43j1LoJhSj6JJRFTPktotJds=
Subject key identifier: 3D:79:2C:E6:86:37:F1:F3:39:CF:7E:26:C8:32:6F:09:30:3D:5C:34
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018368212EBD2EE7552CC0401B08DC00ACAE
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PXks5oY38fM5z34myDJvCTA9XDQ.roa
Signing time: Fri 23 Sep 2022 02:15:48 +0000
ROA not before: Fri 23 Sep 2022 02:15:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:183:50b3:5643/128 maxlen: 128
2001:67c:64:ffff:0:183:5f81:ab13/128 maxlen: 128
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:183:1279:659d/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:68:21:2e:bd:2e:e7:55:2c:c0:40:1b:08:dc:00:ac:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 23 02:15:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d792ce68637f1f339cf7e26c8326f09303d5c34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:7a:05:34:59:d5:0c:e5:4c:a3:f8:b6:87:72:
4c:71:43:df:d9:42:44:8e:c0:c9:db:96:de:9d:06:
77:58:2d:bd:a9:31:cb:38:a0:03:dc:ba:87:6e:c2:
1d:1f:a1:49:cc:73:40:e9:d2:7e:0d:ec:23:22:d1:
3c:4b:07:f8:4d:db:51:8c:db:88:00:4a:7f:f5:12:
bd:e2:bc:f8:45:24:90:e3:5b:87:8c:67:96:b1:fd:
0b:5d:42:a3:b4:5b:fa:25:f3:46:52:70:7a:d8:5d:
d4:b9:e1:46:34:42:b5:ef:b3:2c:0a:ad:6f:7c:80:
11:28:40:8f:9d:42:e5:7b:5b:08:e7:49:5c:e2:02:
53:b7:d6:98:0c:8a:70:4c:8d:4d:01:53:f9:38:28:
e3:a1:4e:b2:87:c6:52:55:60:2b:f8:8c:3c:ec:02:
45:ae:a9:3f:45:15:7a:a9:f6:24:a8:63:71:5e:a9:
22:3a:11:2e:b8:38:88:48:c9:48:4d:e4:f4:63:7f:
65:ee:15:45:67:8c:64:d9:f0:03:fb:50:24:7b:c2:
03:d4:d5:bd:42:e1:38:b0:61:7a:bd:53:fd:bf:c9:
48:60:2d:2b:55:a3:81:c1:45:00:ac:38:3b:da:a0:
5f:a2:c0:a9:d4:d8:29:1a:40:36:4c:c5:c0:38:08:
28:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:79:2C:E6:86:37:F1:F3:39:CF:7E:26:C8:32:6F:09:30:3D:5C:34
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PXks5oY38fM5z34myDJvCTA9XDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
16:76:fd:b6:ef:31:ec:16:48:9e:2d:fb:bc:17:74:68:4e:ae:
26:cd:af:41:ec:7d:de:cb:03:d4:af:60:97:c0:7b:8b:ed:21:
9c:e6:24:77:9a:61:89:6f:66:6d:f9:f9:c5:44:3f:cd:f2:96:
92:ff:bc:1b:32:28:fa:a2:f5:99:cc:19:64:8d:c7:3a:78:b1:
2d:65:9e:d9:70:4b:b9:c5:ac:7f:f8:86:ff:15:cb:8a:70:9d:
9f:27:f8:b7:45:e4:bd:b3:d2:56:cd:c2:7f:f4:43:a4:0a:0d:
36:f1:e7:db:0b:2c:be:de:fd:2c:72:da:a9:7e:b4:ad:b7:eb:
2b:f2:6b:e3:93:5b:f5:95:bb:5b:e7:c2:ef:15:94:48:f6:fe:
b0:57:40:22:97:0b:4a:6e:56:c1:e9:35:ec:3e:bf:88:15:67:
34:b2:33:1d:59:58:ba:b9:5a:90:9e:87:18:ef:28:bf:77:60:
93:81:68:17:b1:66:cd:dd:03:0d:fe:81:76:43:e8:ac:1d:c3:
9d:91:79:0a:78:09:5e:1c:9d:fd:0c:ae:ef:03:2e:2a:80:d0:
97:e3:b8:db:86:4a:0e:46:89:a9:ef:7e:20:19:40:fa:67:95:
70:50:1d:2d:aa:80:14:18:fa:4c:a8:16:68:45:0d:9d:aa:80:
c4:62:31:d7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYNoIS69LudVLMBAGwjcAKyuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTIzMDIxNTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDc5MmNlNjg2MzdmMWYzMzljZjdlMjZjODMyNmYwOTMwM2Q1YzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinoFNFnVDOVMo/i2h3JMcUPf2UJE
jsDJ25benQZ3WC29qTHLOKAD3LqHbsIdH6FJzHNA6dJ+DewjItE8Swf4TdtRjNuI
AEp/9RK94rz4RSSQ41uHjGeWsf0LXUKjtFv6JfNGUnB62F3UueFGNEK177MsCq1v
fIARKECPnULle1sI50lc4gJTt9aYDIpwTI1NAVP5OCjjoU6yh8ZSVWAr+Iw87AJF
rqk/RRV6qfYkqGNxXqkiOhEuuDiISMlITeT0Y39l7hVFZ4xk2fAD+1Ake8ID1NW9
QuE4sGF6vVP9v8lIYC0rVaOBwUUArDg72qBfosCp1NgpGkA2TMXAOAgogQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD15LOaGN/HzOc9+JsgybwkwPVw0MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUFhrczVvWTM4Zk01ejM0bXlESnZDVEE5WERRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABZ2/bbvMewWSJ4t+7wX
dGhOribNr0Hsfd7LA9SvYJfAe4vtIZzmJHeaYYlvZm35+cVEP83ylpL/vBsyKPqi
9ZnMGWSNxzp4sS1lntlwS7nFrH/4hv8Vy4pwnZ8n+LdF5L2z0lbNwn/0Q6QKDTbx
59sLLL7e/Sxy2ql+tK236yvya+OTW/WVu1vnwu8VlEj2/rBXQCKXC0puVsHpNew+
v4gVZzSyMx1ZWLq5WpCehxjvKL93YJOBaBexZs3dAw3+gXZD6Kwdw52ReQp4CV4c
nf0Mru8DLiqA0JfjuNuGSg5GianvfiAZQPpnlXBQHS2qgBQY+kyoFmhFDZ2qgMRi
Mdc=
-----END CERTIFICATE-----
Generated at Fri May 2 21:34:23 2025 by rpki-client