Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PbJeVUKypG3b4JG_EmR1xWvgwVg.roa
File: PbJeVUKypG3b4JG_EmR1xWvgwVg.roa (raw, json)
Hash identifier: kRenCnxyQlrqitW6tDPuH5lnyDRYvNbhgvcJ8kMWi/8=
Subject key identifier: 3D:B2:5E:55:42:B2:A4:6D:DB:E0:91:BF:12:64:75:C5:6B:E0:C1:58
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 804C644C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PbJeVUKypG3b4JG_EmR1xWvgwVg.roa
Signing time: Mon 02 May 2022 02:09:59 +0000
ROA not before: Mon 02 May 2022 02:09:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2152490060 (0x804c644c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 2 02:09:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3db25e5542b2a46ddbe091bf126475c56be0c158
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:96:6c:e2:fd:fe:62:44:39:45:e9:1e:bb:58:
a1:76:dd:07:32:68:c7:28:a9:f6:2b:bb:fb:b4:6b:
b2:a5:43:ab:66:00:98:a2:5a:cd:49:67:f1:fa:d7:
58:82:9f:6d:21:67:21:1f:ce:d9:1f:9f:49:05:63:
8a:75:da:10:c0:e8:4e:39:f2:29:ce:c0:9d:19:1c:
d9:61:85:fb:5b:d1:7f:53:27:74:ac:cb:dc:59:8f:
16:88:97:7c:91:61:d8:11:f7:2c:8a:80:ab:31:6b:
3b:dc:61:3b:f3:da:3f:bf:0b:90:8a:fc:24:aa:6d:
a3:fa:2e:3d:38:b8:f6:5f:ce:92:e0:3c:1d:2d:8c:
c4:f5:4e:28:52:ee:a5:cd:67:c8:3d:b5:92:c8:dc:
49:a4:81:5f:5c:21:46:16:8f:9b:02:63:ba:2b:0e:
0f:76:d0:1b:08:d6:45:28:2d:3c:61:21:bf:ed:b2:
ef:72:0b:a9:1e:be:6b:e9:6e:ea:61:61:c6:55:6c:
85:8d:81:0d:57:e4:cf:db:ba:a1:0a:99:cf:64:ce:
3e:87:e1:9f:4f:ca:1f:df:c9:94:fe:cf:af:97:2c:
8d:fb:4e:2a:bc:27:2a:cb:06:3d:90:32:7f:c0:46:
8a:1c:06:78:e3:ee:62:aa:1c:9d:3c:01:24:8a:05:
3d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B2:5E:55:42:B2:A4:6D:DB:E0:91:BF:12:64:75:C5:6B:E0:C1:58
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PbJeVUKypG3b4JG_EmR1xWvgwVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:06:d5:ac:34:34:8f:b4:01:af:14:db:f2:6b:a8:6d:c2:32:
c2:57:28:e1:8f:1e:ee:8c:03:ab:e9:23:2d:7d:3c:72:54:20:
e8:35:ce:de:0f:89:ec:c5:7c:ff:f6:ab:58:39:fc:db:8a:47:
2c:7f:f2:73:ce:41:5e:94:a6:f2:c3:02:9a:97:4c:3d:a0:1f:
73:24:ee:e3:e1:78:a2:d5:f3:b7:06:a1:99:1a:2c:31:1e:6d:
e4:69:0a:ad:da:69:ed:82:0a:b9:b7:9a:fd:81:c2:50:b5:37:
44:fe:27:ce:49:32:2d:f4:d1:53:0b:f7:8c:f7:28:04:47:60:
ca:5e:ca:dd:c9:cb:32:dc:fc:c0:0d:11:d0:dd:99:0f:8a:f4:
fd:b8:24:d4:1c:c8:21:ff:7b:cf:dc:5a:da:57:f8:39:8f:d8:
a4:4a:25:34:86:52:49:8c:d4:3c:e1:e7:0d:3b:c2:e2:03:01:
18:57:75:d6:2d:83:f5:60:24:61:51:c8:36:a6:8b:ba:9f:2e:
9a:6d:55:ef:c1:3d:9a:a4:bc:08:62:0a:19:fa:26:aa:bf:d6:
12:bf:57:a2:f8:b3:fa:d7:15:59:a3:76:55:ae:38:1f:89:31:
09:82:0f:42:fb:72:ec:de:17:42:89:e9:93:9f:18:c5:45:05:
9c:bc:16:d4
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIBMZEwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MDIwMjA5NTlaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDNkYjI1ZTU1NDJi
MmE0NmRkYmUwOTFiZjEyNjQ3NWM1NmJlMGMxNTgwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC6lmzi/f5iRDlF6R67WKF23QcyaMcoqfYru/u0a7KlQ6tm
AJiiWs1JZ/H611iCn20hZyEfztkfn0kFY4p12hDA6E458inOwJ0ZHNlhhftb0X9T
J3Ssy9xZjxaIl3yRYdgR9yyKgKsxazvcYTvz2j+/C5CK/CSqbaP6Lj04uPZfzpLg
PB0tjMT1TihS7qXNZ8g9tZLI3EmkgV9cIUYWj5sCY7orDg920BsI1kUoLTxhIb/t
su9yC6kevmvpbuphYcZVbIWNgQ1X5M/buqEKmc9kzj6H4Z9Pyh/fyZT+z6+XLI37
Tiq8JyrLBj2QMn/ARoocBnjj7mKqHJ08ASSKBT1DAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUPbJeVUKypG3b4JG/EmR1xWvgwVgwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9QYkplVlVLeXBHM2I0SkdfRW1SMXhXdmd3Vmcucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAAgbVrDQ0j7QBrxTb8muobcIywlco4Y8e7owD
q+kjLX08clQg6DXO3g+J7MV8//arWDn824pHLH/yc85BXpSm8sMCmpdMPaAfcyTu
4+F4otXztwahmRosMR5t5GkKrdpp7YIKubea/YHCULU3RP4nzkkyLfTRUwv3jPco
BEdgyl7K3cnLMtz8wA0R0N2ZD4r0/bgk1BzIIf97z9xa2lf4OY/YpEolNIZSSYzU
POHnDTvC4gMBGFd11i2D9WAkYVHINqaLup8umm1V78E9mqS8CGIKGfomqr/WEr9X
oviz+tcVWaN2Va44H4kxCYIPQvty7N4XQonpk58YxUUFnLwW1A==
-----END CERTIFICATE-----
Generated at Thu May 1 09:46:57 2025 by rpki-client