Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PbPhEwDlpSHOB9pgT5KJcXaY1Bc.roa
File: PbPhEwDlpSHOB9pgT5KJcXaY1Bc.roa (raw, json)
Hash identifier: 5G/TWXsUBfGTTkkm7ZV8Sb23NqxLSrHRykW7Za6/8JU=
Subject key identifier: 3D:B3:E1:13:00:E5:A5:21:CE:07:DA:60:4F:92:89:71:76:98:D4:17
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185ED917F7079ED4F30088E432B965C3D06
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PbPhEwDlpSHOB9pgT5KJcXaY1Bc.roa
Signing time: Thu 26 Jan 2023 10:13:33 +0000
ROA not before: Thu 26 Jan 2023 10:13:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ed:91:7f:70:79:ed:4f:30:08:8e:43:2b:96:5c:3d:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 26 10:13:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3db3e11300e5a521ce07da604f9289717698d417
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:84:b2:96:06:7e:51:75:53:0e:41:e6:a1:85:
d5:3d:69:4b:54:84:2e:40:9f:fc:e3:8d:6b:85:85:
57:ef:18:5e:cd:77:a5:d4:d4:df:10:b8:42:2a:fb:
b5:6d:12:99:aa:f2:d2:f3:7f:1b:46:eb:3f:ec:58:
a3:e9:91:6b:0f:1b:50:66:fd:cb:6e:ff:1b:5c:bc:
e0:7e:52:64:cf:60:9a:c3:9e:df:06:70:53:bf:1b:
a2:35:25:d4:f9:5c:b6:e3:63:2d:dc:4a:30:29:2b:
7c:3d:8c:5a:29:af:ab:f5:5d:2b:f6:31:43:17:c6:
fd:c4:2c:f3:0f:15:67:94:66:b2:f1:d5:25:fc:a0:
3c:b5:26:cc:39:79:6d:d3:1c:dd:21:dc:36:bb:e9:
74:30:df:17:6a:cc:42:67:49:05:b4:43:49:8e:bc:
21:ed:a2:ce:b9:1d:37:91:4e:ff:e4:31:c6:e3:33:
0c:2b:18:79:84:57:4f:50:8d:4e:24:a8:30:64:e3:
6e:38:40:4f:35:a1:f8:0e:52:dd:78:da:bf:36:fd:
96:e0:78:31:13:e8:11:d3:2f:09:ef:3a:07:3c:69:
59:d7:fe:b0:a3:77:86:aa:42:6f:e0:9c:f5:af:b7:
d5:94:cd:19:15:a3:32:21:52:a3:18:8b:8d:a1:90:
e7:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B3:E1:13:00:E5:A5:21:CE:07:DA:60:4F:92:89:71:76:98:D4:17
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PbPhEwDlpSHOB9pgT5KJcXaY1Bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9f:72:2e:ae:ae:7d:83:7c:35:22:ff:ea:37:ba:17:9c:b0:0a:
da:a8:9e:31:68:72:61:6c:86:a9:b9:aa:6a:3f:cf:ca:9d:a3:
fb:de:31:6c:14:c6:e1:79:c2:a0:43:d8:5b:83:d3:03:bc:1f:
f3:5d:86:36:94:c1:5d:d7:38:c6:c9:07:cd:77:35:00:26:36:
ed:10:8d:78:b5:3b:85:a0:20:c4:05:54:cd:33:8a:7b:a5:c4:
3f:16:0d:14:5e:8f:a0:61:a9:9b:f8:ad:27:4d:3c:65:58:fb:
a8:ec:74:da:05:15:81:2f:1c:66:8d:d4:8b:01:c9:92:8b:0b:
14:59:8d:36:41:f4:54:59:34:6a:8f:6d:d5:4f:52:53:de:6b:
fb:08:2d:b9:d4:2e:59:4d:35:70:6e:f8:af:bf:f6:ae:7a:72:
63:3f:ad:53:99:1c:6d:d8:0a:48:c8:c7:0c:12:73:25:dc:41:
70:bc:b7:3f:f3:9a:10:66:70:30:b7:2e:d3:91:1d:f3:80:17:
b1:2d:9a:a1:b2:0c:28:88:01:37:4e:b1:86:67:87:1a:d1:49:
74:53:12:26:db:ef:8d:eb:49:c9:4f:83:71:34:cf:ff:52:a4:
12:bb:0e:0c:fa:60:da:f1:97:72:b0:26:fd:7a:0c:82:59:a9:
51:cd:46:38
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXtkX9wee1PMAiOQyuWXD0GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTI2MTAxMzMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGIzZTExMzAwZTVhNTIxY2UwN2RhNjA0ZjkyODk3MTc2OThkNDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4SylgZ+UXVTDkHmoYXVPWlLVIQu
QJ/8441rhYVX7xhezXel1NTfELhCKvu1bRKZqvLS838bRus/7Fij6ZFrDxtQZv3L
bv8bXLzgflJkz2Caw57fBnBTvxuiNSXU+Vy242Mt3EowKSt8PYxaKa+r9V0r9jFD
F8b9xCzzDxVnlGay8dUl/KA8tSbMOXlt0xzdIdw2u+l0MN8XasxCZ0kFtENJjrwh
7aLOuR03kU7/5DHG4zMMKxh5hFdPUI1OJKgwZONuOEBPNaH4DlLdeNq/Nv2W4Hgx
E+gR0y8J7zoHPGlZ1/6wo3eGqkJv4Jz1r7fVlM0ZFaMyIVKjGIuNoZDnZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD2z4RMA5aUhzgfaYE+SiXF2mNQXMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUGJQaEV3RGxwU0hPQjlwZ1Q1S0pjWGFZMUJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ9yLq6ufYN8NSL/6je6
F5ywCtqonjFocmFshqm5qmo/z8qdo/veMWwUxuF5wqBD2FuD0wO8H/NdhjaUwV3X
OMbJB813NQAmNu0QjXi1O4WgIMQFVM0zinulxD8WDRRej6BhqZv4rSdNPGVY+6js
dNoFFYEvHGaN1IsByZKLCxRZjTZB9FRZNGqPbdVPUlPea/sILbnULllNNXBu+K+/
9q56cmM/rVOZHG3YCkjIxwwScyXcQXC8tz/zmhBmcDC3LtORHfOAF7EtmqGyDCiI
ATdOsYZnhxrRSXRTEibb743rSclPg3E0z/9SpBK7Dgz6YNrxl3KwJv16DIJZqVHN
Rjg=
-----END CERTIFICATE-----
Generated at Thu May 1 03:13:37 2025 by rpki-client