Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PbnJC4caAg0o3PW_2u9IxC2gV-8.roa
File: PbnJC4caAg0o3PW_2u9IxC2gV-8.roa (raw, json)
Hash identifier: xnsZU1IF9s6KoEEd9gUjk2xiscB/N3eeZLIXhP0npAk=
Subject key identifier: 3D:B9:C9:0B:87:1A:02:0D:28:DC:F5:BF:DA:EF:48:C4:2D:A0:57:EF
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018654BF1102B78F4184E3919C4507C3EF38
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PbnJC4caAg0o3PW_2u9IxC2gV-8.roa
Signing time: Wed 15 Feb 2023 11:04:13 +0000
ROA not before: Wed 15 Feb 2023 11:04:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:54bf:10e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:54:bf:11:02:b7:8f:41:84:e3:91:9c:45:07:c3:ef:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 15 11:04:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3db9c90b871a020d28dcf5bfdaef48c42da057ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:58:93:7b:1f:a1:39:cb:4f:ee:14:35:2b:35:
bb:97:8e:43:c5:72:31:0e:5d:36:f3:47:34:05:37:
5f:55:fd:4c:09:36:94:3b:74:45:4e:12:0e:d0:79:
f8:eb:73:ae:87:03:a3:64:cf:d2:09:74:e0:8b:18:
79:e9:21:d9:2b:6d:11:9f:b7:4c:e6:a7:84:73:fe:
99:b2:ee:ca:a8:cd:97:3b:43:0a:1a:b4:7e:f5:07:
dc:dc:34:3f:8c:48:ff:50:56:ee:05:b0:07:7f:4d:
fc:b7:bc:36:12:be:eb:7e:37:73:5b:9b:a8:4d:9d:
5f:d7:85:9c:6d:37:a4:e2:1c:07:2c:cd:fd:a7:61:
91:9a:75:0f:88:81:66:0a:ca:65:06:76:13:1a:b9:
0d:40:e2:dd:4f:84:4e:ad:07:46:1b:34:be:05:02:
2c:61:16:45:f5:ec:ad:40:ec:3b:22:4d:b1:8f:e6:
48:85:cb:25:be:a3:c3:61:30:87:ec:28:20:0f:92:
bb:0d:53:5d:3f:ee:41:52:d1:5c:08:16:e9:02:b6:
b6:f3:f6:b4:d0:70:c9:21:96:61:aa:b9:53:f7:66:
a1:18:89:dc:4b:48:69:ce:85:63:fc:0e:f0:80:52:
c5:61:04:c4:56:24:fe:30:52:fc:5b:fa:a9:0c:34:
29:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B9:C9:0B:87:1A:02:0D:28:DC:F5:BF:DA:EF:48:C4:2D:A0:57:EF
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PbnJC4caAg0o3PW_2u9IxC2gV-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:59:01:22:f4:dd:d6:03:f2:6d:1e:21:0f:ee:8d:5c:90:52:
78:69:5b:21:c8:d5:18:69:cf:9d:bd:df:e2:be:19:b3:b5:d5:
00:47:b5:a7:0e:a4:84:0a:47:20:74:1a:cd:2d:fb:79:b6:e8:
5b:c4:72:d5:44:a6:e9:24:3b:95:fa:8b:d4:90:c1:d9:5e:52:
52:5f:2e:b0:5a:de:30:6f:12:da:f1:9b:18:45:a4:ce:a4:1b:
40:ef:99:ae:e5:19:36:6b:a7:21:84:3d:d2:24:45:dd:96:b6:
02:aa:c7:05:25:13:b4:bd:f2:8e:57:61:55:51:d2:55:ab:52:
d6:8f:eb:fa:52:97:bd:62:65:8d:85:48:37:95:c6:7f:a3:e4:
38:ef:6f:57:bd:41:98:5c:02:9c:41:fd:97:7c:75:2d:3e:4e:
23:ae:b7:0a:02:52:69:4d:f3:73:d3:2f:a3:52:03:1f:8a:b6:
33:0f:f8:8c:a7:d9:f8:a6:46:e7:b3:5f:da:34:f9:a5:45:82:
b8:43:8f:dd:d0:0e:45:51:28:21:17:75:3e:49:58:30:0f:d1:
0f:57:8c:b0:59:7f:b0:2b:1f:16:0d:07:ba:9c:21:f4:d7:3c:
d8:e9:e4:6e:f9:90:f6:5b:7f:5c:7e:ab:be:07:84:a5:27:6f:
02:a7:99:fb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZUvxECt49BhOORnEUHw+84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE1MTEwNDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGI5YzkwYjg3MWEwMjBkMjhkY2Y1YmZkYWVmNDhjNDJkYTA1N2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFiTex+hOctP7hQ1KzW7l45DxXIx
Dl0280c0BTdfVf1MCTaUO3RFThIO0Hn463OuhwOjZM/SCXTgixh56SHZK20Rn7dM
5qeEc/6Zsu7KqM2XO0MKGrR+9Qfc3DQ/jEj/UFbuBbAHf038t7w2Er7rfjdzW5uo
TZ1f14WcbTek4hwHLM39p2GRmnUPiIFmCsplBnYTGrkNQOLdT4ROrQdGGzS+BQIs
YRZF9eytQOw7Ik2xj+ZIhcslvqPDYTCH7CggD5K7DVNdP+5BUtFcCBbpAra28/a0
0HDJIZZhqrlT92ahGIncS0hpzoVj/A7wgFLFYQTEViT+MFL8W/qpDDQpZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD25yQuHGgINKNz1v9rvSMQtoFfvMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUGJuSkM0Y2FBZzBvM1BXXzJ1OUl4QzJnVi04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAERZASL03dYD8m0eIQ/u
jVyQUnhpWyHI1Rhpz5293+K+GbO11QBHtacOpIQKRyB0Gs0t+3m26FvEctVEpukk
O5X6i9SQwdleUlJfLrBa3jBvEtrxmxhFpM6kG0Dvma7lGTZrpyGEPdIkRd2WtgKq
xwUlE7S98o5XYVVR0lWrUtaP6/pSl71iZY2FSDeVxn+j5Djvb1e9QZhcApxB/Zd8
dS0+TiOutwoCUmlN83PTL6NSAx+KtjMP+Iyn2fimRuezX9o0+aVFgrhDj93QDkVR
KCEXdT5JWDAP0Q9XjLBZf7ArHxYNB7qcIfTXPNjp5G75kPZbf1x+q74HhKUnbwKn
mfs=
-----END CERTIFICATE-----
Generated at Fri May 2 04:15:25 2025 by rpki-client