Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PqgbOxXzUqO1qQjlRcHcCUifiPw.roa
File: PqgbOxXzUqO1qQjlRcHcCUifiPw.roa (raw, json)
Hash identifier: hY0OHgrpbZHhhIGpNXpZ0szaT3NnGuIOYO4uHER6qMI=
Subject key identifier: 3E:A8:1B:3B:15:F3:52:A3:B5:A9:08:E5:45:C1:DC:09:48:9F:88:FC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018562137BEB1B759704573C6BC8168B5CE4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PqgbOxXzUqO1qQjlRcHcCUifiPw.roa
Signing time: Fri 30 Dec 2022 08:08:41 +0000
ROA not before: Fri 30 Dec 2022 08:08:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:62:13:7b:eb:1b:75:97:04:57:3c:6b:c8:16:8b:5c:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 30 08:08:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ea81b3b15f352a3b5a908e545c1dc09489f88fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2f:be:cf:3d:8c:1c:49:5e:dd:69:a5:c3:21:
71:9a:69:64:b4:ba:28:b9:7a:74:9c:18:10:8e:13:
93:79:d5:af:f4:cb:18:f4:e4:37:da:cf:b0:65:0d:
70:83:eb:8d:af:28:72:b3:a9:72:95:89:e7:6f:67:
4d:6b:32:b3:e4:a0:ca:87:58:45:03:a0:34:65:f9:
fc:77:d7:47:29:01:bf:c6:95:ff:4c:26:9a:00:f2:
e5:f3:83:6b:7b:17:83:b4:6f:e1:1c:dc:dd:0c:dd:
50:73:14:6f:ba:85:e8:b8:dd:15:ab:c2:8e:78:73:
49:b4:b1:f3:ec:f8:9b:59:39:53:18:61:b9:8c:b3:
2e:9c:45:b5:dc:30:e0:98:40:38:15:15:5e:91:d9:
2c:8d:95:ce:c7:6e:02:d1:d6:de:b6:68:50:e3:fe:
d3:5e:85:b3:1c:9b:87:f8:97:15:6e:e3:8a:e0:43:
8b:6f:9f:99:af:c4:89:ca:0d:39:62:d5:3f:d1:3e:
a4:76:ad:13:9d:e7:b1:be:3b:31:26:23:1f:5d:d0:
9a:49:4c:7c:d8:c0:38:97:c3:de:3e:68:6c:78:d8:
a8:57:04:ca:c1:e4:c2:cd:98:c7:69:1f:27:82:34:
2b:0c:e4:a6:ab:cb:17:cb:bf:d1:9b:c2:21:c4:81:
45:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:A8:1B:3B:15:F3:52:A3:B5:A9:08:E5:45:C1:DC:09:48:9F:88:FC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PqgbOxXzUqO1qQjlRcHcCUifiPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9d:c5:b4:0f:bb:9b:e2:bb:1e:41:82:fe:0a:ef:fb:79:c8:2e:
4a:e8:21:99:d2:94:29:78:9b:70:17:3c:a5:51:d1:d3:2d:f0:
cb:f3:c0:97:d8:0e:3f:f1:b2:37:c7:83:d6:5f:fa:b2:98:89:
87:df:22:4d:f6:d7:96:b6:e3:92:a5:d2:49:88:52:93:d0:7e:
87:82:da:87:c6:6e:0d:6a:72:84:07:cd:03:29:6d:3c:50:e9:
3b:ff:69:a2:d0:df:e3:13:e0:0c:ee:ab:1d:d7:2f:7b:3d:3e:
8a:c3:bb:e9:0a:35:49:8e:a6:cf:b7:cc:df:c6:64:0c:53:4e:
9a:cd:81:fd:a6:a0:3f:2d:dd:11:a2:ec:47:6f:8e:1e:7c:09:
9a:6a:0d:e2:e2:e8:0b:86:52:09:90:cf:34:2e:a2:13:3f:91:
50:e7:04:14:d4:72:93:20:f2:9e:a7:6b:c7:48:15:fa:db:c6:
24:cd:5e:e4:be:80:45:7b:8c:f5:2d:a7:78:a6:2b:90:24:6a:
cc:15:6d:ac:d6:28:e5:58:79:b4:04:a1:c1:24:12:b9:09:d7:
24:1f:62:84:0b:d5:41:3e:bb:23:74:4d:6f:01:4a:a1:ba:53:
f7:76:e3:b1:3c:aa:b3:70:b1:b8:0f:34:a4:ca:43:66:6e:7e:
1c:64:e2:a7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYViE3vrG3WXBFc8a8gWi1zkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjMwMDgwODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWE4MWIzYjE1ZjM1MmEzYjVhOTA4ZTU0NWMxZGMwOTQ4OWY4OGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoy++zz2MHEle3WmlwyFxmmlktLoo
uXp0nBgQjhOTedWv9MsY9OQ32s+wZQ1wg+uNryhys6lylYnnb2dNazKz5KDKh1hF
A6A0Zfn8d9dHKQG/xpX/TCaaAPLl84NrexeDtG/hHNzdDN1QcxRvuoXouN0Vq8KO
eHNJtLHz7PibWTlTGGG5jLMunEW13DDgmEA4FRVekdksjZXOx24C0dbetmhQ4/7T
XoWzHJuH+JcVbuOK4EOLb5+Zr8SJyg05YtU/0T6kdq0TneexvjsxJiMfXdCaSUx8
2MA4l8PePmhseNioVwTKweTCzZjHaR8ngjQrDOSmq8sXy7/Rm8IhxIFF6QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD6oGzsV81KjtakI5UXB3AlIn4j8MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUHFnYk94WHpVcU8xcVFqbFJjSGNDVWlmaVB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ3FtA+7m+K7HkGC/grv
+3nILkroIZnSlCl4m3AXPKVR0dMt8MvzwJfYDj/xsjfHg9Zf+rKYiYffIk3215a2
45Kl0kmIUpPQfoeC2ofGbg1qcoQHzQMpbTxQ6Tv/aaLQ3+MT4Azuqx3XL3s9PorD
u+kKNUmOps+3zN/GZAxTTprNgf2moD8t3RGi7Edvjh58CZpqDeLi6AuGUgmQzzQu
ohM/kVDnBBTUcpMg8p6na8dIFfrbxiTNXuS+gEV7jPUtp3imK5AkaswVbazWKOVY
ebQEocEkErkJ1yQfYoQL1UE+uyN0TW8BSqG6U/d247E8qrNwsbgPNKTKQ2Zufhxk
4qc=
-----END CERTIFICATE-----
Generated at Thu May 1 00:09:25 2025 by rpki-client