Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pGjrFfI2LlMBQ1eXqK9ubjSzsXE.roa
File: pGjrFfI2LlMBQ1eXqK9ubjSzsXE.roa (raw, json)
Hash identifier: dJ1rmzVOywXNPzwfoaSEgVdFxsQia67BXRB5N+66/tg=
Subject key identifier: A4:68:EB:15:F2:36:2E:53:01:43:57:97:A8:AF:6E:6E:34:B3:B1:71
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01857CE6D99F494FF3818DDE9623B5C2D827
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pGjrFfI2LlMBQ1eXqK9ubjSzsXE.roa
Signing time: Wed 04 Jan 2023 13:09:41 +0000
ROA not before: Wed 04 Jan 2023 13:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:7c:e6:d9:9f:49:4f:f3:81:8d:de:96:23:b5:c2:d8:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 4 13:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a468eb15f2362e5301435797a8af6e6e34b3b171
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:85:bc:44:97:00:12:3b:b5:a8:2d:56:46:2d:
79:d9:fe:7a:b7:99:99:a7:78:20:14:42:72:dc:d5:
74:51:4d:10:2e:39:33:78:ed:0b:9c:54:77:a0:be:
19:77:8d:69:6a:15:0f:d1:39:d5:7e:a3:93:62:1f:
8a:a1:44:f1:bb:58:c8:e7:5d:6b:60:0e:5f:72:fb:
34:94:68:2e:1a:a8:d0:0f:a0:97:66:07:c2:11:de:
12:8d:e4:24:b4:57:0b:4c:11:a9:1f:3d:5b:9b:19:
c6:53:f0:c9:22:8e:22:fe:f6:be:8f:2d:8d:25:c5:
17:bc:6a:ed:94:b0:b7:54:42:7d:88:bd:b1:75:3f:
d7:2c:5c:15:39:46:21:b9:ce:17:c4:7b:f7:7f:46:
33:5e:48:00:ba:fb:54:38:56:ff:9b:4f:21:b6:f7:
58:3b:51:63:5d:44:a8:db:e0:e7:96:6d:49:da:c9:
73:74:9a:4e:2b:d2:92:d1:4c:5f:04:40:53:0d:76:
c4:0d:a3:16:f9:25:ef:d0:f6:5a:1d:e4:e2:9b:6c:
96:69:5b:3a:d2:23:45:ce:fb:fa:0c:1a:44:bf:26:
11:98:4b:a3:35:d1:c3:5b:d5:a4:19:cf:92:c6:06:
33:51:3a:ca:2e:ae:d4:ce:bc:81:2c:5e:bb:8b:98:
ea:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:68:EB:15:F2:36:2E:53:01:43:57:97:A8:AF:6E:6E:34:B3:B1:71
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pGjrFfI2LlMBQ1eXqK9ubjSzsXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:a8:48:cb:3c:e8:f2:fd:60:01:93:d8:ac:d2:bd:4e:69:20:
66:bb:7c:cf:28:1b:96:28:6b:73:47:87:63:a6:8e:c6:27:f4:
ca:e8:8b:17:42:34:f3:3f:be:4b:40:7f:34:bb:b9:41:ea:4a:
6e:9a:f6:db:e7:45:5d:b6:21:6e:d6:58:98:3f:db:3b:44:d8:
03:91:21:b7:cd:4b:29:25:37:1e:2c:af:4f:f9:8b:01:d6:a5:
2a:a2:b0:0d:14:45:56:9c:f1:d6:d9:9b:97:f4:5d:e9:fc:a0:
62:b7:cf:fa:75:75:07:79:f9:ec:70:a0:82:fd:80:95:dc:96:
f6:93:aa:0b:6f:7b:19:c0:90:91:80:eb:66:a2:33:a1:bc:83:
6f:bb:f4:35:da:84:a9:35:5c:5d:87:21:64:5c:a5:57:d9:60:
d1:bc:0e:44:82:a2:fd:bc:99:91:b2:94:9e:fb:c7:46:30:00:
e8:8e:c9:fd:ce:bc:26:da:8f:84:ba:72:79:8e:bd:19:ad:b6:
36:e1:2e:5f:57:dc:8e:8f:15:89:4f:da:e3:13:5d:37:de:f8:
89:fc:fe:d3:2e:57:bd:9d:a6:a3:38:56:43:eb:18:a6:7c:c7:
ce:d4:bc:17:32:e1:f8:37:3b:ed:ec:50:4c:0a:85:5b:b3:58:
2d:34:29:f2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYV85tmfSU/zgY3eliO1wtgnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA0MTMwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDY4ZWIxNWYyMzYyZTUzMDE0MzU3OTdhOGFmNmU2ZTM0YjNiMTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoW8RJcAEju1qC1WRi152f56t5mZ
p3ggFEJy3NV0UU0QLjkzeO0LnFR3oL4Zd41pahUP0TnVfqOTYh+KoUTxu1jI511r
YA5fcvs0lGguGqjQD6CXZgfCEd4SjeQktFcLTBGpHz1bmxnGU/DJIo4i/va+jy2N
JcUXvGrtlLC3VEJ9iL2xdT/XLFwVOUYhuc4XxHv3f0YzXkgAuvtUOFb/m08htvdY
O1FjXUSo2+Dnlm1J2slzdJpOK9KS0UxfBEBTDXbEDaMW+SXv0PZaHeTim2yWaVs6
0iNFzvv6DBpEvyYRmEujNdHDW9WkGc+SxgYzUTrKLq7UzryBLF67i5jqyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKRo6xXyNi5TAUNXl6ivbm40s7FxMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcEdqckZmSTJMbE1CUTFlWHFLOXVialN6c1hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABqoSMs86PL9YAGT2KzS
vU5pIGa7fM8oG5Yoa3NHh2OmjsYn9MroixdCNPM/vktAfzS7uUHqSm6a9tvnRV22
IW7WWJg/2ztE2AORIbfNSyklNx4sr0/5iwHWpSqisA0URVac8dbZm5f0Xen8oGK3
z/p1dQd5+exwoIL9gJXclvaTqgtvexnAkJGA62aiM6G8g2+79DXahKk1XF2HIWRc
pVfZYNG8DkSCov28mZGylJ77x0YwAOiOyf3OvCbaj4S6cnmOvRmttjbhLl9X3I6P
FYlP2uMTXTfe+In8/tMuV72dpqM4VkPrGKZ8x87UvBcy4fg3O+3sUEwKhVuzWC00
KfI=
-----END CERTIFICATE-----
Generated at Thu May 1 20:22:07 2025 by rpki-client