Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pHn2tlgfZMnmDEGNeVxaakPR0sk.roa
File: pHn2tlgfZMnmDEGNeVxaakPR0sk.roa (raw, json)
Hash identifier: ivZbH15TuoNBZE9J5J+3+anZpVoecVYkIxaOkWQ/CAY=
Subject key identifier: A4:79:F6:B6:58:1F:64:C9:E6:0C:41:8D:79:5C:5A:6A:43:D1:D2:C9
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186A276A2E79A2752BE957AFABF8EF16CB1
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pHn2tlgfZMnmDEGNeVxaakPR0sk.roa
Signing time: Thu 02 Mar 2023 13:15:29 +0000
ROA not before: Thu 02 Mar 2023 13:15:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a2:76:a2:e7:9a:27:52:be:95:7a:fa:bf:8e:f1:6c:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 2 13:15:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a479f6b6581f64c9e60c418d795c5a6a43d1d2c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:b2:85:d7:00:b9:00:4f:8a:11:6c:22:23:0c:
e4:bf:c8:27:1d:1f:16:69:77:95:15:6d:a0:e0:9e:
23:d4:e0:5b:fb:b1:da:8f:8a:0f:31:17:d4:48:d7:
17:f8:54:30:41:fb:39:9f:7f:27:bf:33:f5:00:86:
13:79:e7:d8:5b:9d:50:e5:d8:22:2c:60:25:6c:94:
75:36:64:a6:47:cc:19:8b:84:c8:f3:a2:03:d6:9e:
de:28:04:c1:f2:d5:54:5a:8a:cb:d9:27:f3:f1:ed:
7c:a2:00:4d:80:6d:9b:7b:32:c4:c7:f1:2f:30:65:
7c:14:fd:da:c2:c2:d1:9b:56:9f:1d:c1:ae:72:1c:
76:86:8b:0d:cb:50:38:ba:cc:00:dd:31:ff:0f:3a:
28:a3:31:45:ff:d7:1c:ba:39:2a:57:94:4e:c8:45:
04:02:fe:d4:01:7c:09:d1:45:f8:72:59:ef:0e:dc:
eb:de:c6:64:6e:a1:f3:ba:88:e9:b1:40:6e:e6:b5:
26:fb:80:d5:3a:34:fe:a1:79:55:73:12:6f:3a:2a:
41:1b:64:fb:c9:ec:8e:9e:2d:dd:bc:61:18:38:bc:
59:61:3b:fd:8f:f2:82:dd:5b:51:25:84:9c:e1:15:
bd:e3:52:16:0e:74:18:d7:8b:77:10:1c:c0:b1:3d:
f7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:79:F6:B6:58:1F:64:C9:E6:0C:41:8D:79:5C:5A:6A:43:D1:D2:C9
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pHn2tlgfZMnmDEGNeVxaakPR0sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
50:19:4b:bb:1b:4b:35:c6:ce:53:f7:15:35:57:ef:d8:7b:a2:
e1:6e:71:f7:e3:71:2e:86:42:e5:59:e1:eb:01:17:49:60:f4:
76:53:09:11:76:e5:6e:83:b6:6b:a1:c3:b8:96:e9:1b:0d:4b:
74:64:3e:e7:0e:ff:83:c7:da:0c:aa:ca:9c:71:ef:aa:d1:1d:
d7:c8:e3:eb:f6:b7:3b:03:7c:6b:de:e9:fa:a0:86:23:d6:5f:
60:f7:a3:d1:a0:be:16:ca:1f:08:43:5f:d1:cd:75:01:1d:20:
58:c4:4c:71:f8:42:ad:a2:ff:52:49:12:80:12:f9:db:c6:86:
e1:99:30:b6:04:2a:24:42:bb:27:a5:3a:27:f5:0b:46:4a:bc:
21:c0:e0:a0:47:71:be:e5:b3:9c:72:c3:b6:f2:29:90:8d:93:
74:7f:f7:d4:40:79:3b:a7:16:f7:af:2a:c4:24:26:0d:0d:39:
d2:72:22:0e:ef:9f:f3:f4:73:13:a5:a3:de:d2:2a:05:7c:1e:
7a:b7:e3:ff:32:bf:f2:e5:85:c4:18:27:6f:be:69:bc:79:22:
fc:07:76:5c:c2:2f:64:45:b7:be:ce:31:24:6e:3d:e6:40:80:
cc:75:1f:1d:ab:3d:1a:4d:e6:5f:ad:0a:46:6f:d6:a2:2c:56:
ef:94:8c:e2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaidqLnmidSvpV6+r+O8WyxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzAyMTMxNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDc5ZjZiNjU4MWY2NGM5ZTYwYzQxOGQ3OTVjNWE2YTQzZDFkMmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6bKF1wC5AE+KEWwiIwzkv8gnHR8W
aXeVFW2g4J4j1OBb+7Haj4oPMRfUSNcX+FQwQfs5n38nvzP1AIYTeefYW51Q5dgi
LGAlbJR1NmSmR8wZi4TI86ID1p7eKATB8tVUWorL2Sfz8e18ogBNgG2bezLEx/Ev
MGV8FP3awsLRm1afHcGuchx2hosNy1A4uswA3TH/DzooozFF/9ccujkqV5ROyEUE
Av7UAXwJ0UX4clnvDtzr3sZkbqHzuojpsUBu5rUm+4DVOjT+oXlVcxJvOipBG2T7
yeyOni3dvGEYOLxZYTv9j/KC3VtRJYSc4RW941IWDnQY14t3EBzAsT33owIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKR59rZYH2TJ5gxBjXlcWmpD0dLJMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcEhuMnRsZ2ZaTW5tREVHTmVWeGFha1BSMHNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFAZS7sbSzXGzlP3FTVX
79h7ouFucffjcS6GQuVZ4esBF0lg9HZTCRF25W6Dtmuhw7iW6RsNS3RkPucO/4PH
2gyqypxx76rRHdfI4+v2tzsDfGve6fqghiPWX2D3o9GgvhbKHwhDX9HNdQEdIFjE
THH4Qq2i/1JJEoAS+dvGhuGZMLYEKiRCuyelOif1C0ZKvCHA4KBHcb7ls5xyw7by
KZCNk3R/99RAeTunFvevKsQkJg0NOdJyIg7vn/P0cxOlo97SKgV8Hnq34/8yv/Ll
hcQYJ2++abx5IvwHdlzCL2RFt77OMSRuPeZAgMx1Hx2rPRpN5l+tCkZv1qIsVu+U
jOI=
-----END CERTIFICATE-----
Generated at Fri May 2 07:13:00 2025 by rpki-client