Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pTnLqUNKB26MiWxthKgqc_EWdSE.roa
File: pTnLqUNKB26MiWxthKgqc_EWdSE.roa (raw, json)
Hash identifier: JqgBw9CX0zGEPwDxnskEZ5f9cGMXuzhoK0TeqcCx6I4=
Subject key identifier: A5:39:CB:A9:43:4A:07:6E:8C:89:6C:6D:84:A8:2A:73:F1:16:75:21
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189CC73F46B645FDA64AD727C17A19C8A4C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pTnLqUNKB26MiWxthKgqc_EWdSE.roa
Signing time: Sun 06 Aug 2023 20:04:58 +0000
ROA not before: Sun 06 Aug 2023 20:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
2001:67c:64:ffff:0:189:cc73:5c5c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cc:73:f4:6b:64:5f:da:64:ad:72:7c:17:a1:9c:8a:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 6 20:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a539cba9434a076e8c896c6d84a82a73f1167521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:26:23:59:19:0e:f5:d0:47:13:89:57:2a:c8:
10:96:75:72:25:89:ea:be:b4:4a:cf:6a:82:19:e6:
43:ac:17:75:a6:b9:d4:c9:be:3d:38:ff:5d:d5:37:
79:4c:f4:3d:87:bb:b1:c6:7a:0b:cd:2d:f8:72:64:
9f:d0:29:53:16:79:c4:05:a1:5b:f4:c3:ac:90:c6:
39:ab:b5:89:80:3d:84:65:77:16:4c:45:b2:15:69:
47:48:80:01:4c:f9:a5:1f:02:fc:75:58:11:9a:0b:
1b:58:4f:61:9b:32:09:e2:89:0e:72:77:00:e2:74:
74:d7:fe:38:a0:c0:e0:99:92:ef:6c:16:e1:4a:a9:
5f:0c:2b:d6:7a:58:a6:b3:c1:f4:7b:c2:23:70:dd:
6d:1f:f8:8b:80:76:68:08:ac:08:ee:01:cf:99:c3:
b9:33:78:04:01:42:fd:f1:30:64:9d:f2:c1:f5:64:
ac:78:6f:bb:0b:11:f6:45:6d:e8:54:cf:42:85:b8:
b2:87:9c:01:18:c4:d3:17:99:64:25:64:f4:1b:12:
85:4e:39:83:b5:88:0b:ad:b5:51:88:68:ee:00:18:
b7:7d:d0:1c:a0:6f:39:7f:ce:f2:00:b2:34:6e:a2:
0c:e2:7e:b1:a5:9e:f8:dd:d3:0b:0c:e0:d5:2c:91:
f6:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:39:CB:A9:43:4A:07:6E:8C:89:6C:6D:84:A8:2A:73:F1:16:75:21
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pTnLqUNKB26MiWxthKgqc_EWdSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
86:45:4a:6a:8b:d8:88:92:3c:85:5f:3c:07:82:2e:ed:ee:1c:
68:d2:d7:30:dd:5f:f9:d1:cb:fa:12:bd:e8:ee:cc:ca:03:aa:
ac:53:d2:ff:d1:f7:01:d9:74:ce:28:8c:f3:2a:45:e0:87:c9:
26:86:d1:68:16:7c:8a:c3:42:c7:11:8c:5c:bc:d5:c1:13:fe:
6d:e8:4c:bf:7c:7e:cd:74:5d:f0:fa:66:68:d1:f7:3e:32:22:
1d:f6:1d:6b:84:0a:c9:2d:c0:87:9e:b3:86:01:35:2b:a3:79:
9f:fd:3d:01:42:41:1e:25:08:7c:45:2f:1c:68:03:9b:19:74:
19:58:6f:7e:1a:00:cb:58:c2:ec:f1:9b:d4:f8:fc:dc:dd:48:
2a:0b:ff:93:0f:ab:66:d5:f7:ac:72:de:5a:69:af:f2:b2:93:
f1:32:fa:13:6b:ca:62:7e:fc:70:88:d5:a0:51:ee:c4:f4:61:
f6:73:98:50:46:43:48:06:ea:d4:4e:fa:9c:79:4e:1e:0f:fe:
c6:f2:6d:21:df:30:32:e3:0a:3b:3b:a1:63:34:80:3b:14:ee:
02:f8:66:d7:b4:47:3e:36:12:a7:ba:3c:54:46:39:ec:24:09:
48:f1:a2:3c:21:19:b0:21:3c:c7:3a:36:d7:69:a1:4c:9e:a3:
c2:01:0a:8b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnMc/RrZF/aZK1yfBehnIpMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA2MjAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTM5Y2JhOTQzNGEwNzZlOGM4OTZjNmQ4NGE4MmE3M2YxMTY3NTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyYjWRkO9dBHE4lXKsgQlnVyJYnq
vrRKz2qCGeZDrBd1prnUyb49OP9d1Td5TPQ9h7uxxnoLzS34cmSf0ClTFnnEBaFb
9MOskMY5q7WJgD2EZXcWTEWyFWlHSIABTPmlHwL8dVgRmgsbWE9hmzIJ4okOcncA
4nR01/44oMDgmZLvbBbhSqlfDCvWelims8H0e8IjcN1tH/iLgHZoCKwI7gHPmcO5
M3gEAUL98TBknfLB9WSseG+7CxH2RW3oVM9Chbiyh5wBGMTTF5lkJWT0GxKFTjmD
tYgLrbVRiGjuABi3fdAcoG85f87yALI0bqIM4n6xpZ743dMLDODVLJH2TQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKU5y6lDSgdujIlsbYSoKnPxFnUhMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcFRuTHFVTktCMjZNaVd4dGhLZ3FjX0VXZFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIZFSmqL2IiSPIVfPAeC
Lu3uHGjS1zDdX/nRy/oSvejuzMoDqqxT0v/R9wHZdM4ojPMqReCHySaG0WgWfIrD
QscRjFy81cET/m3oTL98fs10XfD6ZmjR9z4yIh32HWuECsktwIees4YBNSujeZ/9
PQFCQR4lCHxFLxxoA5sZdBlYb34aAMtYwuzxm9T4/NzdSCoL/5MPq2bV96xy3lpp
r/Kyk/Ey+hNrymJ+/HCI1aBR7sT0YfZzmFBGQ0gG6tRO+px5Th4P/sbybSHfMDLj
Cjs7oWM0gDsU7gL4Zte0Rz42Eqe6PFRGOewkCUjxojwhGbAhPMc6NtdpoUyeo8IB
Cos=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:38:07 2025 by rpki-client