Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pXKukohU65lmXhy3iSKCWCA7M6k.roa
File: pXKukohU65lmXhy3iSKCWCA7M6k.roa (raw, json)
Hash identifier: V1PIS4ldwC+CEip3PSKxkDF8m2M6Lh96UXLb6QlEbtM=
Subject key identifier: A5:72:AE:92:88:54:EB:99:66:5E:1C:B7:89:22:82:58:20:3B:33:A9
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0183C3F8AF3D8D4874C95CB02D10646A5505
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pXKukohU65lmXhy3iSKCWCA7M6k.roa
Signing time: Mon 10 Oct 2022 22:16:38 +0000
ROA not before: Mon 10 Oct 2022 22:16:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c3:f8:af:3d:8d:48:74:c9:5c:b0:2d:10:64:6a:55:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Oct 10 22:16:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a572ae928854eb99665e1cb789228258203b33a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:1b:40:d0:7b:28:bc:a8:8a:36:20:1f:9c:96:
18:24:45:2c:9f:bf:7a:05:d5:73:c1:77:4c:d6:84:
a3:4b:af:5c:71:f1:a3:8e:c6:06:f9:cb:50:9f:47:
b7:c8:e0:4b:ab:9b:63:13:3c:f3:65:24:13:4f:df:
79:dd:e0:a0:40:62:d2:30:8d:17:e8:e8:65:a1:da:
05:2d:c7:54:73:13:b6:ac:7d:10:a2:4f:ed:f0:27:
cf:0c:50:67:83:db:06:a7:fc:5b:b5:ac:f7:65:4a:
84:2d:73:bf:f9:c4:dc:a9:81:f8:68:e3:9b:26:11:
19:ce:76:8d:24:d9:92:ee:64:c4:65:83:fe:97:86:
5b:d7:7b:ca:72:8f:9a:50:be:cb:2e:eb:dc:38:7a:
37:79:ba:3b:79:08:74:1c:17:6a:8a:4f:12:00:84:
39:ee:76:d9:6e:ac:af:b8:3d:75:63:83:e2:05:cc:
87:f1:f0:69:b3:0e:f1:a3:e6:93:cc:28:47:4e:a5:
6e:e0:03:8c:33:8c:49:71:9a:da:55:58:50:dd:f6:
e9:3f:0f:5e:86:ad:90:74:ab:ee:08:f8:81:7a:14:
bf:85:8a:d0:4d:66:e4:4e:a0:ac:40:12:b5:d1:dd:
b8:f7:2f:94:fb:62:db:68:65:39:04:9f:db:f4:6d:
6e:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:72:AE:92:88:54:EB:99:66:5E:1C:B7:89:22:82:58:20:3B:33:A9
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pXKukohU65lmXhy3iSKCWCA7M6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:73:c5:cd:97:9c:65:88:5a:92:a7:dd:de:b4:98:13:8a:cc:
11:86:1b:29:99:37:f7:9d:f3:5f:a5:a6:41:cc:41:8e:5f:c1:
6c:35:d6:9b:c1:2b:9e:4c:ca:7b:5a:5f:58:dc:8d:5a:0d:e2:
3a:45:bb:e2:aa:d8:8a:36:eb:5e:d8:5d:5f:b3:bd:c7:ea:ba:
68:b5:83:9c:c9:8a:95:5e:7b:23:da:99:c3:6d:c1:5a:1d:73:
03:b5:8e:45:a5:45:e6:7b:4f:3d:9f:48:5f:82:e6:48:fe:19:
90:4f:8e:2f:bf:54:90:dd:07:55:5f:07:29:9f:b1:21:a3:c3:
8c:2c:ac:9b:3a:0d:01:a1:35:12:09:c3:8e:70:2c:0a:4e:2c:
1d:7f:c8:b0:76:e4:44:30:c2:90:12:0e:20:6b:79:d1:9a:b0:
58:1a:30:02:c4:61:63:70:64:08:50:fc:fb:46:e4:2f:dc:c0:
86:c3:83:ad:87:5a:58:f3:ea:a1:0b:52:47:60:e8:a1:4d:b0:
44:e3:70:92:ab:4c:72:f3:27:a4:49:0b:b2:e1:ca:21:81:8f:
1a:38:3a:85:53:de:ba:41:1c:fa:1d:61:e8:fa:7b:e5:7a:21:
a2:f8:63:24:36:0b:7b:1d:3c:4d:5c:6b:29:cb:84:b3:35:a3:
32:cc:c9:5c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYPD+K89jUh0yVywLRBkalUFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMDEwMjIxNjM4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTcyYWU5Mjg4NTRlYjk5NjY1ZTFjYjc4OTIyODI1ODIwM2IzM2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRtA0HsovKiKNiAfnJYYJEUsn796
BdVzwXdM1oSjS69ccfGjjsYG+ctQn0e3yOBLq5tjEzzzZSQTT9953eCgQGLSMI0X
6OhlodoFLcdUcxO2rH0Qok/t8CfPDFBng9sGp/xbtaz3ZUqELXO/+cTcqYH4aOOb
JhEZznaNJNmS7mTEZYP+l4Zb13vKco+aUL7LLuvcOHo3ebo7eQh0HBdqik8SAIQ5
7nbZbqyvuD11Y4PiBcyH8fBpsw7xo+aTzChHTqVu4AOMM4xJcZraVVhQ3fbpPw9e
hq2QdKvuCPiBehS/hYrQTWbkTqCsQBK10d249y+U+2LbaGU5BJ/b9G1u9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKVyrpKIVOuZZl4ct4kiglggOzOpMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcFhLdWtvaFU2NWxtWGh5M2lTS0NXQ0E3TTZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABhzxc2XnGWIWpKn3d60
mBOKzBGGGymZN/ed81+lpkHMQY5fwWw11pvBK55MyntaX1jcjVoN4jpFu+Kq2Io2
617YXV+zvcfqumi1g5zJipVeeyPamcNtwVodcwO1jkWlReZ7Tz2fSF+C5kj+GZBP
ji+/VJDdB1VfBymfsSGjw4wsrJs6DQGhNRIJw45wLApOLB1/yLB25EQwwpASDiBr
edGasFgaMALEYWNwZAhQ/PtG5C/cwIbDg62HWljz6qELUkdg6KFNsETjcJKrTHLz
J6RJC7LhyiGBjxo4OoVT3rpBHPodYej6e+V6IaL4YyQ2C3sdPE1caynLhLM1ozLM
yVw=
-----END CERTIFICATE-----
Generated at Sat May 3 21:38:27 2025 by rpki-client