Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pbfP8ghFZUNeto60KoqDCGOmvzg.roa
File: pbfP8ghFZUNeto60KoqDCGOmvzg.roa (raw, json)
Hash identifier: zsBQmJC7QvyODyhkacwO2/VhJUo0srGoOu0BWSiSycQ=
Subject key identifier: A5:B7:CF:F2:08:45:65:43:5E:B6:8E:B4:2A:8A:83:08:63:A6:BF:38
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187179CD47940D88BE3382F6BA549DB148F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pbfP8ghFZUNeto60KoqDCGOmvzg.roa
Signing time: Sat 25 Mar 2023 07:12:46 +0000
ROA not before: Sat 25 Mar 2023 07:12:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:17:9c:d4:79:40:d8:8b:e3:38:2f:6b:a5:49:db:14:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 25 07:12:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5b7cff2084565435eb68eb42a8a830863a6bf38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:79:d3:46:ed:be:d9:e4:2a:c1:fd:04:f6:11:
ec:e0:7b:24:31:ba:64:99:bd:a0:38:ea:5d:cb:69:
23:75:fc:f5:f6:ea:33:97:2e:74:d0:83:92:b0:58:
aa:08:29:c2:a6:47:0d:95:5a:df:dc:f9:a2:5c:81:
c9:19:33:b9:58:c8:46:1a:46:be:2a:84:c5:fb:57:
50:4d:66:8f:06:71:06:7f:bc:a5:1e:14:34:67:d0:
88:c4:33:e3:05:8c:02:83:39:a2:b1:99:78:90:04:
c9:6d:2c:3e:5f:70:1f:53:1a:b0:5d:d6:ee:d8:aa:
e5:05:e5:a8:f0:c2:2f:ff:45:aa:60:96:3d:95:27:
09:e5:b2:f7:9b:02:a4:6c:a6:e9:bc:d4:bc:8d:a0:
ad:39:b0:88:44:f9:18:ac:3a:18:0c:3a:7c:01:5a:
52:b6:3f:5e:ba:da:dd:25:94:67:88:d9:86:3c:af:
9b:81:bf:ea:03:7f:3a:5e:6c:97:bc:b2:41:c4:c1:
48:fb:5e:82:ee:d7:de:10:c2:3f:a6:d6:5f:64:bf:
d7:4d:88:22:9c:7a:97:3f:73:b6:f3:e9:59:dd:80:
39:bc:48:57:af:fc:c2:e8:e6:b7:cd:b1:55:7e:80:
08:83:0a:7a:f6:79:7d:9f:e4:18:0f:91:29:84:e5:
a8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:B7:CF:F2:08:45:65:43:5E:B6:8E:B4:2A:8A:83:08:63:A6:BF:38
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pbfP8ghFZUNeto60KoqDCGOmvzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:b9:fc:b6:51:f2:fe:06:68:90:43:ea:d8:17:57:cf:13:94:
4a:d7:ba:39:c9:99:3c:14:ef:12:84:c3:1f:34:87:aa:2d:27:
b8:aa:e7:45:a7:f1:be:c1:fd:59:b9:5f:c6:37:ae:07:a5:6a:
d2:30:50:ca:3d:9f:94:cc:d9:00:f7:84:32:6b:dd:d5:b2:c9:
b1:0d:5c:31:aa:98:ed:fe:c5:53:50:00:db:5a:9f:64:e4:5b:
62:71:96:68:1e:7d:b2:86:97:35:20:fe:8f:fd:d4:70:36:e8:
0c:29:8a:c6:a1:8a:ef:00:5e:fa:c9:37:00:00:34:e7:5d:56:
f6:16:b2:de:55:bd:41:c7:de:fd:8a:8c:01:e2:00:a4:d9:5c:
05:3f:30:23:43:c3:ed:a0:26:d5:f0:7e:34:74:c1:94:ff:bd:
df:40:6c:b1:58:92:5c:17:ba:a7:f4:aa:5d:f9:7b:33:d5:fb:
ee:2f:0c:fd:5c:64:6c:e2:00:b0:bc:97:98:e9:df:b5:ee:01:
c9:55:b6:72:ce:8c:77:42:e1:2e:9e:c3:cf:3c:c0:1e:48:9c:
49:e8:ee:12:91:6c:a4:01:92:a9:7e:df:db:5c:1d:08:01:af:
14:d7:b1:27:b6:75:75:d1:a5:f5:7b:a4:6e:f7:56:5d:ee:74:
7d:44:6b:b3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcXnNR5QNiL4zgva6VJ2xSPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzI1MDcxMjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWI3Y2ZmMjA4NDU2NTQzNWViNjhlYjQyYThhODMwODYzYTZiZjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHnTRu2+2eQqwf0E9hHs4HskMbpk
mb2gOOpdy2kjdfz19uozly500IOSsFiqCCnCpkcNlVrf3PmiXIHJGTO5WMhGGka+
KoTF+1dQTWaPBnEGf7ylHhQ0Z9CIxDPjBYwCgzmisZl4kATJbSw+X3AfUxqwXdbu
2KrlBeWo8MIv/0WqYJY9lScJ5bL3mwKkbKbpvNS8jaCtObCIRPkYrDoYDDp8AVpS
tj9eutrdJZRniNmGPK+bgb/qA386XmyXvLJBxMFI+16C7tfeEMI/ptZfZL/XTYgi
nHqXP3O28+lZ3YA5vEhXr/zC6Oa3zbFVfoAIgwp69nl9n+QYD5EphOWokQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKW3z/IIRWVDXraOtCqKgwhjpr84MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcGJmUDhnaEZaVU5ldG82MEtvcURDR09tdnpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHa5/LZR8v4GaJBD6tgX
V88TlErXujnJmTwU7xKEwx80h6otJ7iq50Wn8b7B/Vm5X8Y3rgelatIwUMo9n5TM
2QD3hDJr3dWyybENXDGqmO3+xVNQANtan2TkW2JxlmgefbKGlzUg/o/91HA26Awp
isahiu8AXvrJNwAANOddVvYWst5VvUHH3v2KjAHiAKTZXAU/MCNDw+2gJtXwfjR0
wZT/vd9AbLFYklwXuqf0ql35ezPV++4vDP1cZGziALC8l5jp37XuAclVtnLOjHdC
4S6ew888wB5InEno7hKRbKQBkql+39tcHQgBrxTXsSe2dXXRpfV7pG73Vl3udH1E
a7M=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:42:44 2025 by rpki-client