Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pbvg5d3XxqkyAidMauklWB7EjFk.roa
File: pbvg5d3XxqkyAidMauklWB7EjFk.roa (raw, json)
Hash identifier: EO5kU4twrRhcXcg8rKcC0eKNZozNqF0GxLOxtPAUjAo=
Subject key identifier: A5:BB:E0:E5:DD:D7:C6:A9:32:02:27:4C:6A:E9:25:58:1E:C4:8C:59
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 7A6F44A7
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pbvg5d3XxqkyAidMauklWB7EjFk.roa
Signing time: Mon 11 Apr 2022 14:10:27 +0000
ROA not before: Mon 11 Apr 2022 14:10:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2054112423 (0x7a6f44a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 11 14:10:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5bbe0e5ddd7c6a93202274c6ae925581ec48c59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:54:b5:90:65:1e:51:53:ad:45:ec:5a:cc:23:
f1:a9:06:24:94:3b:5b:2a:e4:22:61:fd:4f:c3:dd:
72:92:78:f3:90:ed:8c:8c:10:3d:eb:9d:87:f6:04:
ab:e3:24:d2:71:9f:b3:6f:c4:94:d7:76:a4:a7:ed:
cb:18:1a:d4:08:db:3f:25:1f:4d:91:f3:58:75:bc:
42:20:b8:04:f9:47:73:a2:e4:0e:bc:5e:08:bb:59:
77:46:60:b3:da:28:62:66:c4:37:a9:0e:be:d8:f1:
df:2f:91:22:ed:c9:eb:47:20:aa:b2:e3:ed:42:ab:
81:6c:ad:04:94:e4:0d:dd:b6:a5:af:fd:84:f9:62:
47:29:44:53:57:66:7e:a3:40:cc:85:c8:56:75:64:
40:35:cb:43:00:49:3f:a0:91:f0:13:09:8a:ed:fb:
ad:ff:25:1a:67:40:2c:af:e1:1a:cd:fc:46:8e:f2:
64:cb:d3:4f:ad:ac:8e:55:b6:a9:e3:99:56:11:c3:
65:a0:66:11:96:42:86:04:26:fd:23:04:50:c5:67:
97:d6:6b:5e:95:45:7f:00:3c:66:d3:fa:78:fe:c7:
97:2e:9c:be:6a:91:86:2b:18:63:6d:ec:2e:ad:e1:
86:f2:cf:a5:6a:55:48:c5:b9:02:43:31:a1:8f:7c:
87:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:BB:E0:E5:DD:D7:C6:A9:32:02:27:4C:6A:E9:25:58:1E:C4:8C:59
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pbvg5d3XxqkyAidMauklWB7EjFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
29:76:5a:a5:e7:36:da:f2:fb:de:55:50:7c:c5:47:f7:27:f3:
b3:e6:4f:9b:6f:06:c2:d3:b9:f8:f4:c8:d8:76:3f:a9:71:63:
e6:1d:1a:bf:4d:b8:0b:17:e5:f3:44:33:0c:7b:65:6e:4c:4a:
10:f1:48:e8:8e:04:db:71:22:ad:ce:bf:d5:77:20:ec:27:c3:
49:9f:f6:c6:b4:f6:52:c9:06:82:cf:e6:5c:00:ab:35:ad:bf:
d0:f5:4c:17:52:0f:ab:db:5d:e2:3e:df:81:a3:96:88:1e:8c:
0c:34:51:f3:5f:52:c7:56:1a:41:75:6f:7d:35:8e:2f:bf:e7:
37:71:76:ae:78:58:00:ad:e7:0f:34:2a:c2:55:e7:52:73:12:
f7:a3:22:dc:08:7e:72:f3:45:5b:7d:d5:b3:68:c6:fc:32:ee:
50:fd:cc:14:ed:da:aa:8b:43:d1:9f:4d:1b:d5:d4:c1:6c:da:
45:1c:be:73:73:01:02:ed:fb:b3:1b:71:0f:f3:bb:11:ae:22:
e9:e0:b3:73:5f:69:f6:c9:4e:c9:0f:68:33:12:dd:87:56:90:
45:ec:00:c7:bb:7f:c9:a7:81:2a:36:0b:d9:4b:6d:df:bd:c6:
b0:8e:4a:82:a0:62:e3:ed:59:51:44:3f:cd:b1:6e:9f:62:59:
66:d0:ba:3f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEem9EpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDQx
MTE0MTAyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTViYmUwZTVkZGQ3
YzZhOTMyMDIyNzRjNmFlOTI1NTgxZWM0OGM1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL5UtZBlHlFTrUXsWswj8akGJJQ7WyrkImH9T8PdcpJ485Dt
jIwQPeudh/YEq+Mk0nGfs2/ElNd2pKftyxga1AjbPyUfTZHzWHW8QiC4BPlHc6Lk
DrxeCLtZd0Zgs9ooYmbEN6kOvtjx3y+RIu3J60cgqrLj7UKrgWytBJTkDd22pa/9
hPliRylEU1dmfqNAzIXIVnVkQDXLQwBJP6CR8BMJiu37rf8lGmdALK/hGs38Ro7y
ZMvTT62sjlW2qeOZVhHDZaBmEZZChgQm/SMEUMVnl9ZrXpVFfwA8ZtP6eP7Hly6c
vmqRhisYY23sLq3hhvLPpWpVSMW5AkMxoY98hyMCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSlu+Dl3dfGqTICJ0xq6SVYHsSMWTAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L3Bidmc1ZDNYeHFreUFpZE1hdWtsV0I3RWpGay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQApdlql5zba8vveVVB8xUf3J/Oz5k+bbwbC07n4
9MjYdj+pcWPmHRq/TbgLF+XzRDMMe2VuTEoQ8UjojgTbcSKtzr/VdyDsJ8NJn/bG
tPZSyQaCz+ZcAKs1rb/Q9UwXUg+r213iPt+Bo5aIHowMNFHzX1LHVhpBdW99NY4v
v+c3cXaueFgArecPNCrCVedScxL3oyLcCH5y80VbfdWzaMb8Mu5Q/cwU7dqqi0PR
n00b1dTBbNpFHL5zcwEC7fuzG3EP87sRriLp4LNzX2n2yU7JD2gzEt2HVpBF7ADH
u3/Jp4EqNgvZS23fvcawjkqCoGLj7VlRRD/NsW6fYllm0Lo/
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:07:31 2025 by rpki-client