Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pfQRVuyTcLnxbWnrPImbTffkgT8.roa
File: pfQRVuyTcLnxbWnrPImbTffkgT8.roa (raw, json)
Hash identifier: 7UO/VWbfMhGyxN2LOoBs7Thu5lmg2UPW1p2VNu21waY=
Subject key identifier: A5:F4:11:56:EC:93:70:B9:F1:6D:69:EB:3C:89:9B:4D:F7:E4:81:3F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 8F63080D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pfQRVuyTcLnxbWnrPImbTffkgT8.roa
Signing time: Fri 24 Jun 2022 06:11:19 +0000
ROA not before: Fri 24 Jun 2022 06:11:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2405632013 (0x8f63080d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 24 06:11:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5f41156ec9370b9f16d69eb3c899b4df7e4813f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c0:92:f7:b2:d9:79:2a:66:2f:aa:7c:d8:8c:
77:ea:91:eb:4b:61:ef:6c:fe:8a:bc:d0:2f:a7:f4:
e1:04:ed:b8:4b:5c:ce:d5:13:12:5f:16:69:6b:f6:
d5:92:ff:3d:bc:22:e1:ea:29:bf:47:47:35:2b:f9:
19:40:8a:09:e4:3c:fa:86:e6:39:d9:0e:25:60:3c:
06:c2:c4:70:4e:50:c1:0a:a1:06:c9:d8:24:00:f0:
97:ef:bd:8c:66:e5:a0:71:30:61:e5:dd:66:a2:b7:
65:95:f8:7e:2d:d2:73:34:16:d1:34:79:40:ab:26:
e2:3f:d0:30:04:4f:33:90:14:97:73:a5:a1:2f:d8:
6d:52:36:ca:6d:16:07:9f:3d:73:82:5d:c2:1c:82:
8b:94:e2:09:85:e4:8d:31:a9:c6:ef:7f:fe:24:c9:
5e:1d:37:fa:84:8d:75:9f:b5:4d:6a:b5:04:84:b9:
4a:03:e6:62:1a:64:65:5f:cf:8e:27:78:16:03:29:
15:9b:a8:b3:41:53:dc:aa:7f:f2:cb:12:d4:1e:04:
e9:15:99:90:fa:8b:30:48:cb:af:40:d2:6b:b7:2e:
73:a7:30:65:01:80:b2:bf:24:2f:76:44:cb:37:51:
03:15:68:2f:62:96:0d:e9:55:c2:7c:c9:4d:11:6d:
43:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:F4:11:56:EC:93:70:B9:F1:6D:69:EB:3C:89:9B:4D:F7:E4:81:3F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pfQRVuyTcLnxbWnrPImbTffkgT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
37:17:9d:04:97:a7:af:21:0e:8e:69:1b:03:82:6a:5d:d2:59:
26:44:de:50:2e:77:51:9f:58:54:6a:6d:95:a0:d6:74:6e:ca:
23:d6:6d:70:3c:d6:b8:ee:7c:aa:6b:6a:0a:90:33:1e:2d:d5:
37:c4:03:92:05:cb:e3:7c:c4:5f:46:2b:e0:ec:7d:f1:66:e1:
40:ad:7e:57:ee:6d:c1:b0:39:6f:0e:fa:9b:b2:68:a8:dc:d7:
1b:52:1c:69:f1:87:34:13:3e:f7:36:4d:45:f6:89:31:66:2b:
a5:18:af:1c:9b:f4:39:9b:20:07:1f:eb:47:e4:d2:8a:fa:5d:
68:3e:ae:3d:32:43:19:3a:6b:bd:75:03:47:8d:05:03:8f:df:
d8:8b:66:7d:b4:60:a2:8a:0c:53:59:66:cc:5f:a5:15:8c:5a:
ac:73:74:8b:76:ee:25:c7:be:a0:b2:4b:85:a7:a0:ed:8c:fe:
4a:56:97:9f:22:38:ef:57:a0:b7:d2:8b:c7:07:44:19:28:e8:
b1:c4:56:71:c4:47:0d:ce:eb:fc:c8:09:62:ca:0d:dd:27:dc:
8e:17:2c:f5:da:b8:47:6c:b4:95:48:be:ad:5d:23:7e:64:00:
bf:17:d0:df:3d:f8:93:d1:e7:fe:1f:08:6a:6f:bc:ab:f0:6e:
3c:d5:25:0e
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAI9jCA0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA2
MjQwNjExMTlaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGE1ZjQxMTU2ZWM5
MzcwYjlmMTZkNjllYjNjODk5YjRkZjdlNDgxM2YwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjwJL3stl5KmYvqnzYjHfqketLYe9s/oq80C+n9OEE7bhL
XM7VExJfFmlr9tWS/z28IuHqKb9HRzUr+RlAignkPPqG5jnZDiVgPAbCxHBOUMEK
oQbJ2CQA8JfvvYxm5aBxMGHl3Wait2WV+H4t0nM0FtE0eUCrJuI/0DAETzOQFJdz
paEv2G1SNsptFgefPXOCXcIcgouU4gmF5I0xqcbvf/4kyV4dN/qEjXWftU1qtQSE
uUoD5mIaZGVfz44neBYDKRWbqLNBU9yqf/LLEtQeBOkVmZD6izBIy69A0mu3LnOn
MGUBgLK/JC92RMs3UQMVaC9ilg3pVcJ8yU0RbUN1AgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUpfQRVuyTcLnxbWnrPImbTffkgT8wHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9wZlFSVnV5VGNMbnhiV25yUEltYlRmZmtnVDgucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEANxedBJenryEOjmkbA4JqXdJZJkTeUC53UZ9Y
VGptlaDWdG7KI9ZtcDzWuO58qmtqCpAzHi3VN8QDkgXL43zEX0Yr4Ox98WbhQK1+
V+5twbA5bw76m7JoqNzXG1IcafGHNBM+9zZNRfaJMWYrpRivHJv0OZsgBx/rR+TS
ivpdaD6uPTJDGTprvXUDR40FA4/f2ItmfbRgoooMU1lmzF+lFYxarHN0i3buJce+
oLJLhaeg7Yz+SlaXnyI471egt9KLxwdEGSjoscRWccRHDc7r/MgJYsoN3Sfcjhcs
9dq4R2y0lUi+rV0jfmQAvxfQ3z34k9Hn/h8Iam+8q/BuPNUlDg==
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:19:11 2025 by rpki-client