Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PQSHPcvPNL4MqVyOL8wmu1KZ1TY.roa
File: PQSHPcvPNL4MqVyOL8wmu1KZ1TY.roa (raw, json)
Hash identifier: Fu5safYgB6z7divG2GqdK4FzQLRtC0EZCTxqTFTcE4M=
Subject key identifier: 3D:04:87:3D:CB:CF:34:BE:0C:A9:5C:8E:2F:CC:26:BB:52:99:D5:36
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018968B396B13A685680A30728241FFB284B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PQSHPcvPNL4MqVyOL8wmu1KZ1TY.roa
Signing time: Tue 18 Jul 2023 11:12:27 +0000
ROA not before: Tue 18 Jul 2023 11:12:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:68:b3:96:b1:3a:68:56:80:a3:07:28:24:1f:fb:28:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 18 11:12:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3d04873dcbcf34be0ca95c8e2fcc26bb5299d536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:fc:de:d8:23:92:7d:3f:5b:46:33:e9:99:3b:
9d:0a:20:af:44:aa:a4:82:8a:e4:42:06:26:a6:b6:
8c:91:09:bb:4c:32:78:ed:ae:1a:98:52:00:4a:7c:
95:ab:55:a7:e2:68:65:19:32:f8:15:de:71:27:fb:
c5:92:a9:f4:29:62:18:70:04:76:3d:76:a6:3d:5c:
b6:9d:a8:08:a9:01:fa:79:4e:17:9b:5b:ab:2a:05:
6b:39:2c:4e:75:65:e7:e3:7f:d0:fa:d3:cb:c1:fd:
ad:3c:17:98:f6:00:f8:33:89:2d:87:71:30:f9:f6:
f4:85:84:37:ed:f9:50:84:7b:a9:68:52:29:14:ff:
12:b4:cb:f0:b2:d6:de:0c:71:3f:b5:e9:fd:c5:6d:
30:ef:32:d7:2e:a7:b9:17:30:50:9e:48:41:3b:58:
d9:32:d2:8d:4c:15:03:9b:95:14:aa:3f:aa:cc:7e:
98:bd:85:c3:7a:fd:ef:f2:b6:12:39:41:75:6d:61:
f0:89:e3:20:33:47:68:c0:6f:f7:83:d4:8a:37:4c:
71:32:0a:40:e9:fa:96:7a:15:40:94:ad:f7:0b:3e:
fa:df:7c:46:ee:d5:c9:c4:66:6c:5f:24:84:90:54:
a6:4d:b1:46:43:60:43:38:5e:56:2a:29:54:04:3c:
5e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:04:87:3D:CB:CF:34:BE:0C:A9:5C:8E:2F:CC:26:BB:52:99:D5:36
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PQSHPcvPNL4MqVyOL8wmu1KZ1TY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:18:e2:b0:0f:47:27:fb:4a:90:a4:1c:b5:5e:ac:27:f4:a3:
0f:9b:24:af:73:15:4a:3a:5e:ce:9d:3e:ca:43:87:47:6b:64:
dc:9c:f2:68:ce:90:eb:f1:7c:5f:79:47:d3:45:a2:a5:8f:ec:
47:35:8c:01:9a:2a:d0:01:05:74:17:bd:e8:ff:64:f5:0b:39:
ce:a2:2e:15:35:7f:67:b5:fc:38:fc:07:7e:a8:db:29:3a:bd:
7c:54:5b:93:ce:9e:a3:d6:3f:a4:bc:ef:ef:76:ae:a3:55:58:
73:3f:27:a0:02:9d:5c:51:3b:bb:06:ca:1f:d0:4c:69:3c:aa:
6d:59:43:da:78:0f:ef:31:61:94:bd:d8:18:e6:fe:69:7a:53:
0f:88:90:72:6d:9b:e7:3c:b2:26:77:6a:c4:04:d7:1c:18:30:
f7:a6:02:c9:04:03:fe:20:e6:f5:a6:8c:db:b0:29:50:65:6c:
b8:05:f9:26:b4:63:0e:1e:f2:45:2c:f8:87:34:a9:ea:5a:63:
1e:27:91:5c:a8:da:a4:1d:84:cb:1c:8d:fa:ed:e6:32:41:04:
a6:7a:c6:92:4d:22:63:39:df:ac:6a:2f:04:4a:1d:5b:17:4a:
91:72:cd:d2:08:42:57:74:00:bb:7f:73:ed:a5:a1:ef:9e:be:
79:7b:54:4e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYlos5axOmhWgKMHKCQf+yhLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzE4MTExMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDA0ODczZGNiY2YzNGJlMGNhOTVjOGUyZmNjMjZiYjUyOTlkNTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPze2COSfT9bRjPpmTudCiCvRKqk
gorkQgYmpraMkQm7TDJ47a4amFIASnyVq1Wn4mhlGTL4Fd5xJ/vFkqn0KWIYcAR2
PXamPVy2nagIqQH6eU4Xm1urKgVrOSxOdWXn43/Q+tPLwf2tPBeY9gD4M4kth3Ew
+fb0hYQ37flQhHupaFIpFP8StMvwstbeDHE/ten9xW0w7zLXLqe5FzBQnkhBO1jZ
MtKNTBUDm5UUqj+qzH6YvYXDev3v8rYSOUF1bWHwieMgM0dowG/3g9SKN0xxMgpA
6fqWehVAlK33Cz7633xG7tXJxGZsXySEkFSmTbFGQ2BDOF5WKilUBDxevwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD0Ehz3LzzS+DKlcji/MJrtSmdU2MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUFFTSFBjdlBOTDRNcVZ5T0w4d211MUtaMVRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEAY4rAPRyf7SpCkHLVe
rCf0ow+bJK9zFUo6Xs6dPspDh0drZNyc8mjOkOvxfF95R9NFoqWP7Ec1jAGaKtAB
BXQXvej/ZPULOc6iLhU1f2e1/Dj8B36o2yk6vXxUW5POnqPWP6S87+92rqNVWHM/
J6ACnVxRO7sGyh/QTGk8qm1ZQ9p4D+8xYZS92Bjm/ml6Uw+IkHJtm+c8siZ3asQE
1xwYMPemAskEA/4g5vWmjNuwKVBlbLgF+Sa0Yw4e8kUs+Ic0qepaYx4nkVyo2qQd
hMscjfrt5jJBBKZ6xpJNImM536xqLwRKHVsXSpFyzdIIQld0ALt/c+2loe+evnl7
VE4=
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:12:53 2025 by rpki-client