Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PmH1D0Lo6dxEO759VJZo4amTB7k.roa
File: PmH1D0Lo6dxEO759VJZo4amTB7k.roa (raw, json)
Hash identifier: SGQ3KFtGVZPFLsV5jhbiqRbnSimSTZT+7ZGJnHKrvnQ=
Subject key identifier: 3E:61:F5:0F:42:E8:E9:DC:44:3B:BE:7D:54:96:68:E1:A9:93:07:B9
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A40C0FF4BBB676A30B62371A24688051E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PmH1D0Lo6dxEO759VJZo4amTB7k.roa
Signing time: Tue 29 Aug 2023 10:05:04 +0000
ROA not before: Tue 29 Aug 2023 10:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:40c0:56d8/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:40:c0:ff:4b:bb:67:6a:30:b6:23:71:a2:46:88:05:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 29 10:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3e61f50f42e8e9dc443bbe7d549668e1a99307b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:92:d3:fe:54:f9:f5:3d:44:d1:74:59:6c:b2:
84:48:ff:63:47:47:24:29:22:c0:15:cd:bb:12:ca:
b0:e3:04:e3:b6:41:4f:0f:3a:1d:07:49:8f:5f:d8:
5a:1b:a2:09:79:9a:90:00:f3:39:8e:12:f3:b5:a7:
d9:29:75:6a:8b:ff:61:c6:7f:8f:17:4c:dc:3e:92:
01:e1:4e:67:a8:00:9d:0f:35:4f:c5:b3:51:a5:fd:
fc:63:69:5b:38:6d:ab:76:e1:1a:88:61:a9:b2:13:
7e:34:ac:85:64:f7:9c:56:62:a6:9a:f8:33:5d:df:
4a:3a:54:c8:45:40:19:e3:be:e7:86:04:bb:21:35:
a8:4a:88:89:95:2d:38:1c:25:58:91:87:92:9a:95:
55:f1:5a:6a:ad:40:bc:f3:44:5b:cf:31:ce:3a:2c:
99:9e:31:24:24:e5:c8:33:19:74:ce:97:ac:b1:e0:
f8:34:2e:58:5e:65:00:83:9a:89:b4:17:71:52:70:
b7:6b:55:21:cc:04:69:98:d6:6f:e3:7b:45:41:61:
42:f8:41:de:ab:da:2f:c4:29:5a:ea:34:73:fa:82:
de:04:45:5d:90:11:f2:d1:c4:d5:f4:87:6b:15:4d:
df:e8:c8:ae:40:26:84:bd:44:a9:21:2f:fc:1d:78:
50:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:61:F5:0F:42:E8:E9:DC:44:3B:BE:7D:54:96:68:E1:A9:93:07:B9
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PmH1D0Lo6dxEO759VJZo4amTB7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
47:1b:33:e6:80:21:bc:11:a6:31:ff:49:6a:94:cb:85:1d:95:
98:5e:de:83:9b:c9:a0:5a:cf:77:be:ef:49:1e:18:7a:b8:39:
2b:bf:5c:f3:03:29:73:1b:92:2b:43:8d:3f:57:57:34:ab:c0:
af:4a:47:7f:f6:b6:01:53:8c:fd:71:8f:56:9b:5d:1d:ca:95:
a4:9b:64:0c:e0:cf:6c:d2:88:a5:42:42:97:d7:c2:4d:e6:70:
81:da:d4:25:5e:80:be:2a:bb:cb:f2:0b:ec:6d:6f:e3:09:5a:
58:6b:2f:03:2a:49:b4:b5:3b:e6:02:22:af:43:34:90:b4:59:
b3:85:f1:63:6f:ce:c1:5f:e8:4d:dc:4e:49:25:d9:f3:21:8b:
82:6a:60:01:df:55:fc:74:d3:a1:d7:a0:67:02:7e:b4:63:6a:
98:a6:74:65:29:6d:9a:aa:6c:b1:96:71:e2:67:a4:a4:01:76:
a7:39:5a:0c:93:14:ec:02:6b:26:94:67:9f:a9:c1:4e:5e:04:
ec:a7:d3:c6:a5:a4:46:cb:9b:ee:43:21:83:1e:33:dd:c5:92:
87:c9:a0:37:e8:1c:e5:57:71:de:9a:bc:eb:87:5e:5d:89:92:
71:41:45:77:9a:95:44:14:25:8f:a0:fe:02:c6:a8:17:a6:9e:
b1:1c:e9:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpAwP9Lu2dqMLYjcaJGiAUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI5MTAwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTYxZjUwZjQyZThlOWRjNDQzYmJlN2Q1NDk2NjhlMWE5OTMwN2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZLT/lT59T1E0XRZbLKESP9jR0ck
KSLAFc27Esqw4wTjtkFPDzodB0mPX9haG6IJeZqQAPM5jhLztafZKXVqi/9hxn+P
F0zcPpIB4U5nqACdDzVPxbNRpf38Y2lbOG2rduEaiGGpshN+NKyFZPecVmKmmvgz
Xd9KOlTIRUAZ477nhgS7ITWoSoiJlS04HCVYkYeSmpVV8VpqrUC880RbzzHOOiyZ
njEkJOXIMxl0zpesseD4NC5YXmUAg5qJtBdxUnC3a1UhzARpmNZv43tFQWFC+EHe
q9ovxCla6jRz+oLeBEVdkBHy0cTV9IdrFU3f6MiuQCaEvUSpIS/8HXhQFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD5h9Q9C6OncRDu+fVSWaOGpkwe5MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUG1IMUQwTG82ZHhFTzc1OVZKWm80YW1UQjdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEcbM+aAIbwRpjH/SWqU
y4UdlZhe3oObyaBaz3e+70keGHq4OSu/XPMDKXMbkitDjT9XVzSrwK9KR3/2tgFT
jP1xj1abXR3KlaSbZAzgz2zSiKVCQpfXwk3mcIHa1CVegL4qu8vyC+xtb+MJWlhr
LwMqSbS1O+YCIq9DNJC0WbOF8WNvzsFf6E3cTkkl2fMhi4JqYAHfVfx006HXoGcC
frRjapimdGUpbZqqbLGWceJnpKQBdqc5WgyTFOwCayaUZ5+pwU5eBOyn08alpEbL
m+5DIYMeM93FkofJoDfoHOVXcd6avOuHXl2JknFBRXealUQUJY+g/gLGqBemnrEc
6Q0=
-----END CERTIFICATE-----
Generated at Mon Jun 9 06:11:49 2025 by rpki-client