
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PuRk3gCixez6eReER7qnXn76_58.roa
File: PuRk3gCixez6eReER7qnXn76_58.roa (raw, json)
Hash identifier: ngHJoA8HaVULS3dWX343QiTsif7C1sLRr/Ib5NKC7DA=
Subject key identifier: 3E:E4:64:DE:00:A2:C5:EC:FA:79:17:84:47:BA:A7:5E:7E:FA:FF:9F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186A321D7AEB0BC5309AEB5F6460B14287F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PuRk3gCixez6eReER7qnXn76_58.roa
Signing time: Thu 02 Mar 2023 16:22:29 +0000
ROA not before: Thu 02 Mar 2023 16:22:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a3:21:d7:ae:b0:bc:53:09:ae:b5:f6:46:0b:14:28:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 2 16:22:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ee464de00a2c5ecfa79178447baa75e7efaff9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:65:33:9d:13:a3:41:cf:f8:52:aa:f8:2b:bc:
6a:4c:b2:66:12:d5:8b:36:ba:b8:8c:4e:42:4e:35:
c2:e4:94:d9:72:17:28:04:4a:a9:c4:20:08:0f:49:
62:6c:7a:61:08:f6:0f:37:49:59:c8:d0:83:64:3e:
9a:bb:e5:9b:82:71:84:c9:44:c3:96:00:0c:f3:75:
68:ad:14:2f:aa:28:f5:f0:bf:96:2a:f1:24:0c:01:
94:c2:ab:89:c3:51:ba:82:66:e9:3a:e4:b3:d0:cb:
96:9b:fa:16:1e:b5:de:01:23:8b:45:b4:77:0a:c5:
ff:db:c4:c2:6d:47:9c:cd:e7:41:0e:41:cc:63:19:
e9:a3:75:96:67:e3:fb:90:15:44:63:0c:ca:a8:6c:
71:39:8c:70:dd:7e:c8:56:e2:97:de:c8:02:fe:c8:
3f:a7:cc:1d:be:25:ab:90:aa:c2:62:fc:63:ef:37:
c5:58:61:c8:00:df:a9:62:c1:a0:fe:5e:0a:6d:5c:
47:ce:8c:d2:9a:90:af:ed:03:0b:0a:81:7a:97:23:
ff:ef:1f:aa:94:2c:f8:5f:af:09:89:95:f3:79:8a:
5c:54:b9:09:e0:32:c3:45:80:41:d0:23:3d:eb:cd:
63:6a:c3:d5:74:f2:d2:27:88:05:6a:e3:1e:82:ce:
13:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:E4:64:DE:00:A2:C5:EC:FA:79:17:84:47:BA:A7:5E:7E:FA:FF:9F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PuRk3gCixez6eReER7qnXn76_58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4e:fc:e0:ee:2e:ce:0b:d5:52:6a:04:b1:88:e3:d8:e4:4e:f5:
e9:99:ec:52:04:17:c0:c7:4b:cc:5a:cd:90:0b:18:96:79:e4:
4b:9c:6c:b0:b5:ec:2b:19:09:4d:66:08:62:64:6e:40:5e:a4:
d9:d9:6b:b1:bc:a5:f7:44:82:26:31:66:ad:38:b9:fa:d6:83:
f5:c3:07:92:ad:b1:ed:99:5e:3b:44:f5:79:2e:c1:e0:63:fc:
68:1c:4c:0c:0e:60:90:d1:60:77:cd:af:66:e3:eb:71:17:2a:
a7:bd:ed:c3:f1:55:93:99:e6:d8:46:cb:06:3b:f9:e0:3d:6e:
09:57:3d:22:71:c9:a7:90:8d:72:a4:e1:05:bf:4d:c4:3d:29:
ca:73:e4:af:85:b8:9b:10:86:45:70:dc:e6:27:c5:4f:4f:11:
66:60:af:aa:20:84:90:1d:a1:d1:07:c0:21:34:a6:02:42:a7:
38:8d:8a:e9:35:3d:f3:11:62:72:00:fa:ce:b4:bd:2d:e6:b4:
48:34:1e:ab:53:cc:63:0b:6c:28:b1:0c:d8:34:b4:39:f0:9f:
51:65:6c:31:74:3d:0c:51:a9:9b:bb:94:3f:66:0b:7d:34:d0:
7b:03:7a:62:e3:c3:a3:03:df:c6:91:fd:db:ca:29:2b:7e:19:
29:5c:f6:1d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYajIdeusLxTCa619kYLFCh/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzAyMTYyMjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWU0NjRkZTAwYTJjNWVjZmE3OTE3ODQ0N2JhYTc1ZTdlZmFmZjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWUznROjQc/4Uqr4K7xqTLJmEtWL
Nrq4jE5CTjXC5JTZchcoBEqpxCAID0libHphCPYPN0lZyNCDZD6au+WbgnGEyUTD
lgAM83VorRQvqij18L+WKvEkDAGUwquJw1G6gmbpOuSz0MuWm/oWHrXeASOLRbR3
CsX/28TCbUeczedBDkHMYxnpo3WWZ+P7kBVEYwzKqGxxOYxw3X7IVuKX3sgC/sg/
p8wdviWrkKrCYvxj7zfFWGHIAN+pYsGg/l4KbVxHzozSmpCv7QMLCoF6lyP/7x+q
lCz4X68JiZXzeYpcVLkJ4DLDRYBB0CM9681jasPVdPLSJ4gFauMegs4TwQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD7kZN4AosXs+nkXhEe6p15++v+fMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUHVSazNnQ2l4ZXo2ZVJlRVI3cW5Ybjc2XzU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE784O4uzgvVUmoEsYjj
2ORO9emZ7FIEF8DHS8xazZALGJZ55EucbLC17CsZCU1mCGJkbkBepNnZa7G8pfdE
giYxZq04ufrWg/XDB5Ktse2ZXjtE9XkuweBj/GgcTAwOYJDRYHfNr2bj63EXKqe9
7cPxVZOZ5thGywY7+eA9bglXPSJxyaeQjXKk4QW/TcQ9Kcpz5K+FuJsQhkVw3OYn
xU9PEWZgr6oghJAdodEHwCE0pgJCpziNiuk1PfMRYnIA+s60vS3mtEg0HqtTzGML
bCixDNg0tDnwn1FlbDF0PQxRqZu7lD9mC3000HsDemLjw6MD38aR/dvKKSt+GSlc
9h0=
-----END CERTIFICATE-----
Generated at Tue Jun 10 22:32:58 2025 by rpki-client