Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pXf5DDZg7JhHhhN82PitqwRP1rs.roa
File: pXf5DDZg7JhHhhN82PitqwRP1rs.roa (raw, json)
Hash identifier: yNR3vIAxYCC8jVOx00rnJxv9Ruzezu+K0mf+3KVOMGU=
Subject key identifier: A5:77:F9:0C:36:60:EC:98:47:86:13:7C:D8:F8:AD:AB:04:4F:D6:BB
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185251F21690F81ED78BED840320DC0E198
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pXf5DDZg7JhHhhN82PitqwRP1rs.roa
Signing time: Sun 18 Dec 2022 12:04:35 +0000
ROA not before: Sun 18 Dec 2022 12:04:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:185:251e:def8/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:25:1f:21:69:0f:81:ed:78:be:d8:40:32:0d:c0:e1:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 18 12:04:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a577f90c3660ec984786137cd8f8adab044fd6bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2c:3c:0d:e9:34:14:38:13:bd:37:11:a0:99:
54:90:24:9c:a6:7b:0b:83:46:e8:ac:00:cf:92:51:
06:04:99:1a:4a:e1:92:96:f9:18:b4:0a:f0:cd:03:
49:ce:ea:d8:eb:55:b9:87:8c:0f:0e:a2:c9:47:d4:
fd:4e:4d:db:80:fe:20:b8:14:2d:92:29:7c:b9:c9:
54:f6:89:e8:e5:03:fa:96:c8:02:89:d2:1b:13:97:
d8:14:6b:33:ff:ec:6b:bd:48:23:35:95:34:a9:55:
ab:83:bb:c1:90:8f:ce:c2:da:b6:51:dd:6b:40:74:
67:37:52:9d:5f:aa:61:05:0c:df:7c:6f:44:be:0e:
9d:c9:f4:0e:f3:83:77:2b:db:fe:25:67:61:d8:bb:
d7:09:ea:bf:ed:57:d6:d1:22:14:72:0e:8d:5c:d4:
13:cc:86:ec:a7:2b:ed:36:b2:9e:f6:e8:56:a2:ec:
83:a7:c8:61:02:24:11:72:96:23:17:8b:8a:99:24:
1d:4b:5b:df:26:de:fa:43:85:e5:70:7d:e2:f6:f0:
fe:3f:9c:ee:40:52:ad:97:e2:0d:50:53:37:c7:84:
7a:81:87:74:61:05:f8:37:cb:a4:d4:fd:b8:96:e5:
17:ef:15:83:07:8e:2d:8d:81:f0:ed:5d:8a:39:8a:
64:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:77:F9:0C:36:60:EC:98:47:86:13:7C:D8:F8:AD:AB:04:4F:D6:BB
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/pXf5DDZg7JhHhhN82PitqwRP1rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
26:46:5b:1d:d7:39:c2:3d:97:53:a8:e6:ad:b6:d6:47:cb:d4:
15:b0:c1:50:12:72:aa:89:4d:84:16:93:0b:0b:10:bf:d3:52:
68:19:d2:bb:73:b4:73:db:2a:b2:8a:06:5d:c6:db:f9:e3:03:
5d:9a:5a:cd:4c:32:af:c8:1b:97:8f:e5:88:1a:c7:24:d4:61:
b4:0e:c8:ae:37:3a:06:ed:ec:f4:e2:ac:5d:3c:41:28:9b:45:
f0:1c:1f:55:b6:6f:bd:85:5d:3b:cd:2d:72:ab:22:5d:b7:45:
82:cd:07:35:fd:0c:d9:98:9c:1f:a9:82:e4:4f:44:18:99:e2:
46:ac:5f:07:08:ca:ac:e2:71:8c:be:a1:75:44:d0:8d:17:20:
c5:5e:c5:6c:f4:1c:12:80:8e:73:e0:8a:c3:0f:cf:ad:f5:63:
1b:3e:da:4d:9f:da:76:76:8d:22:b3:44:a4:bb:6e:52:a1:76:
0d:e0:90:18:53:e1:18:e7:09:d0:87:0e:c5:a6:25:38:19:3c:
a1:47:c3:48:ff:a6:46:bb:2e:9f:cf:03:5a:0d:7d:09:be:40:
4a:e9:83:5c:2b:83:c4:e5:67:fe:63:d8:63:4d:16:4f:39:4e:
8a:3a:03:f4:7f:a0:22:2d:b4:65:66:d7:4f:74:65:9e:bc:e0:
d5:ab:d2:16
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUlHyFpD4HteL7YQDINwOGYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE4MTIwNDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTc3ZjkwYzM2NjBlYzk4NDc4NjEzN2NkOGY4YWRhYjA0NGZkNmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyw8Dek0FDgTvTcRoJlUkCScpnsL
g0borADPklEGBJkaSuGSlvkYtArwzQNJzurY61W5h4wPDqLJR9T9Tk3bgP4guBQt
kil8uclU9ono5QP6lsgCidIbE5fYFGsz/+xrvUgjNZU0qVWrg7vBkI/Owtq2Ud1r
QHRnN1KdX6phBQzffG9Evg6dyfQO84N3K9v+JWdh2LvXCeq/7VfW0SIUcg6NXNQT
zIbspyvtNrKe9uhWouyDp8hhAiQRcpYjF4uKmSQdS1vfJt76Q4XlcH3i9vD+P5zu
QFKtl+INUFM3x4R6gYd0YQX4N8uk1P24luUX7xWDB44tjYHw7V2KOYpkZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKV3+Qw2YOyYR4YTfNj4rasET9a7MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcFhmNUREWmc3SmhIaGhOODJQaXRxd1JQMXJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACZGWx3XOcI9l1Oo5q22
1kfL1BWwwVAScqqJTYQWkwsLEL/TUmgZ0rtztHPbKrKKBl3G2/njA12aWs1MMq/I
G5eP5YgaxyTUYbQOyK43Ogbt7PTirF08QSibRfAcH1W2b72FXTvNLXKrIl23RYLN
BzX9DNmYnB+pguRPRBiZ4kasXwcIyqzicYy+oXVE0I0XIMVexWz0HBKAjnPgisMP
z631Yxs+2k2f2nZ2jSKzRKS7blKhdg3gkBhT4RjnCdCHDsWmJTgZPKFHw0j/pka7
Lp/PA1oNfQm+QErpg1wrg8TlZ/5j2GNNFk85Too6A/R/oCIttGVm1090ZZ684NWr
0hY=
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:05:58 2025 by rpki-client