Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/pgQviAetbUoNpmxbxZmRkiZTzFU.roa
File: pgQviAetbUoNpmxbxZmRkiZTzFU.roa (raw, json)
Hash identifier: /8OW1eCMalVGGjJv7Ln5xCHjDiK4SujEAwUyY/YZG0I=
Subject key identifier: A6:04:2F:88:07:AD:6D:4A:0D:A6:6C:5B:C5:99:91:92:26:53:CC:55
Certificate issuer: /CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Certificate serial: 018673E0CC194A008715F0C872A092C6963C
Authority key identifier: 2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/pgQviAetbUoNpmxbxZmRkiZTzFU.roa
Signing time: Tue 21 Feb 2023 12:09:17 +0000
ROA not before: Tue 21 Feb 2023 12:09:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61302
IP address blocks: 193.32.188.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:73:e0:cc:19:4a:00:87:15:f0:c8:72:a0:92:c6:96:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f5cab8a09a9fde23c9635f8e164aef09e17948c
Validity
Not Before: Feb 21 12:09:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a6042f8807ad6d4a0da66c5bc59991922653cc55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:71:9d:15:10:35:cf:bb:71:a4:52:10:51:a5:
5c:36:ed:66:90:eb:3d:33:68:12:b3:b2:db:6d:ae:
a7:59:74:87:7c:d2:80:48:6a:86:05:b0:e8:1a:ce:
32:98:ef:a4:ce:c9:1b:56:c4:d7:1d:16:7c:a7:6f:
e3:50:9b:d2:c2:16:66:1b:63:a1:0f:ef:48:f0:f6:
9e:63:a6:8d:b7:dc:ae:7b:8d:10:f7:8d:80:30:78:
1b:9a:4c:24:bb:2c:8c:af:1d:48:97:ef:61:2c:b6:
bb:6d:f8:67:2d:ca:bd:6d:c6:51:a9:25:d1:0c:18:
fb:bd:33:68:30:d8:84:93:e4:3d:79:eb:08:8b:38:
38:96:cf:fe:90:54:1c:0b:d2:ee:48:0c:94:e0:46:
7b:70:dd:57:0a:ca:f0:48:af:bf:75:9a:21:4c:c5:
24:25:6d:21:ff:43:11:6f:d8:2a:ba:4a:21:6e:66:
93:6b:25:19:4c:e0:3e:90:2c:f1:69:dd:76:10:78:
4f:b3:db:80:47:4c:02:a0:01:7b:d2:16:11:bf:c3:
49:3c:f6:88:f6:1d:61:27:6f:48:7b:95:5a:ae:2c:
e7:bd:e8:ad:b5:30:a6:54:d4:60:f6:8c:5d:47:d6:
5e:01:bc:f5:ca:91:28:9d:06:1e:d9:36:16:66:b5:
7e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:04:2F:88:07:AD:6D:4A:0D:A6:6C:5B:C5:99:91:92:26:53:CC:55
X509v3 Authority Key Identifier:
keyid:2F:5C:AB:8A:09:A9:FD:E2:3C:96:35:F8:E1:64:AE:F0:9E:17:94:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1yrigmp_eI8ljX44WSu8J4XlIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/pgQviAetbUoNpmxbxZmRkiZTzFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c2e16e-ab68-4429-96ee-002f26e3b898/1/L1yrigmp_eI8ljX44WSu8J4XlIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.188.0/24
Signature Algorithm: sha256WithRSAEncryption
73:e5:11:22:99:9a:d5:08:5b:1f:1e:07:7e:f1:3d:f8:48:b8:
99:7a:79:bb:cd:89:ab:71:ac:3a:8c:e9:de:5e:c4:18:56:3b:
3d:59:75:b3:6a:f2:f4:8f:25:77:30:7f:c0:df:1c:f5:39:f1:
0c:50:d4:9c:8b:86:d4:ee:17:bf:2b:48:77:9e:88:99:36:da:
a6:f5:ef:d8:be:11:6e:f9:e0:f6:9a:9c:02:3e:d9:b3:52:8f:
75:a8:4a:05:41:2d:d6:33:c8:f9:ca:ef:69:95:4c:7b:cf:e2:
36:a5:6a:7f:fc:f7:77:89:0c:c2:38:22:28:dd:e0:73:e7:cc:
32:97:a7:d4:b6:41:73:5f:af:b8:31:c5:53:27:af:9b:f1:05:
e8:e6:2b:b1:5c:84:26:21:cc:fd:7f:ad:ba:26:64:fb:76:84:
b7:54:99:97:f6:c7:47:b9:3d:3f:bd:18:2b:f9:f4:98:e4:88:
3d:f3:9b:76:14:74:a8:24:2e:1b:f9:82:e5:c1:48:d8:a3:c8:
1c:5b:22:c7:45:9e:89:47:37:59:d9:6e:aa:19:e5:25:d7:4b:
5f:7e:47:0c:dd:c2:ae:18:3f:00:57:e5:9f:e3:b5:1f:a0:6a:
1b:85:c6:c0:d4:11:d6:0d:dd:b4:1e:8f:58:2d:5d:b3:d4:c4:
c2:01:00:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZz4MwZSgCHFfDIcqCSxpY8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNWNhYjhhMDlhOWZkZTIzYzk2MzVmOGUxNjRhZWYwOWUx
Nzk0OGMwHhcNMjMwMjIxMTIwOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjA0MmY4ODA3YWQ2ZDRhMGRhNjZjNWJjNTk5OTE5MjI2NTNjYzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnGdFRA1z7txpFIQUaVcNu1mkOs9
M2gSs7Lbba6nWXSHfNKASGqGBbDoGs4ymO+kzskbVsTXHRZ8p2/jUJvSwhZmG2Oh
D+9I8PaeY6aNt9yue40Q942AMHgbmkwkuyyMrx1Il+9hLLa7bfhnLcq9bcZRqSXR
DBj7vTNoMNiEk+Q9eesIizg4ls/+kFQcC9LuSAyU4EZ7cN1XCsrwSK+/dZohTMUk
JW0h/0MRb9gqukohbmaTayUZTOA+kCzxad12EHhPs9uAR0wCoAF70hYRv8NJPPaI
9h1hJ29Ie5VariznveittTCmVNRg9oxdR9ZeAbz1ypEonQYe2TYWZrV+ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKYEL4gHrW1KDaZsW8WZkZImU8xVMB8GA1UdIwQY
MBaAFC9cq4oJqf3iPJY1+OFkrvCeF5SMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUt
MDAyZjI2ZTNiODk4LzEvcGdRdmlBZXRiVW9OcG14YnhabVJraVpUekZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jMmUxNmUtYWI2OC00NDI5LTk2ZWUtMDAyZjI2ZTNiODk4
LzEvTDF5cmlnbXBfZUk4bGpYNDRXU3U4SjRYbEl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSC8MA0G
CSqGSIb3DQEBCwUAA4IBAQBz5REimZrVCFsfHgd+8T34SLiZenm7zYmrcaw6jOne
XsQYVjs9WXWzavL0jyV3MH/A3xz1OfEMUNSci4bU7he/K0h3noiZNtqm9e/YvhFu
+eD2mpwCPtmzUo91qEoFQS3WM8j5yu9plUx7z+I2pWp//Pd3iQzCOCIo3eBz58wy
l6fUtkFzX6+4McVTJ6+b8QXo5iuxXIQmIcz9f626JmT7doS3VJmX9sdHuT0/vRgr
+fSY5Ig985t2FHSoJC4b+YLlwUjYo8gcWyLHRZ6JRzdZ2W6qGeUl10tffkcM3cKu
GD8AV+Wf47UfoGobhcbA1BHWDd20Ho9YLV2z1MTCAQDH
-----END CERTIFICATE-----
Generated at Sun May 11 13:34:31 2025 by rpki-client