Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-HvpgXXHviQdyDRCMZKj3ETdX4E.roa
File: 1-HvpgXXHviQdyDRCMZKj3ETdX4E.roa (raw, json)
Hash identifier: QO68QpFMKss3TXvV/nNo7T4n7hULUlAYsejX/oF/nwE=
Subject key identifier: F8:7B:E9:81:75:C7:BE:24:1D:C8:34:42:31:92:A3:DC:44:DD:5F:81
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A02595AE06D31B6DEE09C154E8FBDD64E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-HvpgXXHviQdyDRCMZKj3ETdX4E.roa
Signing time: Thu 17 Aug 2023 07:15:24 +0000
ROA not before: Thu 17 Aug 2023 07:15:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:02:59:5a:e0:6d:31:b6:de:e0:9c:15:4e:8f:bd:d6:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 17 07:15:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f87be98175c7be241dc834423192a3dc44dd5f81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b3:48:e8:9b:51:e0:90:49:bf:82:aa:53:f8:
12:5c:c1:63:c7:0a:70:33:8b:69:dc:08:8b:9c:70:
55:8a:32:1a:73:86:b1:cb:17:dc:ce:48:d2:dd:de:
10:24:68:7a:21:d5:0e:de:25:c9:e6:6f:3f:41:8a:
cd:84:fa:c2:15:d9:ed:06:4e:7b:5e:93:c0:84:11:
39:50:81:2c:02:05:67:eb:7a:dc:25:fe:dc:f7:82:
bb:6d:2e:8b:ad:d5:f2:ec:d1:f7:8f:7c:2e:bc:57:
bb:58:33:e4:04:3d:8b:a1:a4:39:75:12:20:24:be:
39:83:e6:9a:62:9b:7d:1c:66:39:18:18:3e:67:3e:
1c:df:59:ff:45:c1:55:d2:5e:09:19:69:ec:93:ab:
18:1a:4a:3d:2f:9f:be:8f:97:21:56:82:5b:aa:8f:
b1:ee:6a:8d:4b:57:a0:b3:fe:51:32:75:21:dc:c2:
d0:ec:59:8e:3f:d1:50:9c:8f:53:31:bf:b8:b8:33:
f1:e4:4c:29:67:ed:3f:1f:78:ba:e4:9e:d5:0f:04:
41:55:72:ef:1e:d5:e7:ee:80:50:3d:12:1b:8d:33:
3f:ad:17:68:00:5d:0e:45:69:64:67:b9:c7:09:47:
ba:96:2f:b7:aa:56:33:72:33:a3:66:23:88:fc:0c:
2a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:7B:E9:81:75:C7:BE:24:1D:C8:34:42:31:92:A3:DC:44:DD:5F:81
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-HvpgXXHviQdyDRCMZKj3ETdX4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0b:11:36:b0:b4:0f:41:a3:3f:3a:7e:40:20:78:1f:ac:d0:f3:
a2:d0:70:47:31:f6:8c:72:48:51:9d:59:21:3b:03:26:b7:a4:
e4:f4:d6:e5:61:8a:19:1b:7a:10:26:31:0f:49:f1:d1:5c:c5:
f4:8f:8b:8e:fb:27:d9:a2:6d:6e:32:8c:1c:11:0c:0c:4e:55:
ec:8d:05:df:11:f4:48:c1:e7:2b:01:31:3a:cb:1f:20:97:0d:
51:fd:ce:09:56:16:f6:b5:6e:36:a2:a6:3d:c0:07:7a:f3:4d:
13:a8:ba:d9:da:92:00:3f:7a:d7:ae:c5:d2:6e:b9:71:fb:a5:
c7:54:f0:9b:64:ea:fe:c1:bd:3d:aa:07:3c:1a:48:03:de:9e:
25:96:d3:79:24:7a:36:d8:e9:db:3c:57:fd:16:22:4c:f6:56:
7b:27:c8:60:96:ca:94:cd:4b:b3:51:80:16:76:31:aa:70:3a:
2c:d1:87:db:28:86:5d:da:08:57:58:30:1a:66:3f:9d:c6:fc:
b3:8f:a5:35:92:f5:ea:42:b7:2e:2d:01:9a:87:2d:d7:53:25:
ac:a9:78:1a:91:ff:0b:32:21:e5:8a:e6:39:66:53:20:c6:49:
dc:ca:73:59:12:cc:3d:46:cd:8d:59:63:57:47:a9:3c:3f:e5:
e2:c4:91:22
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYoCWVrgbTG23uCcFU6PvdZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE3MDcxNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODdiZTk4MTc1YzdiZTI0MWRjODM0NDIzMTkyYTNkYzQ0ZGQ1ZjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7NI6JtR4JBJv4KqU/gSXMFjxwpw
M4tp3AiLnHBVijIac4axyxfczkjS3d4QJGh6IdUO3iXJ5m8/QYrNhPrCFdntBk57
XpPAhBE5UIEsAgVn63rcJf7c94K7bS6LrdXy7NH3j3wuvFe7WDPkBD2LoaQ5dRIg
JL45g+aaYpt9HGY5GBg+Zz4c31n/RcFV0l4JGWnsk6sYGko9L5++j5chVoJbqo+x
7mqNS1egs/5RMnUh3MLQ7FmOP9FQnI9TMb+4uDPx5EwpZ+0/H3i65J7VDwRBVXLv
HtXn7oBQPRIbjTM/rRdoAF0ORWlkZ7nHCUe6li+3qlYzcjOjZiOI/AwqAQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPh76YF1x74kHcg0QjGSo9xE3V+BMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMS1IdnBnWFhIdmlRZHlEUkNNWktqM0VUZFg0RS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFh
Ni8xL2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQALETawtA9Boz86fkAg
eB+s0POi0HBHMfaMckhRnVkhOwMmt6Tk9NblYYoZG3oQJjEPSfHRXMX0j4uO+yfZ
om1uMowcEQwMTlXsjQXfEfRIwecrATE6yx8glw1R/c4JVhb2tW42oqY9wAd6800T
qLrZ2pIAP3rXrsXSbrlx+6XHVPCbZOr+wb09qgc8GkgD3p4lltN5JHo22OnbPFf9
FiJM9lZ7J8hglsqUzUuzUYAWdjGqcDos0YfbKIZd2ghXWDAaZj+dxvyzj6U1kvXq
QrcuLQGahy3XUyWsqXgakf8LMiHliuY5ZlMgxkncynNZEsw9Rs2NWWNXR6k8P+Xi
xJEi
-----END CERTIFICATE-----
Generated at Thu May 1 10:25:39 2025 by rpki-client