Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AHd98uKQCUJ-Hv00DaWrgqSJXRY.roa
File: AHd98uKQCUJ-Hv00DaWrgqSJXRY.roa (raw, json)
Hash identifier: CHi91IhXgSMrT1mSn3FC9n2ZG8y0adWdi5FRGf8uU/A=
Subject key identifier: 00:77:7D:F2:E2:90:09:42:7E:1E:FD:34:0D:A5:AB:82:A4:89:5D:16
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0182FAE97F1DF0A991A6AAD489707FEFA36E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AHd98uKQCUJ-Hv00DaWrgqSJXRY.roa
Signing time: Thu 01 Sep 2022 21:16:22 +0000
ROA not before: Thu 01 Sep 2022 21:16:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:fa:e9:7f:1d:f0:a9:91:a6:aa:d4:89:70:7f:ef:a3:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 1 21:16:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00777df2e29009427e1efd340da5ab82a4895d16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:01:82:ba:b0:6c:1b:b5:f6:a0:8b:17:60:34:
60:aa:8e:27:7a:e0:f9:2b:0b:dd:33:23:9c:cc:d2:
3a:8d:42:81:57:72:47:a6:71:ac:24:d9:1b:b8:a4:
89:03:6e:d3:b7:e4:c9:db:27:88:d0:2e:95:69:2d:
fd:73:42:59:8c:b6:bc:f6:6c:5a:27:46:94:a1:5a:
f9:a7:86:9e:96:4c:ea:4f:0f:4c:04:03:5c:65:6b:
95:f4:3b:f1:e3:37:5f:22:24:ed:2e:17:74:49:ac:
79:2f:18:84:c8:15:93:d6:f6:07:9b:02:0b:99:49:
3b:85:a2:83:97:fc:93:8a:1b:e8:b2:08:a6:4c:a0:
ae:c0:a9:70:87:48:75:0f:8b:60:30:46:b5:9c:e7:
bf:b1:c8:d7:64:fe:96:2a:57:66:3f:ac:48:5d:f2:
49:06:5b:21:f1:31:2b:6a:cf:0c:fe:22:04:48:9e:
44:b2:ce:9d:b3:80:fc:c6:5e:05:ec:c3:ed:1a:fa:
1c:f6:b2:ed:f6:6c:0f:15:38:21:09:5f:4a:f3:7c:
07:69:c6:8e:20:6f:8d:d1:54:c8:79:da:94:41:81:
c5:b2:12:18:b3:cf:49:6c:54:38:77:80:02:84:d6:
36:ce:ea:dc:51:c1:83:e0:72:d2:ee:71:34:7a:a3:
1d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:77:7D:F2:E2:90:09:42:7E:1E:FD:34:0D:A5:AB:82:A4:89:5D:16
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AHd98uKQCUJ-Hv00DaWrgqSJXRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8d:5b:24:12:74:86:ae:0c:95:a4:f5:ca:05:24:21:61:90:b3:
ba:6b:31:1b:04:39:b3:76:e0:6e:05:48:48:8a:17:90:f1:e6:
9a:aa:b6:af:ff:c7:0c:ac:b1:87:70:4e:cf:c9:31:0d:34:f1:
ff:c0:c0:e6:cc:a2:56:f5:c7:9b:77:62:23:c9:87:c2:18:b8:
87:fc:ef:a9:35:fc:4b:56:bd:10:17:73:6c:9a:b6:4b:4f:3c:
76:d1:8b:8f:6b:dc:29:90:e6:a3:5c:5c:8f:22:4b:e9:ee:df:
06:1a:6b:8a:ce:08:bd:fd:28:af:19:f7:b8:cb:cc:eb:73:f6:
52:66:95:5b:2b:c3:09:6f:7e:98:4a:96:ad:63:2a:cf:ab:17:
db:7a:75:aa:32:46:87:61:3d:ff:46:7b:48:4c:cc:3c:69:63:
c5:b7:8b:51:ec:7d:78:22:d8:d3:b6:b4:19:03:0f:79:fe:9d:
d5:a9:1b:89:49:88:fc:3d:78:97:be:ad:3e:25:92:5b:ff:00:
ec:df:eb:73:04:00:66:f0:88:8c:1d:f1:52:dd:64:b1:89:c5:
69:84:b3:be:8d:66:e6:e6:8e:e4:92:b9:cf:51:23:d6:e7:f5:
67:90:16:5a:1d:f1:1a:8e:96:1e:80:3e:2a:97:5b:c0:4b:46:
37:78:ce:d2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYL66X8d8KmRpqrUiXB/76NuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTAxMjExNjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDc3N2RmMmUyOTAwOTQyN2UxZWZkMzQwZGE1YWI4MmE0ODk1ZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswGCurBsG7X2oIsXYDRgqo4neuD5
KwvdMyOczNI6jUKBV3JHpnGsJNkbuKSJA27Tt+TJ2yeI0C6VaS39c0JZjLa89mxa
J0aUoVr5p4aelkzqTw9MBANcZWuV9Dvx4zdfIiTtLhd0Sax5LxiEyBWT1vYHmwIL
mUk7haKDl/yTihvosgimTKCuwKlwh0h1D4tgMEa1nOe/scjXZP6WKldmP6xIXfJJ
Blsh8TEras8M/iIESJ5Ess6ds4D8xl4F7MPtGvoc9rLt9mwPFTghCV9K83wHacaO
IG+N0VTIedqUQYHFshIYs89JbFQ4d4AChNY2zurcUcGD4HLS7nE0eqMdNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAB3ffLikAlCfh79NA2lq4KkiV0WMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQUhkOTh1S1FDVUotSHYwMERhV3JncVNKWFJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI1bJBJ0hq4MlaT1ygUk
IWGQs7prMRsEObN24G4FSEiKF5Dx5pqqtq//xwyssYdwTs/JMQ008f/AwObMolb1
x5t3YiPJh8IYuIf876k1/EtWvRAXc2yatktPPHbRi49r3CmQ5qNcXI8iS+nu3wYa
a4rOCL39KK8Z97jLzOtz9lJmlVsrwwlvfphKlq1jKs+rF9t6daoyRodhPf9Ge0hM
zDxpY8W3i1HsfXgi2NO2tBkDD3n+ndWpG4lJiPw9eJe+rT4lklv/AOzf63MEAGbw
iIwd8VLdZLGJxWmEs76NZubmjuSSuc9RI9bn9WeQFlod8RqOlh6APiqXW8BLRjd4
ztI=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:42:35 2025 by rpki-client