Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AHsvotiRt5Oirb5qVzK052qfsLU.roa
File: AHsvotiRt5Oirb5qVzK052qfsLU.roa (raw, json)
Hash identifier: ncwYKQP00dB6U3Udy05i9z0I0jQz0APdcpsoVozs/hA=
Subject key identifier: 00:7B:2F:A2:D8:91:B7:93:A2:AD:BE:6A:57:32:B4:E7:6A:9F:B0:B5
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A27E73C1C81A3955B7944E49EB1E1800B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AHsvotiRt5Oirb5qVzK052qfsLU.roa
Signing time: Thu 24 Aug 2023 14:16:20 +0000
ROA not before: Thu 24 Aug 2023 14:16:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:27:e7:3c:1c:81:a3:95:5b:79:44:e4:9e:b1:e1:80:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 24 14:16:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=007b2fa2d891b793a2adbe6a5732b4e76a9fb0b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a4:33:8f:50:eb:79:f0:76:35:2d:62:cd:3e:
43:20:89:ed:b7:31:71:81:a4:f6:bf:64:1d:4b:75:
d6:21:3f:db:05:1c:07:a4:41:3e:f9:71:22:5c:19:
af:53:5d:d9:1d:89:33:82:12:f6:33:1c:fc:0f:d1:
d0:53:9f:38:e3:4c:21:c3:79:ef:dd:7c:58:39:35:
1b:3e:87:3e:d2:79:8f:90:38:ff:b8:9c:4d:f2:78:
a8:c9:5a:80:7c:97:26:ac:38:e3:9c:bd:c3:46:3a:
82:80:0d:72:78:15:26:e6:f4:ed:bc:ba:2d:33:20:
5c:64:39:7f:c4:3f:32:b3:a2:78:0a:c8:68:35:33:
be:98:a7:df:1b:f5:22:c6:46:a3:9d:31:2c:55:95:
c6:94:b9:ce:f8:28:f7:4e:c8:d8:49:60:42:3e:b9:
bb:e0:01:b3:16:14:32:cb:ef:e6:47:6c:65:79:af:
0c:f1:f8:c4:4a:d1:5c:dc:1f:9e:d8:5f:9f:fa:41:
81:e4:5d:cd:d0:1a:91:f9:a4:b7:74:4c:9c:b3:51:
c0:7b:f4:d5:7c:9f:bc:e6:25:e9:bc:56:10:65:d0:
1e:45:1a:70:89:43:fa:9a:19:27:1e:bb:d0:95:ef:
f9:c2:4c:dc:18:60:5e:bf:fe:0f:ad:bf:65:ef:19:
11:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:7B:2F:A2:D8:91:B7:93:A2:AD:BE:6A:57:32:B4:E7:6A:9F:B0:B5
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/AHsvotiRt5Oirb5qVzK052qfsLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
37:6d:9c:3d:c8:1b:b2:9b:29:bf:9d:67:55:69:35:06:8a:53:
96:4c:96:4f:d3:6d:b9:ad:b0:ee:bf:0c:23:e3:3b:b2:d0:f1:
ec:ec:69:f7:66:8f:2b:de:af:7a:f5:85:0a:78:9c:d1:e7:fd:
0c:d3:ea:1f:5f:a2:4e:3b:08:ed:fe:21:b6:7e:48:13:34:a0:
3a:2f:58:d3:e6:b6:0a:cc:08:eb:54:44:3f:37:4f:05:35:00:
0b:39:30:eb:f5:82:50:8a:9d:80:07:99:37:95:f0:07:cb:c2:
75:e0:f8:04:f7:92:ad:99:e6:6b:ca:0d:80:54:b2:7b:ea:a0:
5d:7d:c9:64:a3:61:79:6b:35:90:d4:88:55:a3:2a:82:90:c1:
30:f7:5c:eb:29:63:9e:46:95:b0:b0:c9:0c:9d:bf:01:a4:86:
dc:92:a6:a1:7f:b7:af:b2:7c:12:90:8c:10:d0:10:e0:8f:05:
68:fe:b1:6d:1d:fc:c8:38:76:c2:98:e5:13:5b:c9:13:7e:5b:
31:51:13:38:1f:af:40:8f:7d:5c:56:45:65:a6:ea:46:9b:46:
d2:44:32:b4:cf:eb:bb:9e:c6:a4:15:e9:57:d5:a1:f1:ac:91:
d4:28:d8:5d:1e:7d:7b:b4:0a:85:1b:cd:ca:2d:eb:1d:11:d5:
82:c2:9b:df
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYon5zwcgaOVW3lE5J6x4YALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI0MTQxNjIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDdiMmZhMmQ4OTFiNzkzYTJhZGJlNmE1NzMyYjRlNzZhOWZiMGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6Qzj1DrefB2NS1izT5DIInttzFx
gaT2v2QdS3XWIT/bBRwHpEE++XEiXBmvU13ZHYkzghL2Mxz8D9HQU58440whw3nv
3XxYOTUbPoc+0nmPkDj/uJxN8nioyVqAfJcmrDjjnL3DRjqCgA1yeBUm5vTtvLot
MyBcZDl/xD8ys6J4CshoNTO+mKffG/UixkajnTEsVZXGlLnO+Cj3TsjYSWBCPrm7
4AGzFhQyy+/mR2xlea8M8fjEStFc3B+e2F+f+kGB5F3N0BqR+aS3dEycs1HAe/TV
fJ+85iXpvFYQZdAeRRpwiUP6mhknHrvQle/5wkzcGGBev/4Prb9l7xkRwwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAB7L6LYkbeToq2+alcytOdqn7C1MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQUhzdm90aVJ0NU9pcmI1cVZ6SzA1MnFmc0xVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADdtnD3IG7KbKb+dZ1Vp
NQaKU5ZMlk/TbbmtsO6/DCPjO7LQ8ezsafdmjyver3r1hQp4nNHn/QzT6h9fok47
CO3+IbZ+SBM0oDovWNPmtgrMCOtURD83TwU1AAs5MOv1glCKnYAHmTeV8AfLwnXg
+AT3kq2Z5mvKDYBUsnvqoF19yWSjYXlrNZDUiFWjKoKQwTD3XOspY55GlbCwyQyd
vwGkhtySpqF/t6+yfBKQjBDQEOCPBWj+sW0d/Mg4dsKY5RNbyRN+WzFREzgfr0CP
fVxWRWWm6kabRtJEMrTP67uexqQV6VfVofGskdQo2F0efXu0CoUbzcot6x0R1YLC
m98=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:41:20 2025 by rpki-client