Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G-HpCdz1rRPctxUUsAD9ypbb4yg.roa
File: G-HpCdz1rRPctxUUsAD9ypbb4yg.roa (raw, json)
Hash identifier: twE4vzWLtiHUSmTy8NnMyjl0NhAZTUTVBXbJJrnm4Qo=
Subject key identifier: 1B:E1:E9:09:DC:F5:AD:13:DC:B7:15:14:B0:00:FD:CA:96:DB:E3:28
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01858DDA7669E199205415B5F22810259CE2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G-HpCdz1rRPctxUUsAD9ypbb4yg.roa
Signing time: Sat 07 Jan 2023 20:09:42 +0000
ROA not before: Sat 07 Jan 2023 20:09:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:8d:da:76:69:e1:99:20:54:15:b5:f2:28:10:25:9c:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 7 20:09:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1be1e909dcf5ad13dcb71514b000fdca96dbe328
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1b:d5:56:03:60:02:47:da:8a:62:28:65:8e:
17:73:e8:da:c3:5d:2b:80:06:aa:26:1d:eb:90:8f:
28:0b:7f:3d:4b:85:6b:fb:17:cb:25:60:89:46:9e:
05:75:ba:7d:99:4e:b2:33:de:a4:3c:46:8a:8d:d0:
7f:63:da:80:60:a3:c5:39:99:5f:d0:e5:b7:12:f2:
44:47:28:a2:98:a6:a3:0a:1e:e2:ad:eb:9b:7c:cb:
5b:6e:42:93:b0:55:4c:0b:b9:0f:ba:0d:9c:84:83:
d6:7d:02:c0:27:39:9b:30:a6:56:da:72:3d:15:2b:
b2:df:a0:6a:d1:62:01:f2:6f:2b:7f:5a:93:5c:37:
1a:9a:24:dc:2c:88:4f:77:e1:2f:31:0b:ed:2c:ea:
dd:be:29:0a:0b:ad:b1:c7:17:e8:75:a6:52:ba:90:
8a:2a:2c:94:bf:9c:86:80:d2:3e:85:37:1e:b3:77:
99:f6:28:13:70:79:0d:b8:39:54:8b:6a:d2:f7:0c:
2a:17:d7:81:10:76:b0:a4:fb:39:99:8d:50:fc:39:
d8:ed:91:7f:20:bb:67:c8:f8:68:78:cb:58:bb:73:
96:f7:0e:67:29:88:5c:17:e1:f3:6b:c4:46:44:b1:
98:1f:3b:44:57:ef:9a:89:5a:8b:e5:b0:73:3f:e2:
c2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:E1:E9:09:DC:F5:AD:13:DC:B7:15:14:B0:00:FD:CA:96:DB:E3:28
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/G-HpCdz1rRPctxUUsAD9ypbb4yg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
62:7d:bf:50:b9:f6:72:65:42:95:f8:49:7b:1b:6c:3b:7f:ad:
df:87:c9:19:15:84:cb:d1:ff:83:63:03:a6:49:cb:bf:3e:6f:
78:4d:2d:33:c6:17:37:8f:b5:17:14:65:d9:fe:af:89:9c:5f:
1d:31:9e:b9:db:09:91:91:c3:58:d6:94:a7:dc:d1:22:5b:0c:
6a:b2:c3:7e:27:06:a1:08:f0:c7:62:ba:79:0a:72:b9:51:49:
b0:a3:07:d7:ac:67:70:e0:e9:7b:b2:c4:6d:00:ef:61:0a:43:
58:19:9c:28:27:3f:ee:27:d5:4f:45:37:62:a2:d6:42:63:a3:
7f:4e:8b:fe:92:e3:a3:81:5a:38:7e:00:ef:8c:68:88:5f:1b:
c9:86:bc:d8:9b:98:29:1a:ab:7b:76:eb:c5:b5:29:eb:1d:18:
39:07:2d:04:22:06:d6:28:d1:4c:9d:ec:3f:10:51:54:20:0c:
f0:f6:18:26:bb:85:c1:bf:83:f6:4c:ae:6d:be:b5:65:f4:c2:
63:68:fe:c1:2d:b6:25:6a:51:4b:d6:da:5f:50:f2:40:61:39:
73:b9:3a:18:9b:9c:db:29:21:c2:19:6b:b6:e0:e3:51:62:42:
77:34:42:55:c5:38:cd:1b:a3:0b:2f:0f:c7:2e:fc:14:e1:f5:
df:2a:34:b8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWN2nZp4ZkgVBW18igQJZziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA3MjAwOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmUxZTkwOWRjZjVhZDEzZGNiNzE1MTRiMDAwZmRjYTk2ZGJlMzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhvVVgNgAkfaimIoZY4Xc+jaw10r
gAaqJh3rkI8oC389S4Vr+xfLJWCJRp4Fdbp9mU6yM96kPEaKjdB/Y9qAYKPFOZlf
0OW3EvJERyiimKajCh7ireubfMtbbkKTsFVMC7kPug2chIPWfQLAJzmbMKZW2nI9
FSuy36Bq0WIB8m8rf1qTXDcamiTcLIhPd+EvMQvtLOrdvikKC62xxxfodaZSupCK
KiyUv5yGgNI+hTces3eZ9igTcHkNuDlUi2rS9wwqF9eBEHawpPs5mY1Q/DnY7ZF/
ILtnyPhoeMtYu3OW9w5nKYhcF+Hza8RGRLGYHztEV++aiVqL5bBzP+LCoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBvh6Qnc9a0T3LcVFLAA/cqW2+MoMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRy1IcENkejFyUlBjdHhVVXNBRDl5cGJiNHlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGJ9v1C59nJlQpX4SXsb
bDt/rd+HyRkVhMvR/4NjA6ZJy78+b3hNLTPGFzePtRcUZdn+r4mcXx0xnrnbCZGR
w1jWlKfc0SJbDGqyw34nBqEI8MdiunkKcrlRSbCjB9esZ3Dg6XuyxG0A72EKQ1gZ
nCgnP+4n1U9FN2Ki1kJjo39Oi/6S46OBWjh+AO+MaIhfG8mGvNibmCkaq3t268W1
KesdGDkHLQQiBtYo0Uyd7D8QUVQgDPD2GCa7hcG/g/ZMrm2+tWX0wmNo/sEttiVq
UUvW2l9Q8kBhOXO5OhibnNspIcIZa7bg41FiQnc0QlXFOM0bowsvD8cu/BTh9d8q
NLg=
-----END CERTIFICATE-----
Generated at Sat May 3 15:50:43 2025 by rpki-client