Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/H-STFXxY0Fz5krwsTEKbAWlHip8.roa
File: H-STFXxY0Fz5krwsTEKbAWlHip8.roa (raw, json)
Hash identifier: SXXl/BZ4yy9uW+3qZJkNun/Vygmhddm4QftFpcqvUv0=
Subject key identifier: 1F:E4:93:15:7C:58:D0:5C:F9:92:BC:2C:4C:42:9B:01:69:47:8A:9F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01898EE396C8FD7EE421A331B1CFC453EF24
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/H-STFXxY0Fz5krwsTEKbAWlHip8.roa
Signing time: Tue 25 Jul 2023 21:10:27 +0000
ROA not before: Tue 25 Jul 2023 21:10:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8e:e3:96:c8:fd:7e:e4:21:a3:31:b1:cf:c4:53:ef:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 25 21:10:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1fe493157c58d05cf992bc2c4c429b0169478a9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bb:fe:dd:3b:f6:87:a2:a9:4d:52:88:4f:26:
55:27:bc:b2:fb:44:e7:6e:e8:91:35:28:5a:e3:6a:
77:43:9e:b0:17:cd:b7:7d:e1:df:ec:19:34:24:b3:
3d:7f:4b:96:bf:4b:31:d8:f7:ab:1a:cc:b1:23:ba:
e5:84:4a:8e:3d:a9:ff:06:3f:2e:f4:74:dc:a9:d3:
9e:95:09:98:b8:b4:1d:31:e3:9a:2c:5d:1e:dd:56:
1b:e4:5a:8b:ff:0b:83:3b:d9:34:b4:11:e7:6e:03:
e8:9b:51:1a:41:99:eb:7c:97:d3:4c:2a:81:39:28:
be:c7:b6:54:4b:17:c2:35:7f:dc:96:b7:53:38:62:
56:81:2c:b3:cd:2a:a7:58:f6:29:30:25:15:d6:ed:
72:0a:d9:0f:5b:a5:c9:e7:ca:b5:40:07:4c:c2:40:
24:1f:73:16:40:bd:d0:85:e9:36:12:ca:3d:a6:6a:
07:6e:fe:19:e1:99:4f:bc:9c:02:67:0b:dd:c0:50:
87:08:67:73:8f:88:f2:6e:44:3f:fa:61:ad:04:2b:
f0:e7:89:1f:30:8f:c3:99:e1:71:e8:d7:4d:5f:a0:
be:be:04:fe:9c:68:dd:d3:bc:9c:b7:08:88:da:26:
ae:8d:15:90:48:38:8d:39:5c:94:02:91:13:01:56:
37:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:E4:93:15:7C:58:D0:5C:F9:92:BC:2C:4C:42:9B:01:69:47:8A:9F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/H-STFXxY0Fz5krwsTEKbAWlHip8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
04:36:80:2f:f4:58:d6:2c:26:62:a3:bb:85:69:19:fb:20:64:
a4:e6:83:ee:5c:95:7e:61:9b:3b:dd:d1:fc:0e:98:0c:a7:71:
66:97:bb:61:78:ed:2d:17:4e:d3:7e:0d:fa:77:aa:58:b8:54:
df:c0:db:86:c0:32:81:7c:62:2d:f7:eb:17:dd:68:6d:2a:13:
5e:14:06:e1:55:09:0a:e3:86:e7:dc:00:0b:03:b2:82:9e:62:
55:64:53:89:b1:70:75:ad:6b:8e:41:7b:56:1b:da:fb:f2:78:
63:db:d9:db:15:81:6c:7d:aa:91:7a:aa:4b:8a:98:16:c3:7e:
d9:71:d9:e3:8c:72:7e:3c:23:55:da:af:5f:b3:65:de:e3:a5:
16:64:0c:42:2f:c2:23:85:f2:a3:cc:86:5c:5b:e3:0e:9f:fd:
24:6c:62:d6:db:8c:5d:96:9d:df:2d:2a:79:88:7e:e7:b0:d5:
e9:15:ad:c5:e8:e5:9a:6a:2d:b6:68:f1:96:d5:ed:d9:18:d8:
25:e5:43:11:c9:8c:16:be:50:57:20:88:42:45:20:0f:61:94:
ca:30:88:ad:16:e7:61:c5:6b:15:83:b7:a5:87:b6:92:33:0a:
ff:23:52:6f:c1:32:58:53:64:d2:21:5c:b9:b6:02:16:6d:43:
e5:34:1f:b6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmO45bI/X7kIaMxsc/EU+8kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzI1MjExMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmU0OTMxNTdjNThkMDVjZjk5MmJjMmM0YzQyOWIwMTY5NDc4YTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbv+3Tv2h6KpTVKITyZVJ7yy+0Tn
buiRNSha42p3Q56wF823feHf7Bk0JLM9f0uWv0sx2PerGsyxI7rlhEqOPan/Bj8u
9HTcqdOelQmYuLQdMeOaLF0e3VYb5FqL/wuDO9k0tBHnbgPom1EaQZnrfJfTTCqB
OSi+x7ZUSxfCNX/clrdTOGJWgSyzzSqnWPYpMCUV1u1yCtkPW6XJ58q1QAdMwkAk
H3MWQL3Qhek2Eso9pmoHbv4Z4ZlPvJwCZwvdwFCHCGdzj4jybkQ/+mGtBCvw54kf
MI/DmeFx6NdNX6C+vgT+nGjd07yctwiI2iaujRWQSDiNOVyUApETAVY34QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB/kkxV8WNBc+ZK8LExCmwFpR4qfMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSC1TVEZYeFkwRno1a3J3c1RFS2JBV2xIaXA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAQ2gC/0WNYsJmKju4Vp
GfsgZKTmg+5clX5hmzvd0fwOmAyncWaXu2F47S0XTtN+Dfp3qli4VN/A24bAMoF8
Yi336xfdaG0qE14UBuFVCQrjhufcAAsDsoKeYlVkU4mxcHWta45Be1Yb2vvyeGPb
2dsVgWx9qpF6qkuKmBbDftlx2eOMcn48I1Xar1+zZd7jpRZkDEIvwiOF8qPMhlxb
4w6f/SRsYtbbjF2Wnd8tKnmIfuew1ekVrcXo5ZpqLbZo8ZbV7dkY2CXlQxHJjBa+
UFcgiEJFIA9hlMowiK0W52HFaxWDt6WHtpIzCv8jUm/BMlhTZNIhXLm2AhZtQ+U0
H7Y=
-----END CERTIFICATE-----
Generated at Sat May 3 17:43:34 2025 by rpki-client