Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/H0yumEBa78U9dwF_D3wp_57LMFQ.roa
File: H0yumEBa78U9dwF_D3wp_57LMFQ.roa (raw, json)
Hash identifier: qjptImK5Zv3SvfeNvIrTo095pdML04ZbbjaQfUt2Gpo=
Subject key identifier: 1F:4C:AE:98:40:5A:EF:C5:3D:77:01:7F:0F:7C:29:FF:9E:CB:30:54
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189CE994432B697561E3DDF75AB2EBC59EC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/H0yumEBa78U9dwF_D3wp_57LMFQ.roa
Signing time: Mon 07 Aug 2023 06:04:58 +0000
ROA not before: Mon 07 Aug 2023 06:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:189:ce98:eb40/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ce:99:44:32:b6:97:56:1e:3d:df:75:ab:2e:bc:59:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 7 06:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f4cae98405aefc53d77017f0f7c29ff9ecb3054
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:26:2e:40:86:00:e2:35:b0:9a:92:45:0f:0b:
b9:86:1f:1d:ec:0c:0b:21:93:da:e1:eb:12:7d:11:
22:ea:50:b5:5f:48:63:9f:1b:01:90:b7:35:d5:c7:
19:f0:7c:59:29:25:3f:02:d7:ae:ed:af:20:17:1c:
08:ec:de:07:cb:8a:6b:31:7e:d1:45:f1:7b:ab:9e:
3b:80:35:ff:3f:ed:02:ab:3b:d7:6c:a9:f0:04:fa:
b6:18:cb:3e:62:15:a6:bb:6b:ae:2a:5c:07:5b:c1:
a0:76:42:9f:a3:2a:5c:f7:5b:76:ef:bb:d5:01:1d:
73:b3:cc:4d:c1:c7:d2:be:b6:8c:75:8b:64:eb:2e:
94:cf:b4:25:81:b2:c5:65:8a:82:44:a5:bf:96:59:
de:67:22:27:07:01:2f:1f:0e:6a:11:da:ea:9b:1a:
4f:24:15:ae:68:11:9f:8e:61:e2:9c:80:a7:1a:b1:
9a:3f:45:09:ff:a5:46:26:00:e8:5c:e6:f6:54:e7:
ad:1d:19:4a:2c:8a:e0:1a:7e:6d:5a:c1:14:b1:1e:
f9:76:18:c5:38:08:e6:37:88:d9:28:0a:21:3e:cc:
61:9d:a6:d3:b0:5b:e5:dc:9f:ec:b9:52:91:d1:c4:
f7:d7:43:3e:8b:a9:15:4e:b5:b6:c2:80:b8:2a:ae:
ce:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:4C:AE:98:40:5A:EF:C5:3D:77:01:7F:0F:7C:29:FF:9E:CB:30:54
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/H0yumEBa78U9dwF_D3wp_57LMFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:94:54:d9:7a:b9:96:26:9a:30:9c:98:d2:94:1a:ea:c0:a3:
95:40:9c:e0:a3:06:30:50:af:22:90:90:c2:60:81:c6:01:ea:
9f:02:87:31:f3:1d:f6:31:12:84:59:19:29:c6:b0:95:23:38:
64:72:77:11:37:c9:fd:e1:c4:48:d6:ff:05:72:d8:29:94:48:
77:10:e5:51:58:8a:39:90:95:31:f4:e1:93:f5:ab:d0:2d:4a:
85:ef:e6:04:1c:54:b5:d7:cb:51:10:1c:8e:00:c0:42:6f:9a:
ff:e3:4d:0c:03:ec:49:b5:34:d0:d1:68:6f:c9:67:41:84:3e:
a2:c6:9b:e8:e1:0b:e7:09:88:a8:63:e4:43:0b:c0:f6:2a:cf:
dc:6c:a7:08:69:b3:a8:ba:79:65:ac:4a:88:74:de:68:cc:2c:
65:a2:2b:f9:76:50:27:d2:34:94:80:66:8a:9b:32:47:d4:eb:
fa:48:2f:4b:3f:1e:fe:7f:56:0f:7c:c3:a6:db:cd:b9:25:5a:
15:66:60:6b:9b:90:ec:52:13:86:8e:8d:3c:84:0d:22:0e:6c:
d5:a4:bf:9a:1a:3d:67:2e:74:8a:62:ab:53:8c:f1:6a:88:6f:
79:b8:3e:76:29:5d:43:30:44:73:45:72:4b:eb:9f:f9:15:bb:
4c:dd:50:9a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnOmUQytpdWHj3fdasuvFnsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA3MDYwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjRjYWU5ODQwNWFlZmM1M2Q3NzAxN2YwZjdjMjlmZjllY2IzMDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliYuQIYA4jWwmpJFDwu5hh8d7AwL
IZPa4esSfREi6lC1X0hjnxsBkLc11ccZ8HxZKSU/Ateu7a8gFxwI7N4Hy4prMX7R
RfF7q547gDX/P+0CqzvXbKnwBPq2GMs+YhWmu2uuKlwHW8GgdkKfoypc91t277vV
AR1zs8xNwcfSvraMdYtk6y6Uz7QlgbLFZYqCRKW/llneZyInBwEvHw5qEdrqmxpP
JBWuaBGfjmHinICnGrGaP0UJ/6VGJgDoXOb2VOetHRlKLIrgGn5tWsEUsR75dhjF
OAjmN4jZKAohPsxhnabTsFvl3J/suVKR0cT310M+i6kVTrW2woC4Kq7OJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB9MrphAWu/FPXcBfw98Kf+eyzBUMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSDB5dW1FQmE3OFU5ZHdGX0Qzd3BfNTdMTUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFiUVNl6uZYmmjCcmNKU
GurAo5VAnOCjBjBQryKQkMJggcYB6p8ChzHzHfYxEoRZGSnGsJUjOGRydxE3yf3h
xEjW/wVy2CmUSHcQ5VFYijmQlTH04ZP1q9AtSoXv5gQcVLXXy1EQHI4AwEJvmv/j
TQwD7Em1NNDRaG/JZ0GEPqLGm+jhC+cJiKhj5EMLwPYqz9xspwhps6i6eWWsSoh0
3mjMLGWiK/l2UCfSNJSAZoqbMkfU6/pIL0s/Hv5/Vg98w6bbzbklWhVmYGubkOxS
E4aOjTyEDSIObNWkv5oaPWcudIpiq1OM8WqIb3m4PnYpXUMwRHNFckvrn/kVu0zd
UJo=
-----END CERTIFICATE-----
Generated at Thu May 1 01:28:16 2025 by rpki-client