Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/H7CmXlQBBBTOtsExhHHyq66Fsys.roa
File: H7CmXlQBBBTOtsExhHHyq66Fsys.roa (raw, json)
Hash identifier: AUkMpp11DSQMLOCbn9bfGCNmo8HUrEZVQpK/kpWEKMg=
Subject key identifier: 1F:B0:A6:5E:54:01:04:14:CE:B6:C1:31:84:71:F2:AB:AE:85:B3:2B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018209FD86177FB1125884F6BDE97EBA079D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/H7CmXlQBBBTOtsExhHHyq66Fsys.roa
Signing time: Sun 17 Jul 2022 02:29:45 +0000
ROA not before: Sun 17 Jul 2022 02:29:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:09:fd:86:17:7f:b1:12:58:84:f6:bd:e9:7e:ba:07:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 17 02:29:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1fb0a65e54010414ceb6c1318471f2abae85b32b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:06:3f:9d:b3:69:81:01:fc:b0:51:4f:c3:7e:
5f:d9:5e:01:4a:e7:7a:11:f5:6e:cd:cb:f2:21:d0:
d8:03:79:9f:89:98:db:75:eb:51:bd:bd:fd:f1:3e:
95:74:3c:5e:cc:3b:6e:d8:5e:d4:2a:46:c0:ea:8c:
6a:c9:f7:e3:6f:37:af:4b:0a:ca:5e:d4:a4:0f:02:
ee:1e:b6:0e:b3:0b:43:68:27:3f:68:5c:48:92:d3:
bd:bb:38:13:88:e7:61:68:5b:66:ad:ab:00:a7:de:
7c:74:6b:cf:b7:71:c1:f9:9c:2f:9a:64:5f:9f:a0:
fb:2f:88:f6:91:7e:ab:68:56:96:a8:ed:49:f7:6e:
ae:f6:dc:ba:02:6e:70:1b:4f:d5:a0:61:78:be:fb:
a2:67:6f:ac:8f:20:44:3e:d3:c3:2b:dd:b5:49:14:
71:59:33:42:08:5d:09:87:14:bb:89:cd:13:8c:13:
5a:e1:1d:de:a5:11:9c:22:ce:56:8a:70:80:49:48:
f2:53:ed:24:9e:7d:5f:ca:f3:d6:74:37:3c:f5:e7:
34:be:89:dc:79:31:ee:28:25:13:ec:04:49:ca:ad:
ad:80:3d:68:dd:d2:8e:8c:94:bb:08:8d:8f:c4:38:
8b:7b:08:97:94:52:a1:de:ae:8a:cf:5f:44:3a:e7:
cf:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:B0:A6:5E:54:01:04:14:CE:B6:C1:31:84:71:F2:AB:AE:85:B3:2B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/H7CmXlQBBBTOtsExhHHyq66Fsys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3d:4a:cc:8a:f3:fa:0c:14:cc:8f:c0:7e:f5:38:6b:81:f0:87:
d1:10:36:db:06:3e:95:3b:a4:1d:7d:b5:e7:c4:1b:3c:90:07:
34:ce:b7:17:37:ec:2d:90:e0:b5:01:8f:5b:6d:3a:93:01:58:
91:8e:5b:c4:38:e4:c2:96:67:b5:a6:e5:62:e0:47:1a:de:2e:
62:19:54:4d:24:9e:36:df:fe:2c:ea:d2:8f:ce:c7:cb:7f:36:
b0:41:48:df:0e:ac:83:a2:7b:65:32:27:91:51:88:22:85:45:
2d:cc:14:36:73:77:c7:99:d4:47:7d:e3:81:09:0f:f9:5b:f5:
57:82:30:fe:4e:85:ca:c6:bc:3b:5a:c7:e1:71:00:71:e2:96:
58:cc:61:e0:c4:03:6f:e2:9c:b0:75:d2:0c:27:ed:69:78:6f:
bb:ad:0b:1d:37:2d:ac:b3:7f:36:ea:c0:77:44:f3:2c:d6:75:
67:95:66:67:11:f5:67:e1:b7:86:f0:6e:17:ea:91:91:81:fd:
c1:a5:45:6e:6a:b7:b2:6f:02:92:de:29:c8:17:49:4e:c1:14:
1b:20:2a:01:80:44:3d:e2:ab:ab:b1:e1:1b:0b:24:2c:b0:0b:
fd:86:86:a3:59:e2:ad:93:e0:73:83:78:58:ce:68:5a:d6:cf:
41:9e:56:04
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYIJ/YYXf7ESWIT2vel+ugedMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwNzE3MDIyOTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmIwYTY1ZTU0MDEwNDE0Y2ViNmMxMzE4NDcxZjJhYmFlODViMzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgY/nbNpgQH8sFFPw35f2V4BSud6
EfVuzcvyIdDYA3mfiZjbdetRvb398T6VdDxezDtu2F7UKkbA6oxqyffjbzevSwrK
XtSkDwLuHrYOswtDaCc/aFxIktO9uzgTiOdhaFtmrasAp958dGvPt3HB+ZwvmmRf
n6D7L4j2kX6raFaWqO1J926u9ty6Am5wG0/VoGF4vvuiZ2+sjyBEPtPDK921SRRx
WTNCCF0JhxS7ic0TjBNa4R3epRGcIs5WinCASUjyU+0knn1fyvPWdDc89ec0vonc
eTHuKCUT7ARJyq2tgD1o3dKOjJS7CI2PxDiLewiXlFKh3q6Kz19EOufPAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB+wpl5UAQQUzrbBMYRx8quuhbMrMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSDdDbVhsUUJCQlRPdHNFeGhISHlxNjZGc3lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD1KzIrz+gwUzI/AfvU4
a4Hwh9EQNtsGPpU7pB19tefEGzyQBzTOtxc37C2Q4LUBj1ttOpMBWJGOW8Q45MKW
Z7Wm5WLgRxreLmIZVE0knjbf/izq0o/Ox8t/NrBBSN8OrIOie2UyJ5FRiCKFRS3M
FDZzd8eZ1Ed944EJD/lb9VeCMP5OhcrGvDtax+FxAHHilljMYeDEA2/inLB10gwn
7Wl4b7utCx03LayzfzbqwHdE8yzWdWeVZmcR9Wfht4bwbhfqkZGB/cGlRW5qt7Jv
ApLeKcgXSU7BFBsgKgGARD3iq6ux4RsLJCywC/2GhqNZ4q2T4HODeFjOaFrWz0Ge
VgQ=
-----END CERTIFICATE-----
Generated at Thu May 1 16:05:34 2025 by rpki-client