Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HGgHFBG9BdYJKpTRYVJzl3R0MIU.roa
File: HGgHFBG9BdYJKpTRYVJzl3R0MIU.roa (raw, json)
Hash identifier: PjNZnTTRy8XipVC0kkDTEuzTG6b0jWKg4H+r953DCSA=
Subject key identifier: 1C:68:07:14:11:BD:05:D6:09:2A:94:D1:61:52:73:97:74:74:30:85
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A05C66CFF6FF022D835A0CB9151042BF8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HGgHFBG9BdYJKpTRYVJzl3R0MIU.roa
Signing time: Thu 17 Aug 2023 23:13:24 +0000
ROA not before: Thu 17 Aug 2023 23:13:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:05:c6:6c:ff:6f:f0:22:d8:35:a0:cb:91:51:04:2b:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 17 23:13:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1c68071411bd05d6092a94d16152739774743085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:94:64:0c:60:6f:5c:80:93:f9:5e:d2:30:39:
24:cf:cd:3d:84:46:33:18:ce:ce:1a:c9:7f:0c:ec:
8a:81:46:5b:ef:45:fc:e3:8c:34:1d:19:e3:b3:ee:
d3:24:f0:75:51:9b:fb:f1:4a:90:8f:dc:41:88:b3:
4c:a5:d6:c9:7c:04:88:d9:6e:ab:1e:c1:e5:da:f4:
af:02:27:ff:a9:b3:b7:45:25:70:ce:72:7d:e9:b2:
ca:92:a6:0c:f0:f6:8d:aa:ed:7d:c4:67:15:f1:0d:
c0:8e:89:f7:b9:92:c8:cb:35:24:2b:44:0c:9d:a8:
0d:2a:ac:52:cb:14:04:bc:28:86:ac:92:53:31:a8:
5b:c1:df:a6:ce:bc:cb:54:0a:ae:0d:67:9c:11:a8:
11:a6:1b:d9:fc:7c:60:5c:df:bc:c8:e0:09:a7:87:
26:b3:ad:fd:dd:9c:40:56:e7:45:fd:c1:21:3f:94:
c7:58:c3:f9:2b:c7:7a:f4:82:18:37:36:2a:ed:c1:
be:d0:f9:d8:f3:6f:ac:79:9f:af:ef:a5:86:39:24:
8a:87:53:25:ec:f9:20:8e:18:ac:b7:19:15:a1:8d:
38:b7:a2:05:f5:11:fa:24:9a:1c:3e:f2:c4:e8:0f:
8a:cb:84:e1:a2:90:05:ad:00:bb:5b:d8:27:4b:9b:
f8:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:68:07:14:11:BD:05:D6:09:2A:94:D1:61:52:73:97:74:74:30:85
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HGgHFBG9BdYJKpTRYVJzl3R0MIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
83:7f:bb:64:da:6f:51:5e:9d:89:ea:46:37:36:e3:27:d8:6f:
3e:86:8a:00:da:d9:81:5c:c6:5d:2f:58:ab:12:2e:d9:fa:1f:
1b:2b:b4:51:b0:a5:5d:b6:a2:3b:3f:19:a2:43:8e:60:20:55:
09:05:18:e8:56:4a:be:f1:ca:5e:cc:78:48:b1:4c:19:47:2f:
06:3c:75:21:72:03:40:49:55:ee:2b:83:bb:b8:af:42:b0:ef:
55:9b:df:d8:6b:13:89:e8:11:b0:cd:2c:48:bd:b6:24:90:af:
80:2f:6f:bc:ab:e9:f9:13:7d:40:14:d4:0b:d7:24:48:89:39:
3a:4d:64:d8:11:da:9c:fd:36:1d:cd:96:1b:65:0f:26:99:06:
c9:1c:64:a9:a6:f8:08:7b:33:ce:56:86:4d:94:42:f4:a0:56:
75:36:47:ce:b2:46:01:c7:49:63:3d:dd:a8:b0:5b:87:8e:ce:
08:d3:a6:05:da:0c:c0:61:7e:d5:53:1e:fe:9d:d9:6b:d2:67:
70:94:09:ba:34:6b:8e:03:17:7f:cf:38:1c:78:f8:7b:40:a3:
66:29:27:5d:41:bd:46:49:77:2e:ec:11:d9:37:a8:20:37:44:
04:93:7f:f0:07:0e:d0:fa:91:6c:8f:fe:48:54:ef:40:3a:99:
bc:90:58:c7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoFxmz/b/Ai2DWgy5FRBCv4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE3MjMxMzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzY4MDcxNDExYmQwNWQ2MDkyYTk0ZDE2MTUyNzM5Nzc0NzQzMDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ZRkDGBvXICT+V7SMDkkz809hEYz
GM7OGsl/DOyKgUZb70X844w0HRnjs+7TJPB1UZv78UqQj9xBiLNMpdbJfASI2W6r
HsHl2vSvAif/qbO3RSVwznJ96bLKkqYM8PaNqu19xGcV8Q3Ajon3uZLIyzUkK0QM
nagNKqxSyxQEvCiGrJJTMahbwd+mzrzLVAquDWecEagRphvZ/HxgXN+8yOAJp4cm
s6393ZxAVudF/cEhP5THWMP5K8d69IIYNzYq7cG+0PnY82+seZ+v76WGOSSKh1Ml
7PkgjhistxkVoY04t6IF9RH6JJocPvLE6A+Ky4ThopAFrQC7W9gnS5v4WQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBxoBxQRvQXWCSqU0WFSc5d0dDCFMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSEdnSEZCRzlCZFlKS3BUUllWSnpsM1IwTUlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIN/u2Tab1FenYnqRjc2
4yfYbz6GigDa2YFcxl0vWKsSLtn6HxsrtFGwpV22ojs/GaJDjmAgVQkFGOhWSr7x
yl7MeEixTBlHLwY8dSFyA0BJVe4rg7u4r0Kw71Wb39hrE4noEbDNLEi9tiSQr4Av
b7yr6fkTfUAU1AvXJEiJOTpNZNgR2pz9Nh3NlhtlDyaZBskcZKmm+Ah7M85Whk2U
QvSgVnU2R86yRgHHSWM93aiwW4eOzgjTpgXaDMBhftVTHv6d2WvSZ3CUCbo0a44D
F3/POBx4+HtAo2YpJ11BvUZJdy7sEdk3qCA3RASTf/AHDtD6kWyP/khU70A6mbyQ
WMc=
-----END CERTIFICATE-----
Generated at Sat May 3 16:54:41 2025 by rpki-client