Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HK2JLw7Vj6sv6kMlH5scKt7bbsI.roa
File: HK2JLw7Vj6sv6kMlH5scKt7bbsI.roa (raw, json)
Hash identifier: /VacdhBQHib9MUwJwZ33I/63lK5U2suVPBwB7hqj78U=
Subject key identifier: 1C:AD:89:2F:0E:D5:8F:AB:2F:EA:43:25:1F:9B:1C:2A:DE:DB:6E:C2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189C9E903A4EE4AE14AE9094DE88C31D09A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HK2JLw7Vj6sv6kMlH5scKt7bbsI.roa
Signing time: Sun 06 Aug 2023 08:13:58 +0000
ROA not before: Sun 06 Aug 2023 08:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c9:e9:03:a4:ee:4a:e1:4a:e9:09:4d:e8:8c:31:d0:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 6 08:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1cad892f0ed58fab2fea43251f9b1c2adedb6ec2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:da:e5:06:ed:d8:7a:2c:9f:26:85:61:0c:5c:
a1:e5:1e:da:a3:61:bf:43:8e:97:36:92:17:11:66:
d6:20:41:1d:ea:3e:f1:6f:1c:e1:bd:14:2c:cb:3c:
fe:71:ea:ae:48:78:b8:ee:f3:2a:cc:ed:f8:e2:6f:
1a:04:5b:81:ed:a7:5e:49:aa:ae:d1:ac:f1:e0:a8:
67:b8:06:7f:dd:ed:a4:e6:1a:1c:bf:26:ce:ef:3c:
99:fa:00:07:bd:54:55:73:91:14:8d:2e:07:30:9b:
f9:08:6b:6f:3f:b0:fc:9a:68:9b:d1:87:36:a2:af:
45:c8:3e:ad:d1:3c:54:86:94:e8:bd:83:cb:cc:b2:
c5:d0:de:51:b6:9c:fb:3d:16:68:18:d4:99:50:b4:
b0:b5:97:15:5d:dc:3f:dc:98:3e:f4:f2:2c:a2:65:
b4:2d:7b:da:8e:9c:a9:a8:75:ea:bb:7c:ef:40:89:
ed:86:e8:5e:5d:b2:69:ff:f7:2d:7f:0e:02:b3:f5:
34:7a:11:3c:89:ac:94:b7:77:71:70:b9:8b:7f:e3:
56:d7:11:21:09:d9:3c:7c:42:b8:6e:dc:09:ae:ff:
3f:53:2a:2d:cb:9b:1a:ed:17:35:d1:46:23:b0:66:
e7:1f:e6:a5:ab:39:27:a6:0e:f8:42:b9:0c:39:48:
30:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:AD:89:2F:0E:D5:8F:AB:2F:EA:43:25:1F:9B:1C:2A:DE:DB:6E:C2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HK2JLw7Vj6sv6kMlH5scKt7bbsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b0:d1:1f:21:84:35:74:49:ff:98:06:07:56:d1:75:e2:3e:f1:
22:93:4d:ca:39:13:93:19:49:b6:76:2d:b8:b4:f9:67:e5:b9:
86:f4:34:a8:61:82:c5:f2:a4:0c:61:6a:12:bc:a7:03:10:c4:
35:15:8f:8e:8f:60:c0:2c:f6:67:91:8e:c0:9e:cb:e6:e2:12:
f5:8a:19:53:cd:ab:53:14:31:1a:90:f2:d2:f2:ae:a8:24:35:
03:1f:f6:97:96:6a:51:85:1b:28:ac:b4:3e:05:6f:27:49:24:
41:ca:b9:f8:6b:ba:7a:2c:97:3d:df:13:78:ea:14:f4:f0:6f:
26:08:f8:73:b4:f8:eb:b0:8e:62:26:1b:c4:34:bb:b6:aa:59:
ca:1f:8d:05:8b:89:05:e2:ff:33:59:70:67:08:26:ff:bd:02:
a9:2c:f4:92:0d:6d:00:f3:40:79:fd:07:28:82:ff:b2:d3:f1:
7f:d0:d6:58:1c:60:21:77:71:1f:54:bf:53:df:30:40:35:c1:
1f:5d:ed:89:e2:93:3e:85:e0:e3:5e:1b:33:cc:53:1f:08:84:
85:59:09:9b:ba:ba:d2:13:ad:1a:fa:b4:3d:4d:19:b2:ba:de:
bc:35:42:21:8d:d7:30:09:4a:16:78:87:8e:0e:0c:83:3d:9a:
14:88:40:06
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnJ6QOk7krhSukJTeiMMdCaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA2MDgxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2FkODkyZjBlZDU4ZmFiMmZlYTQzMjUxZjliMWMyYWRlZGI2ZWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNrlBu3YeiyfJoVhDFyh5R7ao2G/
Q46XNpIXEWbWIEEd6j7xbxzhvRQsyzz+cequSHi47vMqzO344m8aBFuB7adeSaqu
0azx4KhnuAZ/3e2k5hocvybO7zyZ+gAHvVRVc5EUjS4HMJv5CGtvP7D8mmib0Yc2
oq9FyD6t0TxUhpTovYPLzLLF0N5Rtpz7PRZoGNSZULSwtZcVXdw/3Jg+9PIsomW0
LXvajpypqHXqu3zvQInthuheXbJp//ctfw4Cs/U0ehE8iayUt3dxcLmLf+NW1xEh
Cdk8fEK4btwJrv8/Uyoty5sa7Rc10UYjsGbnH+alqzknpg74QrkMOUgwAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBytiS8O1Y+rL+pDJR+bHCre227CMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSEsySkx3N1ZqNnN2NmtNbEg1c2NLdDdiYnNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALDRHyGENXRJ/5gGB1bR
deI+8SKTTco5E5MZSbZ2Lbi0+WfluYb0NKhhgsXypAxhahK8pwMQxDUVj46PYMAs
9meRjsCey+biEvWKGVPNq1MUMRqQ8tLyrqgkNQMf9peWalGFGyistD4FbydJJEHK
ufhrunoslz3fE3jqFPTwbyYI+HO0+OuwjmImG8Q0u7aqWcofjQWLiQXi/zNZcGcI
Jv+9Aqks9JINbQDzQHn9ByiC/7LT8X/Q1lgcYCF3cR9Uv1PfMEA1wR9d7Ynikz6F
4ONeGzPMUx8IhIVZCZu6utITrRr6tD1NGbK63rw1QiGN1zAJShZ4h44ODIM9mhSI
QAY=
-----END CERTIFICATE-----
Generated at Sun May 4 15:50:33 2025 by rpki-client