Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HKfdi4i011M-tmAV2nhW5B056VI.roa
File: HKfdi4i011M-tmAV2nhW5B056VI.roa (raw, json)
Hash identifier: jf1QR8kVa4OcCSHj4kZ1AkO+udYWdVyGr2aQs2dmxvA=
Subject key identifier: 1C:A7:DD:8B:88:B4:D7:53:3E:B6:60:15:DA:78:56:E4:1D:39:E9:52
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 9001E51C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HKfdi4i011M-tmAV2nhW5B056VI.roa
Signing time: Sun 26 Jun 2022 13:23:11 +0000
ROA not before: Sun 26 Jun 2022 13:23:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2416043292 (0x9001e51c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 26 13:23:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ca7dd8b88b4d7533eb66015da7856e41d39e952
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:90:ee:3e:49:1c:44:57:f0:fd:74:94:5b:cf:
17:30:92:43:a2:3b:db:c6:c7:5f:b5:13:a9:24:74:
ba:75:4a:38:66:0f:ac:ce:b1:da:20:b8:51:29:d3:
91:a1:46:fa:03:5d:26:59:14:7f:56:5c:ff:ae:2e:
8c:cb:cb:2d:da:4a:bc:c2:5c:fb:19:89:29:93:08:
66:d6:fd:ce:ff:dc:43:0f:7c:36:c7:08:09:48:98:
a1:db:ef:c5:21:d7:dd:98:db:3b:c9:91:aa:22:bf:
31:eb:cd:d5:33:00:3c:e3:03:77:10:35:44:fb:65:
67:89:43:39:f1:ee:34:07:ff:18:1b:67:36:8a:f3:
5e:fc:c3:04:65:5b:d0:84:53:18:91:0b:2a:50:f2:
9b:32:70:cc:dd:ef:bc:8b:74:9c:97:7e:e6:6b:1d:
93:21:41:b0:2f:b0:06:81:8c:7a:2b:2a:44:07:52:
be:f5:69:68:84:33:71:87:48:f8:09:ef:99:75:a5:
f4:db:f6:27:3b:66:24:f9:d7:af:be:4e:fe:15:f9:
ae:34:31:d5:b0:33:bc:61:22:64:72:01:07:d6:f8:
a2:7c:10:3d:00:6f:72:ec:83:92:cc:46:fc:00:67:
b0:e9:30:11:5c:05:a8:be:5b:47:76:a3:85:12:4c:
5d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:A7:DD:8B:88:B4:D7:53:3E:B6:60:15:DA:78:56:E4:1D:39:E9:52
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HKfdi4i011M-tmAV2nhW5B056VI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:42:fe:4b:d8:38:12:80:31:c6:a5:ba:e3:89:ee:6b:6c:38:
5f:99:22:cb:7a:dd:ff:f7:82:70:72:fa:24:42:ce:f9:32:a5:
e7:30:16:78:39:92:0b:7b:10:74:f9:01:60:05:0f:b1:4d:5d:
61:69:e1:06:02:5f:dd:b7:9c:03:db:43:a6:f7:7e:13:b5:44:
57:31:01:75:28:b6:c6:17:15:2a:80:4c:ab:29:d5:8e:49:ca:
e3:70:c6:96:40:d6:10:67:0d:0d:eb:19:37:57:09:6f:3e:75:
e6:47:f0:a2:46:f8:b1:cf:2a:09:e2:3e:59:60:c0:fd:25:46:
1a:ad:9b:bd:85:34:aa:8b:41:16:de:f1:0e:ab:b5:47:b5:4b:
7c:7b:26:ef:70:d3:eb:07:62:f5:ba:23:f7:f5:9d:49:ba:ea:
35:2b:32:83:e9:5a:b8:9a:f8:c4:d6:c7:ea:ae:07:fd:f2:7c:
e6:2d:2a:fa:bd:17:28:a0:69:e1:a9:ec:70:f5:7a:cf:55:60:
54:4f:a4:19:59:6b:f4:f1:48:76:5e:c1:0b:6e:4b:8f:1f:71:
98:5e:f0:b9:a7:79:ac:7c:a7:71:42:d6:e9:bf:78:e8:37:c5:
24:38:1b:88:84:42:24:e9:42:99:ef:f8:bd:1c:1d:2e:e8:51:
dc:57:27:ae
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAJAB5RwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA2
MjYxMzIzMTFaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDFjYTdkZDhiODhi
NGQ3NTMzZWI2NjAxNWRhNzg1NmU0MWQzOWU5NTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCukO4+SRxEV/D9dJRbzxcwkkOiO9vGx1+1E6kkdLp1Sjhm
D6zOsdoguFEp05GhRvoDXSZZFH9WXP+uLozLyy3aSrzCXPsZiSmTCGbW/c7/3EMP
fDbHCAlImKHb78Uh192Y2zvJkaoivzHrzdUzADzjA3cQNUT7ZWeJQznx7jQH/xgb
ZzaK8178wwRlW9CEUxiRCypQ8psycMzd77yLdJyXfuZrHZMhQbAvsAaBjHorKkQH
Ur71aWiEM3GHSPgJ75l1pfTb9ic7ZiT516++Tv4V+a40MdWwM7xhImRyAQfW+KJ8
ED0Ab3Lsg5LMRvwAZ7DpMBFcBai+W0d2o4USTF3JAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUHKfdi4i011M+tmAV2nhW5B056VIwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9IS2ZkaTRpMDExTS10bUFWMm5oVzVCMDU2Vkkucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAWEL+S9g4EoAxxqW644nua2w4X5kiy3rd//eC
cHL6JELO+TKl5zAWeDmSC3sQdPkBYAUPsU1dYWnhBgJf3becA9tDpvd+E7VEVzEB
dSi2xhcVKoBMqynVjknK43DGlkDWEGcNDesZN1cJbz515kfwokb4sc8qCeI+WWDA
/SVGGq2bvYU0qotBFt7xDqu1R7VLfHsm73DT6wdi9boj9/WdSbrqNSsyg+lauJr4
xNbH6q4H/fJ85i0q+r0XKKBp4anscPV6z1VgVE+kGVlr9PFIdl7BC25Ljx9xmF7w
uad5rHyncULW6b946DfFJDgbiIRCJOlCme/4vRwdLuhR3Fcnrg==
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:35:01 2025 by rpki-client