Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HKgGSVn5BiQdNYVSje52ptkhv2I.roa
File: HKgGSVn5BiQdNYVSje52ptkhv2I.roa (raw, json)
Hash identifier: R2gorv7FyKMuzIQpPYQh11CGUWCJyeIt2/i0PUAwGOo=
Subject key identifier: 1C:A8:06:49:59:F9:06:24:1D:35:85:52:8D:EE:76:A6:D9:21:BF:62
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01865564C606B3BBAB1A8EAE8135B36D614B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HKgGSVn5BiQdNYVSje52ptkhv2I.roa
Signing time: Wed 15 Feb 2023 14:05:12 +0000
ROA not before: Wed 15 Feb 2023 14:05:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:5564:164d/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:55:64:c6:06:b3:bb:ab:1a:8e:ae:81:35:b3:6d:61:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 15 14:05:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ca8064959f906241d3585528dee76a6d921bf62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d7:64:5a:00:07:aa:21:65:e1:77:e2:7e:a9:
52:fa:65:df:d4:a4:af:51:bb:16:d8:6a:71:ca:f3:
11:d2:8f:ff:b5:79:ac:da:88:cb:05:ba:f3:2f:37:
ac:02:3c:89:12:d5:3d:df:1f:36:1d:26:3f:fd:e2:
d8:5c:ba:3a:22:29:3f:28:ce:66:17:6f:4c:4c:c6:
0f:94:d2:d1:17:c6:ff:39:84:92:d4:7d:98:98:86:
83:14:bd:48:73:b9:eb:e2:dc:72:59:87:89:c8:f9:
70:57:ce:9b:20:a0:f0:8a:66:30:e2:15:18:13:7b:
6a:57:cb:40:6b:19:cb:f8:95:e6:e4:83:bc:48:44:
43:3a:a7:3b:a9:da:6e:fc:c9:96:fc:b0:8b:35:f8:
b5:4c:95:6b:0b:1b:f5:67:68:3b:db:19:1e:ab:ca:
6f:35:ef:cf:e4:49:bf:c7:9c:c1:f7:b9:fb:69:97:
d3:d0:3e:5d:b8:1f:7e:3f:40:31:91:c2:73:a4:8a:
95:64:3d:0a:3f:c6:d8:34:83:fd:8f:b0:01:94:3f:
09:df:27:cb:0b:64:85:f5:26:dc:42:93:70:cc:39:
4d:27:cd:39:d3:f2:f3:11:05:78:c7:e9:26:4e:96:
27:1a:12:aa:0b:f6:6c:de:3c:72:9f:d3:55:f4:5b:
5b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:A8:06:49:59:F9:06:24:1D:35:85:52:8D:EE:76:A6:D9:21:BF:62
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HKgGSVn5BiQdNYVSje52ptkhv2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
78:1d:fa:27:7a:24:f7:df:93:df:39:a2:f0:32:ca:ac:d8:c5:
83:52:03:fc:d4:34:b8:bc:56:68:67:e4:7f:8c:dc:1b:f5:00:
85:22:27:21:b9:77:72:b9:20:0c:ff:7c:cf:84:4f:64:15:d7:
47:4c:4b:6f:41:49:17:f3:08:6c:22:5f:8c:cd:5e:32:db:f2:
49:b8:1f:54:7b:81:3e:2f:f8:79:5d:37:b7:13:32:93:64:51:
59:60:b9:02:e9:2e:3a:49:53:ec:5a:14:d7:78:85:6e:9e:28:
1f:59:27:26:04:fa:4d:fb:16:52:91:ad:84:05:75:6b:1b:f4:
5f:0d:d1:bf:b4:16:af:fd:fc:ce:b2:23:b5:06:b0:fb:e6:fb:
6f:b6:95:eb:71:ba:4b:1f:9e:c7:2f:d5:8d:e8:67:b8:16:0e:
18:e1:be:97:74:8f:07:99:8f:af:90:a7:92:0e:14:80:6b:09:
67:c5:a4:4c:42:b4:7e:f5:15:0d:ca:f7:b3:d7:cc:77:da:a2:
ec:8c:d9:0d:d0:f7:d1:2a:c1:08:73:46:f0:08:50:7a:c5:af:
5c:4a:b0:c7:83:04:bb:23:dc:35:41:37:fe:f2:12:29:7b:db:
40:11:a8:5e:bf:b5:16:af:53:27:2e:af:ba:85:85:4c:92:0e:
63:fa:6a:13
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZVZMYGs7urGo6ugTWzbWFLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE1MTQwNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2E4MDY0OTU5ZjkwNjI0MWQzNTg1NTI4ZGVlNzZhNmQ5MjFiZjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArddkWgAHqiFl4XfifqlS+mXf1KSv
UbsW2GpxyvMR0o//tXms2ojLBbrzLzesAjyJEtU93x82HSY//eLYXLo6Iik/KM5m
F29MTMYPlNLRF8b/OYSS1H2YmIaDFL1Ic7nr4txyWYeJyPlwV86bIKDwimYw4hUY
E3tqV8tAaxnL+JXm5IO8SERDOqc7qdpu/MmW/LCLNfi1TJVrCxv1Z2g72xkeq8pv
Ne/P5Em/x5zB97n7aZfT0D5duB9+P0AxkcJzpIqVZD0KP8bYNIP9j7ABlD8J3yfL
C2SF9SbcQpNwzDlNJ8050/LzEQV4x+kmTpYnGhKqC/Zs3jxyn9NV9Ftb4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFByoBklZ+QYkHTWFUo3udqbZIb9iMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSEtnR1NWbjVCaVFkTllWU2plNTJwdGtodjJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHgd+id6JPffk985ovAy
yqzYxYNSA/zUNLi8Vmhn5H+M3Bv1AIUiJyG5d3K5IAz/fM+ET2QV10dMS29BSRfz
CGwiX4zNXjLb8km4H1R7gT4v+HldN7cTMpNkUVlguQLpLjpJU+xaFNd4hW6eKB9Z
JyYE+k37FlKRrYQFdWsb9F8N0b+0Fq/9/M6yI7UGsPvm+2+2letxuksfnscv1Y3o
Z7gWDhjhvpd0jweZj6+Qp5IOFIBrCWfFpExCtH71FQ3K97PXzHfaouyM2Q3Q99Eq
wQhzRvAIUHrFr1xKsMeDBLsj3DVBN/7yEil720ARqF6/tRavUycur7qFhUySDmP6
ahM=
-----END CERTIFICATE-----
Generated at Fri May 2 03:32:33 2025 by rpki-client