Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HNdwPqbCoV-YFgGGogQEAc_C8c8.roa
File: HNdwPqbCoV-YFgGGogQEAc_C8c8.roa (raw, json)
Hash identifier: JT9D3+VDv1MjLyJJQFfAaxLdul2qVqiAbn5AOTSbJHo=
Subject key identifier: 1C:D7:70:3E:A6:C2:A1:5F:98:16:01:86:A2:04:04:01:CF:C2:F1:CF
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A42AF61953D4E85AB973D75293C8CA86B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HNdwPqbCoV-YFgGGogQEAc_C8c8.roa
Signing time: Tue 29 Aug 2023 19:05:04 +0000
ROA not before: Tue 29 Aug 2023 19:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:42ae:b0ba/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:42:af:61:95:3d:4e:85:ab:97:3d:75:29:3c:8c:a8:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 29 19:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1cd7703ea6c2a15f98160186a2040401cfc2f1cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:4c:d8:30:4d:94:5d:fd:37:0d:cc:a3:01:3e:
4b:90:43:4f:53:15:3b:36:e0:5d:4e:15:ea:2f:8b:
a3:21:d0:3c:a3:d0:4d:cb:37:1f:bf:64:2f:25:11:
bc:f2:a4:35:13:c1:67:b6:7d:4a:17:4c:9c:ef:8b:
6b:d1:b1:22:dc:a2:04:76:97:81:36:1f:76:f6:68:
06:ac:45:e9:ea:b7:4d:1f:4a:32:7f:91:2f:fb:85:
aa:f5:f0:f7:76:43:29:7c:37:19:fe:45:99:c0:92:
2f:fc:f7:3d:19:9d:d9:4e:53:4f:f8:19:2b:c2:53:
a9:13:c4:ed:bf:a2:da:da:c7:31:77:34:ab:30:6d:
e1:fb:4e:f4:ce:48:cb:7b:45:8a:82:7c:b7:45:1c:
d9:f3:32:e4:87:69:21:f4:98:0b:32:64:e4:1b:2c:
72:d2:14:a8:7d:12:04:83:1f:19:2f:a1:df:9f:58:
4a:bc:c9:b9:fd:1e:fc:5d:4d:d6:93:66:a0:33:3c:
e7:05:b7:93:e8:54:c7:9b:e8:39:c1:fc:2a:48:ac:
fa:71:ea:1e:9e:d3:44:cb:11:be:3d:87:71:ff:e6:
3e:ef:45:43:8f:4d:48:af:17:3a:fd:cb:4f:7a:72:
e2:9e:b5:2c:39:a4:4d:9d:11:9e:50:72:e4:f8:9f:
c1:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:D7:70:3E:A6:C2:A1:5F:98:16:01:86:A2:04:04:01:CF:C2:F1:CF
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HNdwPqbCoV-YFgGGogQEAc_C8c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
84:ba:34:56:ff:95:9f:c0:95:a5:aa:30:5c:52:ad:7b:a2:5e:
91:f4:7f:be:32:36:9e:41:ea:95:20:36:8c:9a:a7:48:cb:52:
2a:00:64:f7:98:61:69:86:8d:3e:c5:e6:2b:0b:bc:82:e2:02:
59:66:9b:52:d0:dd:a3:e3:4b:ff:41:73:f1:82:ac:63:23:11:
d1:3b:ba:94:5a:db:80:fe:e5:f8:ae:1e:31:68:37:d9:c9:bc:
19:35:f3:92:fc:21:54:1f:a4:0e:23:4a:f6:5c:44:ee:a6:35:
87:30:08:e3:7d:57:80:6f:59:ab:53:41:e3:77:9d:06:e0:df:
5f:a6:0f:77:e2:95:dd:c9:ac:08:af:4e:63:5f:c3:f9:0c:5d:
c0:36:42:50:2b:ec:ba:a5:14:9f:27:15:d0:89:27:15:8a:f8:
b0:64:1a:81:5e:78:69:e2:df:88:46:2c:a5:56:bb:f7:91:51:
d3:6d:31:b7:2a:eb:ff:3e:31:0d:7f:01:b4:07:10:70:61:e1:
79:5f:1c:39:e4:1b:fa:10:21:ee:cb:46:de:37:ef:33:16:11:
cc:f2:0f:44:dd:83:ea:a0:57:e6:36:6f:21:c7:a2:36:7d:20:
87:fe:0b:e8:59:70:a3:a9:f9:4d:c3:d7:f5:ad:f8:41:23:b7:
5a:5b:66:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpCr2GVPU6Fq5c9dSk8jKhrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI5MTkwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2Q3NzAzZWE2YzJhMTVmOTgxNjAxODZhMjA0MDQwMWNmYzJmMWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEzYME2UXf03DcyjAT5LkENPUxU7
NuBdThXqL4ujIdA8o9BNyzcfv2QvJRG88qQ1E8Fntn1KF0yc74tr0bEi3KIEdpeB
Nh929mgGrEXp6rdNH0oyf5Ev+4Wq9fD3dkMpfDcZ/kWZwJIv/Pc9GZ3ZTlNP+Bkr
wlOpE8Ttv6La2scxdzSrMG3h+070zkjLe0WKgny3RRzZ8zLkh2kh9JgLMmTkGyxy
0hSofRIEgx8ZL6Hfn1hKvMm5/R78XU3Wk2agMzznBbeT6FTHm+g5wfwqSKz6ceoe
ntNEyxG+PYdx/+Y+70VDj01Irxc6/ctPenLinrUsOaRNnRGeUHLk+J/B+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBzXcD6mwqFfmBYBhqIEBAHPwvHPMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSE5kd1BxYkNvVi1ZRmdHR29nUUVBY19DOGM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIS6NFb/lZ/AlaWqMFxS
rXuiXpH0f74yNp5B6pUgNoyap0jLUioAZPeYYWmGjT7F5isLvILiAllmm1LQ3aPj
S/9Bc/GCrGMjEdE7upRa24D+5fiuHjFoN9nJvBk185L8IVQfpA4jSvZcRO6mNYcw
CON9V4BvWatTQeN3nQbg31+mD3fild3JrAivTmNfw/kMXcA2QlAr7LqlFJ8nFdCJ
JxWK+LBkGoFeeGni34hGLKVWu/eRUdNtMbcq6/8+MQ1/AbQHEHBh4XlfHDnkG/oQ
Ie7LRt437zMWEczyD0Tdg+qgV+Y2byHHojZ9IIf+C+hZcKOp+U3D1/Wt+EEjt1pb
ZpQ=
-----END CERTIFICATE-----
Generated at Thu May 1 22:26:21 2025 by rpki-client