Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HQ5ReVkh7s6dGjRTnwfoBAnqhz0.roa
File: HQ5ReVkh7s6dGjRTnwfoBAnqhz0.roa (raw, json)
Hash identifier: jwhb1Uz5xHbtlaWyLRMW1EEJTVAfmsnrRWdWmud74co=
Subject key identifier: 1D:0E:51:79:59:21:EE:CE:9D:1A:34:53:9F:07:E8:04:09:EA:87:3D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 808CB962
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HQ5ReVkh7s6dGjRTnwfoBAnqhz0.roa
Signing time: Mon 02 May 2022 21:11:50 +0000
ROA not before: Mon 02 May 2022 21:11:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2156706146 (0x808cb962)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 2 21:11:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d0e51795921eece9d1a34539f07e80409ea873d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f2:14:cf:a1:f7:f7:29:05:2e:f9:b1:13:53:
86:35:ae:59:db:57:12:19:57:66:bd:0a:59:53:8e:
57:40:bb:c2:a0:9e:93:f2:6a:c2:7f:8d:2b:69:51:
26:73:2e:d6:4f:29:31:1c:e8:9e:15:5c:e7:fb:fc:
83:6c:b9:97:2c:70:f7:6d:81:ce:15:0c:e1:92:dd:
2d:e9:bb:07:3c:dc:ac:77:5e:e3:c8:ef:eb:0e:b3:
0b:40:4f:8b:31:3c:83:e2:c1:25:30:5c:41:d1:5b:
ca:f9:ac:ea:17:22:58:43:75:dc:5f:21:e5:b5:60:
48:6d:aa:93:0c:f2:61:f0:8e:4b:ff:82:67:4b:81:
da:ac:ad:02:9c:fa:84:15:83:7e:57:56:1b:d3:96:
68:a7:49:4f:09:b8:82:89:b4:76:39:c4:29:64:fd:
3b:a7:6d:7d:77:71:29:13:91:78:f2:a5:1d:38:a1:
9b:fa:3e:e6:6a:05:31:40:6f:5a:e6:95:9c:a9:1a:
7e:84:7b:5a:68:89:62:c3:66:21:b3:5e:4e:d1:bf:
62:ea:00:16:ed:30:26:4f:08:ec:81:b5:e0:55:d5:
42:5d:6d:1e:c5:f7:cb:1e:d6:5d:1e:ee:9a:d6:58:
a1:f8:84:88:4d:fd:55:5f:be:9f:ff:ac:53:69:bd:
36:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:0E:51:79:59:21:EE:CE:9D:1A:34:53:9F:07:E8:04:09:EA:87:3D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HQ5ReVkh7s6dGjRTnwfoBAnqhz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
90:81:19:cb:0a:b2:70:e3:55:23:a9:c9:fb:22:d2:ca:2c:d1:
36:e1:b1:91:b2:90:65:5a:1b:a3:7b:18:7b:96:60:64:ed:14:
d4:05:b4:81:c9:4d:2a:b0:aa:03:74:a9:dc:12:99:b8:88:e8:
5d:d3:8c:78:0f:ae:c7:f4:1b:7f:7b:42:7d:a5:38:14:66:55:
a1:e1:01:5c:a1:f8:c8:1c:ee:8b:58:9c:f0:d3:13:00:bb:80:
fa:52:70:d7:d8:c7:b9:21:e3:69:af:87:df:7f:d4:fc:de:64:
13:b8:41:44:fd:5f:7c:b8:e2:bd:0f:2e:c4:f7:b8:77:72:0d:
75:a7:4f:19:6b:5e:3a:9b:98:7b:22:0e:4d:24:98:8b:09:28:
e5:fd:61:50:3b:a8:86:e2:ca:c4:ef:9e:58:1a:c8:4e:c9:9d:
6b:b3:f0:ae:6b:a3:88:f9:fb:b4:17:18:43:3b:c2:94:2b:07:
1e:0a:40:55:86:cf:68:46:79:e5:09:21:72:f9:79:2c:c6:79:
ec:0b:c4:44:ac:94:a7:2e:f0:5f:c7:cc:a1:e2:11:0f:6f:fb:
b6:37:39:79:1e:ae:9e:ac:9e:21:91:70:94:b1:f1:7d:1f:8f:
3b:91:da:49:f3:b5:c5:1a:07:9b:70:f9:05:90:59:b4:92:14:
d3:24:23:ea
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAICMuWIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MDIyMTExNTBaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDFkMGU1MTc5NTky
MWVlY2U5ZDFhMzQ1MzlmMDdlODA0MDllYTg3M2QwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDO8hTPoff3KQUu+bETU4Y1rlnbVxIZV2a9CllTjldAu8Kg
npPyasJ/jStpUSZzLtZPKTEc6J4VXOf7/INsuZcscPdtgc4VDOGS3S3puwc83Kx3
XuPI7+sOswtAT4sxPIPiwSUwXEHRW8r5rOoXIlhDddxfIeW1YEhtqpMM8mHwjkv/
gmdLgdqsrQKc+oQVg35XVhvTlminSU8JuIKJtHY5xClk/TunbX13cSkTkXjypR04
oZv6PuZqBTFAb1rmlZypGn6Ee1poiWLDZiGzXk7Rv2LqABbtMCZPCOyBteBV1UJd
bR7F98se1l0e7prWWKH4hIhN/VVfvp//rFNpvTadAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUHQ5ReVkh7s6dGjRTnwfoBAnqhz0wHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9IUTVSZVZraDdzNmRHalJUbndmb0JBbnFoejAucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAkIEZywqycONVI6nJ+yLSyizRNuGxkbKQZVob
o3sYe5ZgZO0U1AW0gclNKrCqA3Sp3BKZuIjoXdOMeA+ux/Qbf3tCfaU4FGZVoeEB
XKH4yBzui1ic8NMTALuA+lJw19jHuSHjaa+H33/U/N5kE7hBRP1ffLjivQ8uxPe4
d3INdadPGWteOpuYeyIOTSSYiwko5f1hUDuohuLKxO+eWBrITsmda7PwrmujiPn7
tBcYQzvClCsHHgpAVYbPaEZ55Qkhcvl5LMZ57AvERKyUpy7wX8fMoeIRD2/7tjc5
eR6unqyeIZFwlLHxfR+PO5HaSfO1xRoHm3D5BZBZtJIU0yQj6g==
-----END CERTIFICATE-----
Generated at Thu May 1 01:02:02 2025 by rpki-client