Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HQyg2lUAJMVPpH9v-tfrvKdYX-c.roa
File: HQyg2lUAJMVPpH9v-tfrvKdYX-c.roa (raw, json)
Hash identifier: wWL8CAAzCRPgpGTAxel0I8zbi54DWJ5FqulTAnk5Rc0=
Subject key identifier: 1D:0C:A0:DA:55:00:24:C5:4F:A4:7F:6F:FA:D7:EB:BC:A7:58:5F:E7
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0188928CA9A784F880552B593937D3153CF2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HQyg2lUAJMVPpH9v-tfrvKdYX-c.roa
Signing time: Tue 06 Jun 2023 21:11:12 +0000
ROA not before: Tue 06 Jun 2023 21:11:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:92:8c:a9:a7:84:f8:80:55:2b:59:39:37:d3:15:3c:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 6 21:11:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d0ca0da550024c54fa47f6ffad7ebbca7585fe7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:76:d5:f1:96:dd:45:24:17:16:44:38:ec:d1:
f4:69:f5:70:2e:9f:2d:b2:5f:2d:70:f1:50:06:79:
bc:55:2d:f9:10:6b:d2:b1:d5:ab:b0:91:3d:f3:99:
1b:e7:9b:f1:b2:3b:51:ef:ef:8c:7f:9c:f5:dd:8c:
d0:26:01:91:c7:e3:10:ca:73:a2:c3:92:da:c3:bd:
44:07:ee:3b:b5:26:d7:94:90:ea:84:e7:ea:8e:dc:
30:8d:b8:7f:2a:fe:5f:d7:15:b6:df:f2:7b:1a:84:
9e:09:86:2f:cf:00:d9:e9:b1:97:87:d8:47:ab:db:
6b:f7:bd:bb:bc:a8:65:73:38:95:9b:2e:f1:b7:fc:
03:91:e9:7b:79:5f:01:a4:08:81:49:84:58:59:2e:
0a:0f:eb:f1:07:71:df:cb:05:b7:60:46:3e:fb:b6:
86:0b:1f:89:68:33:b7:02:42:62:53:17:e9:40:3c:
a5:f7:5c:3e:54:06:df:70:f7:5a:e3:b1:40:d9:ae:
e0:b8:ea:19:a3:f4:9f:3a:18:8f:e7:f1:04:02:56:
cd:ae:ac:17:7f:63:3d:60:3e:d9:bc:92:e6:de:dd:
90:be:fd:6f:fe:33:40:0a:a6:29:57:5d:fe:80:65:
b0:fc:20:c4:be:eb:b8:cb:e4:f7:a1:91:30:97:4b:
f7:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:0C:A0:DA:55:00:24:C5:4F:A4:7F:6F:FA:D7:EB:BC:A7:58:5F:E7
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HQyg2lUAJMVPpH9v-tfrvKdYX-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a5:dc:48:d0:9f:15:e6:8e:fa:0b:6d:a1:f0:c7:bd:7c:b3:b8:
f7:44:69:a5:89:b8:aa:08:fa:30:3c:71:0d:fc:e1:6e:ce:25:
b9:27:34:3b:10:a6:e7:36:8d:82:68:b4:90:f6:f5:04:5a:f0:
ad:9b:ee:8f:61:05:76:1b:dc:b0:c2:a6:cb:f3:dc:01:fd:23:
76:65:70:a9:87:c1:3d:7f:72:58:f6:b7:cf:aa:56:8b:6e:e6:
a3:54:c3:76:4b:7d:16:d7:15:66:0d:dd:cf:bd:f7:df:b9:d1:
a8:9c:56:4d:d2:ed:18:a2:3c:75:01:7a:b0:4e:1b:26:82:b9:
bb:a5:74:35:5b:3d:9e:c5:b3:28:e1:72:8c:03:0a:62:62:cf:
29:76:5f:7d:65:1b:ea:a1:15:c6:7d:cb:c3:56:2f:42:d8:d7:
00:18:65:25:e0:5e:9d:87:bc:33:e2:52:11:bc:74:10:e8:60:
5d:c3:a3:9c:91:7f:3e:50:a9:35:35:e6:d0:f1:62:4e:36:5e:
ef:3a:b9:ca:45:7e:2d:e4:50:07:bc:d5:67:a0:fb:7f:2e:f9:
7b:26:ca:c9:bc:ca:c4:b2:e3:f6:15:0f:ca:12:57:02:b1:ac:
1f:47:d1:1e:11:a3:23:98:f0:85:38:96:68:1c:cd:43:20:ab:
c9:67:32:c2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYiSjKmnhPiAVStZOTfTFTzyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjA2MjExMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDBjYTBkYTU1MDAyNGM1NGZhNDdmNmZmYWQ3ZWJiY2E3NTg1ZmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXbV8ZbdRSQXFkQ47NH0afVwLp8t
sl8tcPFQBnm8VS35EGvSsdWrsJE985kb55vxsjtR7++Mf5z13YzQJgGRx+MQynOi
w5Law71EB+47tSbXlJDqhOfqjtwwjbh/Kv5f1xW23/J7GoSeCYYvzwDZ6bGXh9hH
q9tr9727vKhlcziVmy7xt/wDkel7eV8BpAiBSYRYWS4KD+vxB3HfywW3YEY++7aG
Cx+JaDO3AkJiUxfpQDyl91w+VAbfcPda47FA2a7guOoZo/SfOhiP5/EEAlbNrqwX
f2M9YD7ZvJLm3t2Qvv1v/jNACqYpV13+gGWw/CDEvuu4y+T3oZEwl0v3oQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB0MoNpVACTFT6R/b/rX67ynWF/nMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSFF5ZzJsVUFKTVZQcEg5di10ZnJ2S2RZWC1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKXcSNCfFeaO+gttofDH
vXyzuPdEaaWJuKoI+jA8cQ384W7OJbknNDsQpuc2jYJotJD29QRa8K2b7o9hBXYb
3LDCpsvz3AH9I3ZlcKmHwT1/clj2t8+qVotu5qNUw3ZLfRbXFWYN3c+999+50aic
Vk3S7RiiPHUBerBOGyaCubuldDVbPZ7FsyjhcowDCmJizyl2X31lG+qhFcZ9y8NW
L0LY1wAYZSXgXp2HvDPiUhG8dBDoYF3Do5yRfz5QqTU15tDxYk42Xu86ucpFfi3k
UAe81Weg+38u+Xsmysm8ysSy4/YVD8oSVwKxrB9H0R4RoyOY8IU4lmgczUMgq8ln
MsI=
-----END CERTIFICATE-----
Generated at Thu May 1 02:41:16 2025 by rpki-client