Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HTN28WfGnJ2RbbtMQvAUsyXuTb8.roa
File: HTN28WfGnJ2RbbtMQvAUsyXuTb8.roa (raw, json)
Hash identifier: eTPQP2ZcCkbxQJu3ITla8lxt6DCiwtNGrg5crjdgjcE=
Subject key identifier: 1D:33:76:F1:67:C6:9C:9D:91:6D:BB:4C:42:F0:14:B3:25:EE:4D:BF
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189C9B12CECDC23E630AFEBB9B3D303786D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HTN28WfGnJ2RbbtMQvAUsyXuTb8.roa
Signing time: Sun 06 Aug 2023 07:12:58 +0000
ROA not before: Sun 06 Aug 2023 07:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c9:b1:2c:ec:dc:23:e6:30:af:eb:b9:b3:d3:03:78:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 6 07:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d3376f167c69c9d916dbb4c42f014b325ee4dbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:65:3f:9d:82:1a:97:fa:54:d6:27:1d:01:cc:
26:c5:2b:d5:ee:26:d4:1a:34:3a:7e:6c:c6:61:76:
3a:34:ea:39:dc:1c:eb:37:58:aa:bb:34:45:43:9d:
f3:4f:c7:7c:6a:6f:b3:e0:d3:31:88:1d:ff:7e:e7:
2d:c0:88:49:7f:6f:a6:2c:3d:6c:ca:9c:dd:a1:7a:
54:29:a1:f0:9a:2c:49:24:13:9f:e5:f5:fb:af:4f:
0d:f3:cb:f3:be:7d:2c:44:fe:d5:e6:51:91:f7:5d:
c4:27:65:b1:75:41:27:9b:12:38:d5:8b:33:67:54:
a9:03:6b:7f:0e:9d:06:98:a8:ae:da:8c:bb:58:2d:
32:99:23:4e:48:c6:b5:fd:0f:34:c8:57:9a:42:e0:
ee:83:42:9c:a2:76:f9:33:0e:25:9e:82:2d:37:d1:
80:08:2b:fc:8e:c8:62:28:39:16:bf:39:3d:b2:9a:
29:33:29:ea:85:3f:bc:66:b6:35:38:5d:09:18:f8:
e6:52:04:40:99:ee:80:54:c5:45:f2:0f:15:a7:e5:
97:f9:b1:e3:4e:03:b8:c4:dc:1b:b5:fd:54:69:24:
e0:f5:84:ca:c2:ee:98:50:4d:d4:f4:fc:99:3c:f2:
1d:6b:c1:6a:4a:39:6b:7b:fe:b9:e9:45:14:57:8b:
c0:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:33:76:F1:67:C6:9C:9D:91:6D:BB:4C:42:F0:14:B3:25:EE:4D:BF
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HTN28WfGnJ2RbbtMQvAUsyXuTb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:01:0c:97:4f:a1:fe:b0:32:ce:7f:0b:ed:bb:ce:f2:f7:b2:
aa:d6:a8:43:50:95:19:e9:ad:86:bc:73:87:f3:4a:d8:00:b8:
01:4e:ca:eb:3c:ee:e6:b2:6e:ec:73:1c:b4:75:b0:b3:29:dd:
1e:9c:1d:6f:4d:e0:c8:20:71:eb:6c:f7:99:e7:ae:9c:69:d0:
d3:b5:08:bf:83:ec:83:48:d8:30:e2:89:2f:19:b8:b2:a2:c4:
e4:74:33:81:61:a6:00:f6:88:51:d3:04:f9:04:fb:12:b3:4f:
b8:dc:d4:6e:ac:40:85:7a:c9:8d:c1:4f:aa:c1:d4:10:44:90:
3f:60:34:e5:a3:9f:c5:f4:a9:1b:92:a7:fd:db:89:1f:90:ab:
93:92:71:89:8b:c1:e9:4b:03:c3:75:08:38:38:ff:1e:df:46:
bc:a9:08:f4:44:3f:8d:59:38:2a:61:07:43:c9:0c:7c:9b:2c:
02:94:bf:2d:a6:ba:79:18:16:4e:1d:ea:45:31:a6:7d:3e:7a:
46:27:fa:a5:6e:9e:70:48:63:8d:eb:01:7a:c8:01:17:89:e1:
20:69:a3:9e:72:91:8b:70:f4:21:a2:58:76:98:fd:a9:cb:7c:
4e:b5:e0:74:78:71:28:32:c6:ae:bf:ec:f5:26:2f:5a:9f:6a:
c6:da:74:08
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnJsSzs3CPmMK/rubPTA3htMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA2MDcxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDMzNzZmMTY3YzY5YzlkOTE2ZGJiNGM0MmYwMTRiMzI1ZWU0ZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmU/nYIal/pU1icdAcwmxSvV7ibU
GjQ6fmzGYXY6NOo53BzrN1iquzRFQ53zT8d8am+z4NMxiB3/fuctwIhJf2+mLD1s
ypzdoXpUKaHwmixJJBOf5fX7r08N88vzvn0sRP7V5lGR913EJ2WxdUEnmxI41Ysz
Z1SpA2t/Dp0GmKiu2oy7WC0ymSNOSMa1/Q80yFeaQuDug0Kconb5Mw4lnoItN9GA
CCv8jshiKDkWvzk9spopMynqhT+8ZrY1OF0JGPjmUgRAme6AVMVF8g8Vp+WX+bHj
TgO4xNwbtf1UaSTg9YTKwu6YUE3U9PyZPPIda8FqSjlre/656UUUV4vACwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB0zdvFnxpydkW27TELwFLMl7k2/MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSFROMjhXZkduSjJSYmJ0TVF2QVVzeVh1VGI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKcBDJdPof6wMs5/C+27
zvL3sqrWqENQlRnprYa8c4fzStgAuAFOyus87uaybuxzHLR1sLMp3R6cHW9N4Mgg
cets95nnrpxp0NO1CL+D7INI2DDiiS8ZuLKixOR0M4FhpgD2iFHTBPkE+xKzT7jc
1G6sQIV6yY3BT6rB1BBEkD9gNOWjn8X0qRuSp/3biR+Qq5OScYmLwelLA8N1CDg4
/x7fRrypCPREP41ZOCphB0PJDHybLAKUvy2munkYFk4d6kUxpn0+ekYn+qVunnBI
Y43rAXrIAReJ4SBpo55ykYtw9CGiWHaY/anLfE614HR4cSgyxq6/7PUmL1qfasba
dAg=
-----END CERTIFICATE-----
Generated at Wed Apr 30 23:36:31 2025 by rpki-client