Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HZnv2z3Tg15sTIpFx65XJKRhAxQ.roa
File: HZnv2z3Tg15sTIpFx65XJKRhAxQ.roa (raw, json)
Hash identifier: DRmu8+IPxkuxv50n234YQaIJSeGOXUoI4bTHFsNA4sw=
Subject key identifier: 1D:99:EF:DB:3D:D3:83:5E:6C:4C:8A:45:C7:AE:57:24:A4:61:03:14
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01860ED20D7D9D9AA5ED5B36033E2CB50F38
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HZnv2z3Tg15sTIpFx65XJKRhAxQ.roa
Signing time: Wed 01 Feb 2023 21:11:32 +0000
ROA not before: Wed 01 Feb 2023 21:11:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0e:d2:0d:7d:9d:9a:a5:ed:5b:36:03:3e:2c:b5:0f:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 1 21:11:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d99efdb3dd3835e6c4c8a45c7ae5724a4610314
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:6b:e4:b0:d7:db:85:91:5f:d8:0e:56:ac:c3:
3d:79:3d:c3:e0:ff:ef:ab:89:48:b2:e1:3a:af:e9:
b1:61:51:28:02:49:0f:a9:10:fe:c3:45:4d:55:8c:
05:49:83:95:a9:8e:c4:c9:64:dc:ec:54:32:34:6c:
8b:ea:af:1c:bb:5c:59:67:18:47:08:73:8c:22:e9:
0b:ae:ae:e4:81:0f:49:6a:bc:0f:5c:4c:61:8d:43:
20:21:6f:87:86:3e:28:e2:d9:53:ed:21:86:21:56:
77:6f:ae:68:a7:8c:a8:7c:c8:2d:d8:8e:37:8a:0e:
6f:01:d7:b8:cc:47:20:94:cd:66:06:92:cf:bd:52:
49:ad:f8:d5:f2:d7:93:dd:0f:89:42:90:1e:d1:d8:
1a:2d:08:6a:c2:d3:b1:cd:6a:46:37:45:82:ac:d1:
4b:12:6a:35:7a:37:18:e5:71:c9:0a:60:23:02:e2:
d7:08:37:9a:6e:5e:65:99:cf:0d:56:6f:a3:0f:b1:
e9:08:87:20:ac:7b:4b:21:ff:d9:24:34:df:47:68:
95:b4:25:99:7e:bb:b5:7d:98:b5:42:28:fd:c4:4d:
5b:f6:f1:4b:3a:86:74:92:7a:32:91:13:d3:f3:30:
af:08:fb:cc:43:67:0a:ae:d7:79:81:84:2e:28:8b:
2d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:99:EF:DB:3D:D3:83:5E:6C:4C:8A:45:C7:AE:57:24:A4:61:03:14
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HZnv2z3Tg15sTIpFx65XJKRhAxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a6:d4:93:06:48:f3:73:3f:aa:1a:30:7f:ce:97:16:ec:54:4e:
59:4c:26:43:99:aa:16:f3:d0:ac:5c:71:e5:e4:d0:74:b7:5d:
cd:9a:48:73:88:3b:41:c1:4f:26:b6:cd:f5:56:b8:0f:7b:71:
66:c4:e9:74:51:f7:17:16:d3:c6:e2:3c:fc:c0:6d:d0:d0:d7:
77:dd:9a:82:66:00:d5:58:39:00:ea:7d:a2:e0:a7:e2:41:6a:
51:d6:0e:d9:01:05:f0:d5:2a:5e:af:b6:4b:7d:c1:a1:39:a7:
e3:0a:af:61:19:10:95:0d:b8:df:07:ab:e7:1d:0d:fe:82:2b:
8a:75:ea:3a:fc:47:29:72:e4:38:cd:6a:3d:88:0f:a6:e2:9c:
ac:fe:b7:62:f3:f3:8d:90:d4:54:90:5c:07:29:d2:e3:e4:78:
50:37:e7:7b:dc:42:21:ff:5d:66:8e:45:e1:7c:b8:0a:b2:3b:
9b:80:0d:b4:f6:d2:23:54:01:58:0a:1e:5e:82:f5:f3:14:58:
a2:53:05:0c:f7:e5:c6:5c:d5:0d:a0:7b:b1:ea:b0:97:44:77:
be:12:56:48:44:44:f9:08:b9:b1:0c:dd:3b:e6:90:90:99:ca:
cd:49:82:46:63:90:49:8f:1b:68:d4:c4:27:47:a6:28:3a:c5:
56:ec:a0:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYO0g19nZql7Vs2Az4stQ84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjAxMjExMTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDk5ZWZkYjNkZDM4MzVlNmM0YzhhNDVjN2FlNTcyNGE0NjEwMzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGvksNfbhZFf2A5WrMM9eT3D4P/v
q4lIsuE6r+mxYVEoAkkPqRD+w0VNVYwFSYOVqY7EyWTc7FQyNGyL6q8cu1xZZxhH
CHOMIukLrq7kgQ9JarwPXExhjUMgIW+Hhj4o4tlT7SGGIVZ3b65op4yofMgt2I43
ig5vAde4zEcglM1mBpLPvVJJrfjV8teT3Q+JQpAe0dgaLQhqwtOxzWpGN0WCrNFL
Emo1ejcY5XHJCmAjAuLXCDeabl5lmc8NVm+jD7HpCIcgrHtLIf/ZJDTfR2iVtCWZ
fru1fZi1Qij9xE1b9vFLOoZ0knoykRPT8zCvCPvMQ2cKrtd5gYQuKIstNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB2Z79s904NebEyKRceuVySkYQMUMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSFpudjJ6M1RnMTVzVElwRng2NVhKS1JoQXhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKbUkwZI83M/qhowf86X
FuxUTllMJkOZqhbz0KxcceXk0HS3Xc2aSHOIO0HBTya2zfVWuA97cWbE6XRR9xcW
08biPPzAbdDQ13fdmoJmANVYOQDqfaLgp+JBalHWDtkBBfDVKl6vtkt9waE5p+MK
r2EZEJUNuN8Hq+cdDf6CK4p16jr8Ryly5DjNaj2ID6binKz+t2Lz842Q1FSQXAcp
0uPkeFA353vcQiH/XWaOReF8uAqyO5uADbT20iNUAVgKHl6C9fMUWKJTBQz35cZc
1Q2ge7HqsJdEd74SVkhERPkIubEM3TvmkJCZys1JgkZjkEmPG2jUxCdHpig6xVbs
oHg=
-----END CERTIFICATE-----
Generated at Thu May 1 22:59:13 2025 by rpki-client