Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/H_lXZCw0zxEQvAtK4UoGn1pylzE.roa
File: H_lXZCw0zxEQvAtK4UoGn1pylzE.roa (raw, json)
Hash identifier: S028mvaRMQWPUuzV9G8+G1v4cPFOIl33XdUwd5EsfRA=
Subject key identifier: 1F:F9:57:64:2C:34:CF:11:10:BC:0B:4A:E1:4A:06:9F:5A:72:97:31
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018312EF6A33FA993385AFED695337A96B07
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/H_lXZCw0zxEQvAtK4UoGn1pylzE.roa
Signing time: Tue 06 Sep 2022 13:13:43 +0000
ROA not before: Tue 06 Sep 2022 13:13:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:183:1279:659d/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:12:ef:6a:33:fa:99:33:85:af:ed:69:53:37:a9:6b:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 6 13:13:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ff957642c34cf1110bc0b4ae14a069f5a729731
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:43:6e:43:ec:27:9d:8b:5a:44:99:ab:b1:0f:
7c:04:e8:85:17:e2:5c:ef:b4:d5:72:bf:20:ad:e3:
a4:76:2e:ea:d8:a8:fc:a7:9d:a7:dc:70:c1:74:d9:
a4:cd:c0:9f:f6:bc:d6:62:77:20:9f:9d:10:b1:5d:
fe:dd:4b:d2:92:fb:97:4d:ed:60:12:d7:2b:48:17:
e9:aa:b2:4f:15:9b:e6:6f:13:48:67:60:c4:24:fa:
20:2c:07:8d:e3:98:a0:81:58:b2:dd:62:68:b5:03:
be:86:89:13:d4:b1:8e:4d:3a:bb:c7:8a:a3:c8:6e:
3d:6c:e7:93:60:fd:b8:05:f6:58:80:ec:23:b0:d0:
27:24:33:98:2e:bf:94:1b:5d:11:55:88:f0:a6:9e:
6c:80:7a:2f:fb:e2:61:a6:30:87:5e:e9:13:2d:67:
79:af:70:a0:74:91:26:aa:f1:ba:33:b9:f0:43:27:
ac:8b:36:86:c8:68:d0:9e:c2:4b:e3:3a:a0:26:ea:
c2:ff:6a:b9:76:3d:19:63:e5:49:15:32:74:38:ca:
e5:17:8c:51:40:b6:76:fc:d7:c0:fd:e3:c2:52:ac:
12:b9:be:1b:75:ed:93:f0:7c:f5:1a:9f:04:35:7d:
2a:10:cd:ef:8e:c4:b5:4d:e7:8b:4e:e7:80:7b:84:
f9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:F9:57:64:2C:34:CF:11:10:BC:0B:4A:E1:4A:06:9F:5A:72:97:31
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/H_lXZCw0zxEQvAtK4UoGn1pylzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:d6:46:c6:36:91:90:ed:41:a0:26:66:1f:4c:bd:8f:a4:bc:
ad:94:f0:dc:f5:c7:93:48:b0:cb:93:31:70:d2:f3:43:27:94:
37:6e:8a:f7:5d:f3:a4:e7:a7:e3:ef:02:dd:82:2c:17:0c:72:
8e:05:6c:08:cd:f0:a8:a7:80:51:fe:7c:ef:24:d3:93:5d:96:
2c:74:26:d0:96:e2:58:2d:88:92:80:df:22:f2:dd:df:0d:26:
f4:5c:ab:c3:77:b1:df:fa:a1:78:95:e7:d1:da:46:ad:3b:81:
ce:ac:d1:87:85:64:69:3a:85:fb:56:95:b3:8f:90:72:ae:9e:
63:7c:55:0c:cb:50:b1:75:76:61:89:dd:6a:df:52:97:ee:2e:
d4:3e:2c:e7:8a:7c:c4:e7:da:a0:9e:7a:63:fd:09:f0:9c:d9:
ab:ed:8b:17:37:57:cc:11:5d:d3:cc:84:18:35:dc:61:dc:54:
e1:f3:76:c2:6b:7f:13:91:dd:73:85:f8:51:96:fd:c5:fc:35:
6d:03:bf:8f:c2:03:21:9d:c8:db:3c:83:90:0f:8f:25:41:78:
05:1a:de:15:0d:b9:e8:ca:79:b2:2f:27:e0:6a:73:76:a4:9e:
c4:ff:46:09:07:c4:3d:0f:34:83:38:31:e3:5a:bb:7c:ed:4c:
e7:a5:02:91
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMS72oz+pkzha/taVM3qWsHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTA2MTMxMzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmY5NTc2NDJjMzRjZjExMTBiYzBiNGFlMTRhMDY5ZjVhNzI5NzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUNuQ+wnnYtaRJmrsQ98BOiFF+Jc
77TVcr8greOkdi7q2Kj8p52n3HDBdNmkzcCf9rzWYncgn50QsV3+3UvSkvuXTe1g
EtcrSBfpqrJPFZvmbxNIZ2DEJPogLAeN45iggViy3WJotQO+hokT1LGOTTq7x4qj
yG49bOeTYP24BfZYgOwjsNAnJDOYLr+UG10RVYjwpp5sgHov++JhpjCHXukTLWd5
r3CgdJEmqvG6M7nwQyesizaGyGjQnsJL4zqgJurC/2q5dj0ZY+VJFTJ0OMrlF4xR
QLZ2/NfA/ePCUqwSub4bde2T8Hz1Gp8ENX0qEM3vjsS1TeeLTueAe4T5bQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB/5V2QsNM8RELwLSuFKBp9acpcxMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSF9sWFpDdzB6eEVRdkF0SzRVb0duMXB5bHpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADPWRsY2kZDtQaAmZh9M
vY+kvK2U8Nz1x5NIsMuTMXDS80MnlDduivdd86Tnp+PvAt2CLBcMco4FbAjN8Kin
gFH+fO8k05Ndlix0JtCW4lgtiJKA3yLy3d8NJvRcq8N3sd/6oXiV59HaRq07gc6s
0YeFZGk6hftWlbOPkHKunmN8VQzLULF1dmGJ3WrfUpfuLtQ+LOeKfMTn2qCeemP9
CfCc2avtixc3V8wRXdPMhBg13GHcVOHzdsJrfxOR3XOF+FGW/cX8NW0Dv4/CAyGd
yNs8g5APjyVBeAUa3hUNuejKebIvJ+Bqc3aknsT/RgkHxD0PNIM4MeNau3ztTOel
ApE=
-----END CERTIFICATE-----
Generated at Thu May 1 12:21:21 2025 by rpki-client