Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HdlDueRd6KKgKYJgUz7JggiNsvo.roa
File: HdlDueRd6KKgKYJgUz7JggiNsvo.roa (raw, json)
Hash identifier: xfdO1HqohclHnxGPSdq51qYxpLfoiamWldcIAUsCYQk=
Subject key identifier: 1D:D9:43:B9:E4:5D:E8:A2:A0:29:82:60:53:3E:C9:82:08:8D:B2:FA
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185A61B9D5C58DAF9509BC8FA66792C313A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HdlDueRd6KKgKYJgUz7JggiNsvo.roa
Signing time: Thu 12 Jan 2023 13:11:45 +0000
ROA not before: Thu 12 Jan 2023 13:11:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a6:1b:9d:5c:58:da:f9:50:9b:c8:fa:66:79:2c:31:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 12 13:11:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1dd943b9e45de8a2a0298260533ec982088db2fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:60:e0:9f:69:24:a3:02:38:7b:87:92:e3:a9:
f2:1b:20:48:28:c7:90:58:41:66:26:fa:92:68:0f:
24:da:f7:3f:ea:2c:b1:12:7a:92:24:c4:6a:90:8c:
f8:79:7a:35:eb:e6:37:d0:67:f4:a5:f5:78:ee:7d:
e9:54:2b:c4:bd:b9:ed:79:4e:7d:d4:05:f7:e8:5f:
04:d5:6c:95:fe:36:f4:fd:26:63:5b:a0:02:4f:6e:
b5:5d:0e:e3:d5:47:c1:3a:44:89:b2:46:bd:26:3b:
a8:8a:42:48:08:05:32:9b:2d:32:65:82:dd:29:b0:
07:c2:05:d2:3d:08:34:3c:96:0c:a6:8b:da:75:7c:
bc:b3:71:52:af:98:f8:74:1e:dc:26:a8:d8:fd:06:
fa:12:37:8f:11:34:cc:54:3c:29:27:ed:6d:b2:ea:
82:3c:8e:5d:0b:49:8b:42:28:91:4a:ae:f0:c6:ac:
7f:16:c0:4f:32:79:7e:5a:24:c6:7f:96:ad:3e:1d:
fc:51:ea:4c:c0:cc:95:93:dc:57:b4:48:d9:ca:04:
bf:3e:e6:25:56:24:31:f9:96:03:da:8c:5a:5e:05:
5f:f2:9f:a9:ed:e0:fb:9f:1f:59:f6:0d:2a:85:f5:
26:60:00:84:2e:ce:36:50:28:20:15:54:fe:84:14:
26:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:D9:43:B9:E4:5D:E8:A2:A0:29:82:60:53:3E:C9:82:08:8D:B2:FA
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HdlDueRd6KKgKYJgUz7JggiNsvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:bb:d3:37:ef:43:9c:2b:14:93:13:cc:cf:af:0a:4f:31:d9:
61:20:8c:bf:91:83:46:fd:17:08:a2:5f:21:d8:a6:13:ef:40:
03:42:4f:3e:c6:7b:17:0a:b6:15:b5:ad:f0:c3:c4:3a:1c:56:
f5:be:96:8c:5c:52:3a:af:37:df:96:9a:8b:ec:ce:e7:ca:16:
8e:38:f1:a5:b3:87:91:c9:12:c5:7e:22:9a:97:79:0a:74:c2:
c9:9f:ce:e6:fa:9b:28:d1:d9:96:6b:0d:88:79:49:59:7c:ba:
3e:95:c5:ec:f9:d7:ac:63:60:bb:ba:40:fb:ca:dc:a1:a1:69:
64:44:8a:68:da:ab:43:47:b4:4f:a1:bb:09:a4:06:6f:68:98:
64:a1:20:1e:21:d0:f7:65:42:13:a5:95:15:2c:15:ba:a3:d3:
6e:ad:b5:dc:27:f1:13:56:1f:8e:f6:06:96:03:dc:ae:a1:34:
1f:60:04:fb:bf:e5:f4:4b:7f:7c:83:82:fd:ab:65:6a:fb:64:
20:b5:8c:ed:df:6f:97:ab:28:4b:3d:c7:ea:90:86:06:0b:49:
39:e3:d0:15:97:af:30:f4:2d:6c:80:07:3e:14:3f:e0:9a:54:
32:d5:13:2c:2e:7c:4a:46:90:e5:a7:26:25:86:2c:a7:f6:39:
89:0b:4c:ac
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWmG51cWNr5UJvI+mZ5LDE6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTEyMTMxMTQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGQ5NDNiOWU0NWRlOGEyYTAyOTgyNjA1MzNlYzk4MjA4OGRiMmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmDgn2kkowI4e4eS46nyGyBIKMeQ
WEFmJvqSaA8k2vc/6iyxEnqSJMRqkIz4eXo16+Y30Gf0pfV47n3pVCvEvbnteU59
1AX36F8E1WyV/jb0/SZjW6ACT261XQ7j1UfBOkSJska9JjuoikJICAUymy0yZYLd
KbAHwgXSPQg0PJYMpovadXy8s3FSr5j4dB7cJqjY/Qb6EjePETTMVDwpJ+1tsuqC
PI5dC0mLQiiRSq7wxqx/FsBPMnl+WiTGf5atPh38UepMwMyVk9xXtEjZygS/PuYl
ViQx+ZYD2oxaXgVf8p+p7eD7nx9Z9g0qhfUmYACELs42UCggFVT+hBQmRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB3ZQ7nkXeiioCmCYFM+yYIIjbL6MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSGRsRHVlUmQ2S0tnS1lKZ1V6N0pnZ2lOc3ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGG70zfvQ5wrFJMTzM+v
Ck8x2WEgjL+Rg0b9FwiiXyHYphPvQANCTz7GexcKthW1rfDDxDocVvW+loxcUjqv
N9+WmovszufKFo448aWzh5HJEsV+IpqXeQp0wsmfzub6myjR2ZZrDYh5SVl8uj6V
xez516xjYLu6QPvK3KGhaWREimjaq0NHtE+huwmkBm9omGShIB4h0PdlQhOllRUs
Fbqj026ttdwn8RNWH472BpYD3K6hNB9gBPu/5fRLf3yDgv2rZWr7ZCC1jO3fb5er
KEs9x+qQhgYLSTnj0BWXrzD0LWyABz4UP+CaVDLVEywufEpGkOWnJiWGLKf2OYkL
TKw=
-----END CERTIFICATE-----
Generated at Thu May 1 02:36:45 2025 by rpki-client