Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Hf5BOA-Zp6sKQVRtfUOJvP064dg.roa
File: Hf5BOA-Zp6sKQVRtfUOJvP064dg.roa (raw, json)
Hash identifier: n7sgKR4ADJ4DaS4hTaE9WLwqdEsbU4PZHTnju5Sl29s=
Subject key identifier: 1D:FE:41:38:0F:99:A7:AB:0A:41:54:6D:7D:43:89:BC:FD:3A:E1:D8
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189E633C426BE4EA22E2DBEE33D742B622E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Hf5BOA-Zp6sKQVRtfUOJvP064dg.roa
Signing time: Fri 11 Aug 2023 20:04:59 +0000
ROA not before: Fri 11 Aug 2023 20:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
2001:67c:64:ffff:0:189:e633:12bd/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e6:33:c4:26:be:4e:a2:2e:2d:be:e3:3d:74:2b:62:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 11 20:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1dfe41380f99a7ab0a41546d7d4389bcfd3ae1d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ed:0b:85:89:bd:7a:f6:fb:d9:fd:34:2a:fc:
b1:85:28:db:78:f4:88:02:f0:b7:f7:7e:76:11:ac:
74:68:70:09:5b:9a:46:c2:7e:cc:88:35:40:f2:9b:
59:30:7d:54:e1:25:8d:a9:81:b2:52:30:22:7b:65:
7e:e1:39:bc:8b:07:7d:dd:65:5b:82:e3:e2:fd:f6:
c8:e3:8c:af:a4:27:99:4d:da:4d:b7:7c:4c:80:7e:
b6:71:64:71:77:b8:a2:d1:82:34:b5:20:e7:13:3e:
cc:30:a2:4c:f3:e0:f5:43:07:9d:ad:33:d6:57:f7:
66:db:8c:55:18:b2:51:fe:71:e8:50:31:93:26:09:
1e:59:2a:d9:64:54:e4:7a:f7:64:8f:c5:86:30:db:
87:cc:30:78:22:5c:18:37:47:27:b9:17:37:fe:58:
2c:09:9c:1c:15:8d:fc:bb:63:19:cc:f8:ce:c2:1e:
e6:e4:73:a0:d8:e0:f2:cd:8c:2e:15:d0:b7:c2:e2:
e2:5a:9f:a2:a6:ce:41:da:ce:23:ff:01:ae:7f:9c:
e9:79:af:0c:10:88:b9:95:f1:78:d4:5b:05:0e:e6:
7c:7e:e7:b2:98:1a:23:41:d3:9e:34:6c:33:e1:e4:
b8:52:db:01:71:de:4d:a1:24:f7:f0:4f:72:b4:bd:
9c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:FE:41:38:0F:99:A7:AB:0A:41:54:6D:7D:43:89:BC:FD:3A:E1:D8
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Hf5BOA-Zp6sKQVRtfUOJvP064dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
24:b5:7d:c1:df:b7:94:af:de:b7:4b:03:43:e5:b3:7c:7b:50:
77:3d:3a:a2:26:8b:f9:7c:3d:a6:0d:3b:ff:2c:ae:62:2e:09:
74:59:c4:f3:37:fb:f1:2f:53:99:a9:0c:5b:9c:9d:b0:67:fa:
65:84:43:ba:5e:8e:48:6f:e5:4e:1a:bf:41:60:02:f3:99:fb:
97:98:fb:8c:9a:5d:c0:f5:dc:a4:0e:2f:0e:9c:bb:36:2f:9a:
b4:0b:a1:6b:37:c8:56:ad:50:9d:ab:75:94:28:71:07:e3:72:
7c:b8:a7:d3:08:10:7b:a1:01:b3:9a:ee:6a:ee:8a:b3:63:9f:
e0:1d:47:b9:c7:cf:2f:df:bd:cc:cf:f7:42:9c:00:66:e4:68:
ec:4e:23:05:3c:ba:87:e5:f7:64:ff:4b:56:71:26:7f:78:89:
b4:80:77:19:51:f2:3c:45:bd:f9:95:f0:bb:4e:86:82:be:17:
75:1e:d5:bd:68:b5:2b:cf:2b:20:84:50:7e:3d:f7:44:71:1f:
3f:53:8d:af:1c:1c:dc:ba:95:e8:3a:a9:5d:70:95:fc:bd:78:
ac:28:10:0b:af:fe:a8:91:65:50:6f:57:37:9d:89:03:ae:cf:
01:75:63:05:14:59:f0:db:d0:1f:eb:24:1f:20:d9:d2:ec:06:
d0:19:92:42
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnmM8Qmvk6iLi2+4z10K2IuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODExMjAwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGZlNDEzODBmOTlhN2FiMGE0MTU0NmQ3ZDQzODliY2ZkM2FlMWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+0LhYm9evb72f00KvyxhSjbePSI
AvC39352Eax0aHAJW5pGwn7MiDVA8ptZMH1U4SWNqYGyUjAie2V+4Tm8iwd93WVb
guPi/fbI44yvpCeZTdpNt3xMgH62cWRxd7ii0YI0tSDnEz7MMKJM8+D1QwedrTPW
V/dm24xVGLJR/nHoUDGTJgkeWSrZZFTkevdkj8WGMNuHzDB4IlwYN0cnuRc3/lgs
CZwcFY38u2MZzPjOwh7m5HOg2ODyzYwuFdC3wuLiWp+ips5B2s4j/wGuf5zpea8M
EIi5lfF41FsFDuZ8fueymBojQdOeNGwz4eS4UtsBcd5NoST38E9ytL2cgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB3+QTgPmaerCkFUbX1Dibz9OuHYMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSGY1Qk9BLVpwNnNLUVZSdGZVT0p2UDA2NGRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACS1fcHft5Sv3rdLA0Pl
s3x7UHc9OqImi/l8PaYNO/8srmIuCXRZxPM3+/EvU5mpDFucnbBn+mWEQ7pejkhv
5U4av0FgAvOZ+5eY+4yaXcD13KQOLw6cuzYvmrQLoWs3yFatUJ2rdZQocQfjcny4
p9MIEHuhAbOa7mruirNjn+AdR7nHzy/fvczP90KcAGbkaOxOIwU8uofl92T/S1Zx
Jn94ibSAdxlR8jxFvfmV8LtOhoK+F3Ue1b1otSvPKyCEUH4990RxHz9Tja8cHNy6
leg6qV1wlfy9eKwoEAuv/qiRZVBvVzediQOuzwF1YwUUWfDb0B/rJB8g2dLsBtAZ
kkI=
-----END CERTIFICATE-----
Generated at Thu May 1 10:11:41 2025 by rpki-client