Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HhJ8anWgb1M9BRRth1HcASQOiB0.roa
File: HhJ8anWgb1M9BRRth1HcASQOiB0.roa (raw, json)
Hash identifier: ifO5lkokGGX+l379GfueWmPkMtRsOqBS1yUvnLqfFWg=
Subject key identifier: 1E:12:7C:6A:75:A0:6F:53:3D:05:14:6D:87:51:DC:01:24:0E:88:1D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186759B03F509B25DF3DD8D2EB941E95AA9
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HhJ8anWgb1M9BRRth1HcASQOiB0.roa
Signing time: Tue 21 Feb 2023 20:12:18 +0000
ROA not before: Tue 21 Feb 2023 20:12:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:75:9b:03:f5:09:b2:5d:f3:dd:8d:2e:b9:41:e9:5a:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 21 20:12:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e127c6a75a06f533d05146d8751dc01240e881d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:0f:fd:05:ce:e6:50:c3:b6:5b:44:0f:d1:5a:
1a:43:a0:da:56:56:7d:2b:f2:02:00:9b:d4:0b:26:
35:b5:12:f8:e3:15:b5:8c:e0:32:a3:f0:e1:9d:9a:
28:6c:de:5c:ff:a6:a0:6a:8c:5c:d9:a5:3a:ba:5f:
6e:65:ae:46:fa:6c:e1:d2:25:0c:59:a3:63:7f:ba:
45:37:db:74:74:75:2d:39:15:5f:9e:e4:35:9f:bd:
07:3d:30:a9:b0:c9:20:1e:11:1f:e5:88:97:c5:83:
75:c5:a1:fe:0a:07:e4:19:f3:95:79:97:92:5c:30:
7d:cd:11:40:d7:50:a2:9f:85:8c:d5:bc:4b:4d:02:
b6:f9:9a:ce:58:54:17:f5:7f:7e:e9:0a:2b:bc:d4:
14:f3:1a:52:de:1d:c3:8f:6c:01:f8:75:a1:7a:8a:
b6:4f:bd:bb:7b:a5:c8:a8:43:83:bd:ee:4e:41:0c:
d7:32:20:42:a4:f8:9b:79:a3:8d:37:66:c0:af:e0:
1e:c0:f1:e6:81:63:02:ff:c0:1b:a9:7b:87:54:f1:
82:42:d6:7e:81:e6:3f:93:66:2a:08:fe:14:cd:b1:
88:e2:eb:8d:81:7a:10:07:42:4b:db:e3:f3:7d:35:
9a:4b:5c:f6:8f:ef:d9:9a:e3:ba:55:13:63:5b:b6:
fd:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:12:7C:6A:75:A0:6F:53:3D:05:14:6D:87:51:DC:01:24:0E:88:1D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HhJ8anWgb1M9BRRth1HcASQOiB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
50:5d:72:02:85:70:de:00:09:d4:c5:0c:03:33:65:0b:21:dc:
1f:a3:16:8d:26:ee:b5:b0:19:24:bf:a0:ed:07:55:4d:6c:72:
bb:ff:21:6f:ff:4f:52:99:6a:25:f0:98:fb:fd:bb:80:db:b8:
66:2d:3b:c3:31:fd:a8:0b:fd:65:b0:03:b9:eb:fa:f9:7b:ba:
1e:b6:1c:fb:2a:bd:14:46:3a:96:9e:9e:bd:da:aa:eb:26:06:
0c:f3:04:c7:96:a5:e3:04:38:37:f7:a8:15:24:9a:24:d9:45:
cc:f5:13:fb:d8:7f:38:64:95:88:b9:25:ad:39:9c:b6:3d:c6:
c7:df:00:76:47:32:34:d1:f1:76:88:b8:01:56:50:88:f5:cf:
68:af:9d:34:61:f2:e6:c0:53:1b:94:d4:2f:fd:33:ff:f7:06:
e1:7c:65:3b:a3:2f:c9:6c:9a:65:8f:ea:e2:bf:78:86:e8:65:
4b:a0:66:26:89:e6:68:34:7d:fb:63:e0:f2:5f:46:42:f3:33:
01:f0:fa:88:af:5b:88:ee:fd:19:c1:ec:52:fe:ec:ba:d9:20:
7c:8a:63:bf:bb:a9:3b:4f:d7:3b:80:0e:eb:bb:c6:e2:a2:ec:
7a:ff:4c:a8:74:77:9c:25:07:8a:21:27:ec:ff:f2:86:90:cd:
32:e7:a7:28
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ1mwP1CbJd892NLrlB6VqpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIxMjAxMjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTEyN2M2YTc1YTA2ZjUzM2QwNTE0NmQ4NzUxZGMwMTI0MGU4ODFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQ/9Bc7mUMO2W0QP0VoaQ6DaVlZ9
K/ICAJvUCyY1tRL44xW1jOAyo/DhnZoobN5c/6agaoxc2aU6ul9uZa5G+mzh0iUM
WaNjf7pFN9t0dHUtORVfnuQ1n70HPTCpsMkgHhEf5YiXxYN1xaH+CgfkGfOVeZeS
XDB9zRFA11Cin4WM1bxLTQK2+ZrOWFQX9X9+6QorvNQU8xpS3h3Dj2wB+HWheoq2
T727e6XIqEODve5OQQzXMiBCpPibeaONN2bAr+AewPHmgWMC/8AbqXuHVPGCQtZ+
geY/k2YqCP4UzbGI4uuNgXoQB0JL2+PzfTWaS1z2j+/ZmuO6VRNjW7b9kQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB4SfGp1oG9TPQUUbYdR3AEkDogdMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSGhKOGFuV2diMU05QlJSdGgxSGNBU1FPaUIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFBdcgKFcN4ACdTFDAMz
ZQsh3B+jFo0m7rWwGSS/oO0HVU1scrv/IW//T1KZaiXwmPv9u4DbuGYtO8Mx/agL
/WWwA7nr+vl7uh62HPsqvRRGOpaenr3aqusmBgzzBMeWpeMEODf3qBUkmiTZRcz1
E/vYfzhklYi5Ja05nLY9xsffAHZHMjTR8XaIuAFWUIj1z2ivnTRh8ubAUxuU1C/9
M//3BuF8ZTujL8lsmmWP6uK/eIboZUugZiaJ5mg0fftj4PJfRkLzMwHw+oivW4ju
/RnB7FL+7LrZIHyKY7+7qTtP1zuADuu7xuKi7Hr/TKh0d5wlB4ohJ+z/8oaQzTLn
pyg=
-----END CERTIFICATE-----
Generated at Wed Apr 30 23:12:32 2025 by rpki-client