Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HkSgWgXxbNnYAHMusMosu88UiKU.roa
File: HkSgWgXxbNnYAHMusMosu88UiKU.roa (raw, json)
Hash identifier: yVfQvyFoEZnCYaVtPoVDn1tV8FwJPCsPgLwrGR5PLmo=
Subject key identifier: 1E:44:A0:5A:05:F1:6C:D9:D8:00:73:2E:B0:CA:2C:BB:CF:14:88:A5
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018668833F1EFC629573E34BB2E6848E11E7
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HkSgWgXxbNnYAHMusMosu88UiKU.roa
Signing time: Sun 19 Feb 2023 07:11:17 +0000
ROA not before: Sun 19 Feb 2023 07:11:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:68:83:3f:1e:fc:62:95:73:e3:4b:b2:e6:84:8e:11:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 19 07:11:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e44a05a05f16cd9d800732eb0ca2cbbcf1488a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:52:42:54:7d:b9:f4:81:40:bc:80:84:2f:80:
b4:f5:e0:2d:3b:7e:3d:ac:dd:1c:55:9d:b8:44:e8:
d3:6b:13:61:a3:ea:d0:ea:a4:70:84:3d:f6:91:cd:
8b:10:ab:9a:9f:6f:d6:f6:f7:24:a8:f9:b2:1d:69:
3f:8e:59:7c:d3:f1:c1:6a:0a:32:1b:fd:c0:9f:a4:
f3:c5:20:fc:bd:9b:6b:68:44:f1:93:1c:cd:37:e6:
80:2f:8d:6f:20:50:e3:d5:74:58:b0:70:eb:98:d0:
20:9e:a5:49:46:a2:b2:97:be:6f:e9:9f:53:f5:3b:
a4:93:2c:40:93:33:18:53:a4:9c:96:c2:cb:18:d1:
51:a7:4d:e7:69:f2:d9:2f:91:aa:a9:b0:5b:be:7e:
fd:ac:00:6f:51:6b:6b:ca:94:2e:96:72:04:60:c7:
5f:c4:0c:3a:72:8e:ed:78:18:fe:84:63:b9:d3:27:
c0:43:2c:6f:96:ad:51:c3:65:a8:a7:07:c5:93:d2:
b4:e5:a3:30:0d:d0:0c:3e:bc:95:aa:b2:79:fe:69:
71:43:4e:28:84:37:8f:12:d7:8b:69:e4:a7:1e:1c:
8f:a9:92:06:86:28:c4:a3:6d:40:21:73:78:61:44:
2d:1a:f6:34:0e:12:6f:ae:4e:18:ef:8b:45:f6:3f:
05:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:44:A0:5A:05:F1:6C:D9:D8:00:73:2E:B0:CA:2C:BB:CF:14:88:A5
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HkSgWgXxbNnYAHMusMosu88UiKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
26:55:a0:cd:36:01:90:8a:f3:24:3c:ed:31:a7:57:99:2c:de:
2b:33:8b:19:e0:e0:e9:72:94:f5:92:60:b9:0c:71:12:1b:f3:
9d:6c:f6:01:7e:a4:bb:48:d7:88:03:09:67:c5:bb:fe:c0:b0:
d6:62:84:7c:92:fa:86:5e:09:54:b5:9e:1e:ea:8c:62:1f:b0:
83:d5:99:e1:aa:e7:00:af:dd:51:47:21:03:fc:47:79:7e:19:
f9:5d:c9:dd:52:13:65:a4:03:1d:06:78:25:fd:68:c7:09:d7:
2f:5c:df:7a:da:98:7b:52:48:11:1f:a9:4e:b0:2b:8d:46:b5:
c1:87:62:eb:3a:e9:5f:3a:8b:65:7e:95:42:94:d3:26:e9:84:
4c:a4:dd:63:e7:e3:17:3e:0a:2a:19:f9:d5:fe:f9:15:19:f0:
3e:18:cb:29:28:b9:9f:00:02:ce:93:1a:99:3c:74:48:2c:9d:
29:e1:73:d1:56:30:73:f2:d2:63:a2:aa:2f:b6:ff:37:02:08:
d2:96:f6:91:a2:c6:03:0d:c1:93:d7:0c:14:3b:73:96:4a:71:
4d:f1:46:07:ee:7c:a8:14:63:1b:aa:b4:b1:ca:2f:f9:cf:3c:
34:ea:f1:ff:44:16:10:4e:66:dc:53:59:f9:ff:55:72:7e:f5:
2f:87:80:79
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZogz8e/GKVc+NLsuaEjhHnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE5MDcxMTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTQ0YTA1YTA1ZjE2Y2Q5ZDgwMDczMmViMGNhMmNiYmNmMTQ4OGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVJCVH259IFAvICEL4C09eAtO349
rN0cVZ24ROjTaxNho+rQ6qRwhD32kc2LEKuan2/W9vckqPmyHWk/jll80/HBagoy
G/3An6TzxSD8vZtraETxkxzNN+aAL41vIFDj1XRYsHDrmNAgnqVJRqKyl75v6Z9T
9TukkyxAkzMYU6SclsLLGNFRp03nafLZL5GqqbBbvn79rABvUWtrypQulnIEYMdf
xAw6co7teBj+hGO50yfAQyxvlq1Rw2WopwfFk9K05aMwDdAMPryVqrJ5/mlxQ04o
hDePEteLaeSnHhyPqZIGhijEo21AIXN4YUQtGvY0DhJvrk4Y74tF9j8FZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB5EoFoF8WzZ2ABzLrDKLLvPFIilMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSGtTZ1dnWHhiTm5ZQUhNdXNNb3N1ODhVaUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACZVoM02AZCK8yQ87TGn
V5ks3iszixng4OlylPWSYLkMcRIb851s9gF+pLtI14gDCWfFu/7AsNZihHyS+oZe
CVS1nh7qjGIfsIPVmeGq5wCv3VFHIQP8R3l+Gfldyd1SE2WkAx0GeCX9aMcJ1y9c
33ramHtSSBEfqU6wK41GtcGHYus66V86i2V+lUKU0ybphEyk3WPn4xc+CioZ+dX+
+RUZ8D4YyykouZ8AAs6TGpk8dEgsnSnhc9FWMHPy0mOiqi+2/zcCCNKW9pGixgMN
wZPXDBQ7c5ZKcU3xRgfufKgUYxuqtLHKL/nPPDTq8f9EFhBOZtxTWfn/VXJ+9S+H
gHk=
-----END CERTIFICATE-----
Generated at Thu May 1 00:42:21 2025 by rpki-client