Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HlUHWP3wvJMExnbEowPPCAKzrDg.roa
File: HlUHWP3wvJMExnbEowPPCAKzrDg.roa (raw, json)
Hash identifier: VTyNjEMenJehCisgugi11n316+7sSymsqNz3YO8s76E=
Subject key identifier: 1E:55:07:58:FD:F0:BC:93:04:C6:76:C4:A3:03:CF:08:02:B3:AC:38
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018672D1CD268C44CB6CFAC9C8BD46E790F9
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HlUHWP3wvJMExnbEowPPCAKzrDg.roa
Signing time: Tue 21 Feb 2023 07:13:17 +0000
ROA not before: Tue 21 Feb 2023 07:13:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:72:d1:cd:26:8c:44:cb:6c:fa:c9:c8:bd:46:e7:90:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 21 07:13:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e550758fdf0bc9304c676c4a303cf0802b3ac38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:cb:0d:1c:b2:7a:bd:ef:fc:96:65:92:2b:aa:
bc:f4:0c:c6:b9:44:c9:07:bf:d5:ca:89:61:96:18:
cd:a8:b4:d3:33:b6:45:02:e5:74:2c:7b:eb:8c:72:
ff:a6:a9:c0:59:57:34:32:81:0d:ce:48:c9:fb:e6:
2c:c6:a3:4a:6f:3c:5e:53:f6:ce:6c:35:dd:92:2a:
10:90:16:bc:15:1e:54:69:90:02:a5:5d:dd:86:43:
c1:88:3d:96:bf:79:4e:b7:d1:83:38:19:a8:d4:f6:
49:0f:51:52:96:82:e7:bb:59:ad:ee:ec:63:69:f5:
a2:4b:18:a9:02:46:50:fd:dc:a4:f8:45:76:3c:1f:
2b:c8:7a:09:31:02:f0:4a:98:98:86:91:51:57:a6:
bb:68:5b:c9:2c:3d:d8:ff:32:f4:b3:3b:f0:c6:fe:
c4:c2:ed:44:d9:0f:0e:5d:c1:02:c0:de:15:3c:21:
54:fb:19:f9:4b:6a:c5:0b:f0:75:77:60:01:7f:4e:
32:8a:5c:bd:6e:ba:81:c8:c7:d3:04:50:b9:f6:9c:
25:b2:d8:95:e9:11:ca:8e:3a:da:d1:ed:a7:e4:9c:
71:06:f3:a8:9a:d2:87:14:f4:67:ca:7d:d9:33:51:
55:ad:73:4b:53:5d:a9:86:cb:01:94:5b:ba:89:22:
63:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:55:07:58:FD:F0:BC:93:04:C6:76:C4:A3:03:CF:08:02:B3:AC:38
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HlUHWP3wvJMExnbEowPPCAKzrDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7c:37:7c:79:99:fd:5b:db:95:16:fa:89:04:b2:35:74:4a:9d:
e7:bb:9a:c1:8e:42:8f:e7:db:55:68:1f:b8:fc:a1:23:ca:c0:
be:d8:1a:63:e8:c9:a6:78:17:5f:6a:5c:0b:bc:8b:45:4a:ec:
f5:21:e9:31:d3:3d:89:38:48:0c:67:98:65:78:ef:f4:b9:66:
26:8c:46:f7:42:21:bb:86:af:45:22:95:ba:f0:f8:a0:aa:f0:
95:9a:79:b1:d8:be:62:d8:62:b5:1a:e5:68:ea:74:cb:29:f7:
70:9d:70:a3:66:1f:61:d4:38:93:3c:94:50:92:e5:87:f8:1d:
43:d7:1d:10:e8:fa:a8:ea:b5:52:e9:89:c2:c8:90:16:12:3c:
bb:e9:99:f0:68:20:79:ad:c2:b6:ff:cc:eb:b9:79:1c:67:78:
9d:c0:ca:d9:55:87:25:f1:0e:31:80:83:95:0d:e1:1f:7c:ec:
f8:87:87:f5:7e:10:0b:00:3b:76:4e:ed:05:d0:a9:62:66:58:
cc:84:11:24:a7:2a:13:fc:f1:49:67:aa:3e:be:47:27:3a:93:
d4:fd:48:06:03:ce:a4:bf:01:7c:69:38:85:ba:d3:99:8a:09:
40:c3:91:08:ce:86:c9:c0:ef:24:55:d6:85:ad:69:e4:e5:4a:
10:79:f1:32
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZy0c0mjETLbPrJyL1G55D5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIxMDcxMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTU1MDc1OGZkZjBiYzkzMDRjNjc2YzRhMzAzY2YwODAyYjNhYzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycsNHLJ6ve/8lmWSK6q89AzGuUTJ
B7/VyolhlhjNqLTTM7ZFAuV0LHvrjHL/pqnAWVc0MoENzkjJ++YsxqNKbzxeU/bO
bDXdkioQkBa8FR5UaZACpV3dhkPBiD2Wv3lOt9GDOBmo1PZJD1FSloLnu1mt7uxj
afWiSxipAkZQ/dyk+EV2PB8ryHoJMQLwSpiYhpFRV6a7aFvJLD3Y/zL0szvwxv7E
wu1E2Q8OXcECwN4VPCFU+xn5S2rFC/B1d2ABf04yily9brqByMfTBFC59pwlstiV
6RHKjjra0e2n5JxxBvOomtKHFPRnyn3ZM1FVrXNLU12phssBlFu6iSJjVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB5VB1j98LyTBMZ2xKMDzwgCs6w4MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSGxVSFdQM3d2Sk1FeG5iRW93UFBDQUt6ckRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHw3fHmZ/VvblRb6iQSy
NXRKnee7msGOQo/n21VoH7j8oSPKwL7YGmPoyaZ4F19qXAu8i0VK7PUh6THTPYk4
SAxnmGV47/S5ZiaMRvdCIbuGr0Uilbrw+KCq8JWaebHYvmLYYrUa5WjqdMsp93Cd
cKNmH2HUOJM8lFCS5Yf4HUPXHRDo+qjqtVLpicLIkBYSPLvpmfBoIHmtwrb/zOu5
eRxneJ3AytlVhyXxDjGAg5UN4R987PiHh/V+EAsAO3ZO7QXQqWJmWMyEESSnKhP8
8Ulnqj6+Ryc6k9T9SAYDzqS/AXxpOIW605mKCUDDkQjOhsnA7yRV1oWtaeTlShB5
8TI=
-----END CERTIFICATE-----
Generated at Wed Apr 30 23:37:32 2025 by rpki-client