Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Hneu7y4NP7qgdgR2-OXzG9PT8bQ.roa
File: Hneu7y4NP7qgdgR2-OXzG9PT8bQ.roa (raw, json)
Hash identifier: 5oeJ+2ECpPR3pC7PyM+DSQND+ywBPVOb/K867YjnvAw=
Subject key identifier: 1E:77:AE:EF:2E:0D:3F:BA:A0:76:04:76:F8:E5:F3:1B:D3:D3:F1:B4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018767DD3411E655F134C0D5F608BB40C967
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Hneu7y4NP7qgdgR2-OXzG9PT8bQ.roa
Signing time: Sun 09 Apr 2023 21:12:42 +0000
ROA not before: Sun 09 Apr 2023 21:12:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:67:dd:34:11:e6:55:f1:34:c0:d5:f6:08:bb:40:c9:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 9 21:12:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e77aeef2e0d3fbaa0760476f8e5f31bd3d3f1b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:df:16:c4:25:9e:6e:dc:bd:f8:c0:d6:1c:66:
f0:b0:8f:89:3b:e7:a4:b1:4c:77:d5:1a:93:a5:b0:
73:05:08:10:a1:54:da:69:66:86:c1:0c:8e:3c:ea:
26:c1:59:8e:71:94:7e:88:16:52:92:c9:85:73:85:
83:2e:ee:b8:44:30:6f:24:bc:89:ad:ef:aa:4c:d2:
58:e2:da:c5:f5:cc:92:df:61:0c:f7:1a:1b:71:38:
03:26:51:41:ef:8a:a2:49:5f:4d:82:16:79:41:ea:
6d:12:89:61:23:29:23:63:92:bf:6b:c3:80:e7:c8:
b5:3a:59:fe:0c:5b:57:68:d9:67:ac:97:0c:2c:d0:
fc:20:a5:b4:91:27:6e:83:31:29:8c:0e:de:15:6e:
3b:6e:ae:b1:7a:18:aa:d8:83:4e:d1:fc:7d:36:61:
81:b0:42:5c:1f:81:89:1b:32:86:b1:20:84:06:89:
74:b5:a9:c7:1a:4b:e7:9c:bf:3a:fc:8c:7e:79:78:
fc:27:77:1d:89:6a:7c:61:dc:37:60:fa:f4:eb:46:
d8:48:8b:af:d7:9c:d7:0b:73:d7:4e:31:42:99:cd:
1b:b3:df:ad:98:3e:86:c3:9c:e9:47:2f:d3:08:56:
5e:08:5d:f4:75:f7:29:34:b9:f0:90:33:a1:a2:03:
f6:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:77:AE:EF:2E:0D:3F:BA:A0:76:04:76:F8:E5:F3:1B:D3:D3:F1:B4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Hneu7y4NP7qgdgR2-OXzG9PT8bQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a6:ba:27:7d:3b:e4:33:8a:9a:f7:a1:0d:34:82:c8:c5:11:d6:
4f:2e:c4:af:65:ef:47:e7:4a:b3:63:25:94:6f:a8:e4:75:25:
81:c5:20:d7:b8:c4:23:f7:12:9f:42:cb:80:98:4a:3a:ea:a0:
20:93:c9:b8:b8:0f:e5:cc:08:df:1a:6b:40:76:b8:e5:c2:26:
44:37:eb:86:2d:64:55:e7:2b:64:94:c7:1c:8c:40:16:fd:00:
f6:d8:a4:2a:84:a0:82:7a:31:d1:75:2a:6b:1c:17:3d:84:8a:
77:92:21:08:bc:1c:51:fb:d6:e8:d7:48:3b:b3:d2:37:72:29:
8e:96:cb:20:69:4e:5b:59:08:5e:0e:0a:3c:63:c5:b5:e2:8a:
cf:be:df:0d:b2:08:1c:50:9a:05:ef:29:2a:fc:ef:1c:e1:ad:
1e:a8:f5:3e:ae:71:ca:2a:8c:e6:80:80:55:62:a3:a5:e7:5d:
3f:0d:99:67:33:42:1d:dc:95:45:68:e1:d2:83:9d:19:02:89:
95:2d:55:8d:02:9b:7b:dc:ff:92:ad:41:0b:dc:bf:e9:f7:6b:
71:7d:4f:33:fd:da:7b:b4:2a:3a:d7:bb:ea:bf:d3:73:58:95:
fd:ea:d0:e7:9c:6c:35:10:4d:b8:21:ec:52:9a:43:51:24:14:
4e:ce:b4:38
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYdn3TQR5lXxNMDV9gi7QMlnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDA5MjExMjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTc3YWVlZjJlMGQzZmJhYTA3NjA0NzZmOGU1ZjMxYmQzZDNmMWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgN8WxCWebty9+MDWHGbwsI+JO+ek
sUx31RqTpbBzBQgQoVTaaWaGwQyOPOomwVmOcZR+iBZSksmFc4WDLu64RDBvJLyJ
re+qTNJY4trF9cyS32EM9xobcTgDJlFB74qiSV9NghZ5QeptEolhIykjY5K/a8OA
58i1Oln+DFtXaNlnrJcMLND8IKW0kSdugzEpjA7eFW47bq6xehiq2INO0fx9NmGB
sEJcH4GJGzKGsSCEBol0tanHGkvnnL86/Ix+eXj8J3cdiWp8Ydw3YPr060bYSIuv
15zXC3PXTjFCmc0bs9+tmD6Gw5zpRy/TCFZeCF30dfcpNLnwkDOhogP2tQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB53ru8uDT+6oHYEdvjl8xvT0/G0MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSG5ldTd5NE5QN3FnZGdSMi1PWHpHOVBUOGJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKa6J3075DOKmvehDTSC
yMUR1k8uxK9l70fnSrNjJZRvqOR1JYHFINe4xCP3Ep9Cy4CYSjrqoCCTybi4D+XM
CN8aa0B2uOXCJkQ364YtZFXnK2SUxxyMQBb9APbYpCqEoIJ6MdF1KmscFz2EineS
IQi8HFH71ujXSDuz0jdyKY6WyyBpTltZCF4OCjxjxbXiis++3w2yCBxQmgXvKSr8
7xzhrR6o9T6uccoqjOaAgFVio6XnXT8NmWczQh3clUVo4dKDnRkCiZUtVY0Cm3vc
/5KtQQvcv+n3a3F9TzP92nu0KjrXu+q/03NYlf3q0OecbDUQTbgh7FKaQ1EkFE7O
tDg=
-----END CERTIFICATE-----
Generated at Thu May 1 11:57:08 2025 by rpki-client