Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HqRXrJnB16uL36x22zGgGKdYqMk.roa
File: HqRXrJnB16uL36x22zGgGKdYqMk.roa (raw, json)
Hash identifier: OfN/1Mb+O4iEvNPRvLVkdLg7Jr/kf68yqDT0/PrnCzI=
Subject key identifier: 1E:A4:57:AC:99:C1:D7:AB:8B:DF:AC:76:DB:31:A0:18:A7:58:A8:C9
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186B3DEFCAD8DDE45FEF4FEE79F5F7228BE
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HqRXrJnB16uL36x22zGgGKdYqMk.roa
Signing time: Sun 05 Mar 2023 22:23:00 +0000
ROA not before: Sun 05 Mar 2023 22:23:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b3:de:fc:ad:8d:de:45:fe:f4:fe:e7:9f:5f:72:28:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 5 22:23:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ea457ac99c1d7ab8bdfac76db31a018a758a8c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b8:10:df:27:e2:47:ec:50:5b:07:c6:57:d7:
3e:96:dd:f5:2d:30:e9:29:d2:09:76:80:ff:0a:3e:
6c:f1:80:b0:c1:67:4d:27:a8:45:e1:bd:e7:87:90:
41:5d:0e:59:af:04:85:5c:a4:75:c2:c0:38:72:c3:
79:2b:00:27:5f:c3:01:9d:99:8d:af:0a:e1:73:b7:
52:8b:8f:e2:e6:56:f2:5d:ca:97:94:d5:36:63:61:
d5:83:6b:bd:f3:c7:a2:1c:1f:ee:23:a3:48:fe:6b:
20:8e:06:07:51:c6:d3:73:43:73:e8:ac:5d:47:89:
74:06:c5:4f:0f:f0:5c:75:8f:fa:75:b3:3b:c0:f6:
31:85:52:ea:a0:39:77:27:7d:ad:30:ac:84:92:66:
84:c9:06:34:84:ad:d1:fe:f8:97:2f:86:89:a8:fc:
19:e9:21:01:cb:3b:59:fd:ba:01:1e:6e:0a:48:ff:
a1:f8:0d:93:74:2c:74:f2:4c:3a:5c:c5:07:01:7b:
ff:af:20:15:71:72:1b:37:ae:89:0f:4c:44:e4:de:
5f:ee:6c:b8:91:3f:ed:7a:6d:23:36:5d:6b:5f:b6:
4b:d8:76:7b:81:fd:5d:bb:b9:d9:50:ac:99:56:f1:
35:5f:1f:74:44:c8:d5:e2:b5:78:ed:2b:4c:ab:72:
31:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:A4:57:AC:99:C1:D7:AB:8B:DF:AC:76:DB:31:A0:18:A7:58:A8:C9
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HqRXrJnB16uL36x22zGgGKdYqMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7e:b2:a4:5b:63:5e:09:aa:68:b2:ef:41:f2:5f:98:60:4d:4e:
8a:49:7f:d3:3d:b6:a6:1f:6a:5f:7c:d6:d7:6d:18:64:f6:7c:
81:3a:51:00:2e:dc:8e:06:eb:8f:63:3a:a6:00:e4:47:91:2f:
4f:ac:12:52:32:79:85:c8:18:e6:aa:08:97:21:bf:82:61:17:
9d:26:9b:dd:36:34:7a:f7:43:a2:4c:67:93:2e:05:d7:96:cd:
5e:41:58:b9:80:66:a3:80:56:8a:24:eb:29:c0:9a:a5:bc:17:
20:42:77:ab:3c:79:05:6a:ce:f7:44:a5:1c:07:d6:a1:30:99:
89:5c:6e:cb:32:2f:7b:d3:66:c8:be:f7:cb:39:6b:ac:89:63:
89:b1:fb:d9:af:47:34:48:98:1f:8f:25:d5:76:32:4b:b1:fc:
3b:7e:0c:ab:ae:22:05:62:f5:40:c3:5a:a7:17:89:18:e1:9d:
9e:c7:a2:38:fd:41:29:33:29:4e:9e:12:f8:4e:0e:81:09:09:
59:df:57:46:b8:f6:cf:0d:9e:39:c6:de:c7:45:1e:40:41:6e:
cf:41:39:e9:03:80:79:c0:d0:22:3f:d4:5d:2f:91:d8:e7:11:
b8:83:9a:0e:f8:72:d9:df:82:3b:42:2d:76:1e:96:c8:29:78:
7b:ba:0f:98
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaz3vytjd5F/vT+559fcii+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA1MjIyMzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWE0NTdhYzk5YzFkN2FiOGJkZmFjNzZkYjMxYTAxOGE3NThhOGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLgQ3yfiR+xQWwfGV9c+lt31LTDp
KdIJdoD/Cj5s8YCwwWdNJ6hF4b3nh5BBXQ5ZrwSFXKR1wsA4csN5KwAnX8MBnZmN
rwrhc7dSi4/i5lbyXcqXlNU2Y2HVg2u988eiHB/uI6NI/msgjgYHUcbTc0Nz6Kxd
R4l0BsVPD/BcdY/6dbM7wPYxhVLqoDl3J32tMKyEkmaEyQY0hK3R/viXL4aJqPwZ
6SEByztZ/boBHm4KSP+h+A2TdCx08kw6XMUHAXv/ryAVcXIbN66JD0xE5N5f7my4
kT/tem0jNl1rX7ZL2HZ7gf1du7nZUKyZVvE1Xx90RMjV4rV47StMq3IxKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB6kV6yZwderi9+sdtsxoBinWKjJMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSHFSWHJKbkIxNnVMMzZ4MjJ6R2dHS2RZcU1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH6ypFtjXgmqaLLvQfJf
mGBNTopJf9M9tqYfal981tdtGGT2fIE6UQAu3I4G649jOqYA5EeRL0+sElIyeYXI
GOaqCJchv4JhF50mm902NHr3Q6JMZ5MuBdeWzV5BWLmAZqOAVook6ynAmqW8FyBC
d6s8eQVqzvdEpRwH1qEwmYlcbssyL3vTZsi+98s5a6yJY4mx+9mvRzRImB+PJdV2
Mkux/Dt+DKuuIgVi9UDDWqcXiRjhnZ7Hojj9QSkzKU6eEvhODoEJCVnfV0a49s8N
njnG3sdFHkBBbs9BOekDgHnA0CI/1F0vkdjnEbiDmg74ctnfgjtCLXYelsgpeHu6
D5g=
-----END CERTIFICATE-----
Generated at Fri May 2 13:51:49 2025 by rpki-client