Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HrhAMSdSkEORSAWnsVkvyv1IGbA.roa
File: HrhAMSdSkEORSAWnsVkvyv1IGbA.roa (raw, json)
Hash identifier: S2RZpJsqVcUa5lTTswufh8+VRQSv0ehFcbi34z0Ch7k=
Subject key identifier: 1E:B8:40:31:27:52:90:43:91:48:05:A7:B1:59:2F:CA:FD:48:19:B0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186172E80BA9A48B16C9CDA5272BB608960
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HrhAMSdSkEORSAWnsVkvyv1IGbA.roa
Signing time: Fri 03 Feb 2023 12:09:28 +0000
ROA not before: Fri 03 Feb 2023 12:09:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:17:2e:80:ba:9a:48:b1:6c:9c:da:52:72:bb:60:89:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 3 12:09:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1eb8403127529043914805a7b1592fcafd4819b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:5c:d4:e3:71:81:1b:bb:b5:f8:06:be:0c:3a:
c3:e6:32:c0:7a:65:47:f6:0a:a1:1b:81:28:1b:51:
98:ee:f8:56:bf:d2:8d:31:2b:f5:74:f3:31:93:7f:
a6:58:84:9e:af:fb:d1:11:03:a2:e3:94:f5:66:69:
9b:c8:0b:19:82:74:a2:29:56:0c:b7:1c:62:bc:0f:
e2:2a:a1:3d:61:f9:cd:08:d0:b7:23:3e:36:c9:8e:
54:e8:cd:51:52:c5:83:a6:ad:11:1d:bb:e8:cd:83:
1b:96:28:fb:a6:8e:7c:4e:f1:32:4d:6b:72:d0:22:
60:68:46:ee:12:fc:9a:87:8c:26:78:e4:27:bb:57:
80:08:3f:bf:ad:f5:2a:f8:e6:e4:69:ea:db:e3:e9:
97:69:0c:58:b8:60:98:50:4b:5f:57:ff:56:3e:9b:
93:28:f0:dc:cb:e1:03:67:4b:76:dd:17:10:fe:cb:
35:ce:8a:ba:17:fe:a8:ba:d9:e4:ab:0a:24:ac:ea:
7e:29:dc:01:a0:72:e2:f1:28:0f:79:c7:ae:b8:a9:
48:4c:88:6e:de:00:9c:e6:41:1e:34:d2:81:fd:67:
0d:c3:64:35:d3:9a:6f:f6:df:29:42:d3:b6:45:81:
b4:70:d6:5a:67:37:c6:1a:37:96:ba:39:a5:27:fe:
04:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B8:40:31:27:52:90:43:91:48:05:A7:B1:59:2F:CA:FD:48:19:B0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HrhAMSdSkEORSAWnsVkvyv1IGbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:ea:8c:98:64:0c:3a:72:bb:02:33:28:1d:4d:3e:d9:af:37:
25:a2:26:25:49:e4:a5:ae:96:70:d2:42:ef:a0:92:b7:b1:63:
26:84:76:c1:d2:2a:8c:f2:a4:1d:06:40:b4:12:eb:42:18:cd:
c7:53:32:83:d8:22:d1:2b:5e:e6:66:0b:8c:d3:07:f5:e2:aa:
c5:1f:3e:31:7d:d0:79:45:4c:00:4a:85:f0:77:04:16:5e:a8:
5e:a1:37:f2:ef:36:bb:ff:6b:c0:1a:93:a6:b3:ee:5d:a5:9a:
d1:fc:eb:8c:4d:49:ad:13:02:9b:71:77:34:5f:76:a2:23:0b:
86:17:0f:fd:29:a2:24:6b:a1:cf:5e:5c:c7:d4:83:3f:6c:9c:
a5:a2:df:25:69:89:06:b4:aa:20:2f:ea:37:a0:cd:7e:0d:86:
b0:2e:6f:a0:19:1a:1a:47:2d:eb:49:44:6f:2f:39:03:20:bf:
64:d7:e7:94:16:3a:12:03:1f:37:22:53:75:e3:19:30:61:f5:
2f:20:db:e6:5f:ab:ce:1e:a3:91:0c:cb:85:55:eb:c6:69:85:
08:c4:87:59:a3:dc:39:a7:0b:08:63:a2:3f:c1:f9:c8:83:8e:
27:60:19:5e:78:81:2b:8c:65:a0:2c:31:88:ae:15:82:a5:ef:
4c:97:8d:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYXLoC6mkixbJzaUnK7YIlgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjAzMTIwOTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWI4NDAzMTI3NTI5MDQzOTE0ODA1YTdiMTU5MmZjYWZkNDgxOWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFzU43GBG7u1+Aa+DDrD5jLAemVH
9gqhG4EoG1GY7vhWv9KNMSv1dPMxk3+mWISer/vREQOi45T1ZmmbyAsZgnSiKVYM
txxivA/iKqE9YfnNCNC3Iz42yY5U6M1RUsWDpq0RHbvozYMblij7po58TvEyTWty
0CJgaEbuEvyah4wmeOQnu1eACD+/rfUq+Obkaerb4+mXaQxYuGCYUEtfV/9WPpuT
KPDcy+EDZ0t23RcQ/ss1zoq6F/6outnkqwokrOp+KdwBoHLi8SgPeceuuKlITIhu
3gCc5kEeNNKB/WcNw2Q105pv9t8pQtO2RYG0cNZaZzfGGjeWujmlJ/4EKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB64QDEnUpBDkUgFp7FZL8r9SBmwMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSHJoQU1TZFNrRU9SU0FXbnNWa3Z5djFJR2JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHbqjJhkDDpyuwIzKB1N
PtmvNyWiJiVJ5KWulnDSQu+gkrexYyaEdsHSKozypB0GQLQS60IYzcdTMoPYItEr
XuZmC4zTB/XiqsUfPjF90HlFTABKhfB3BBZeqF6hN/LvNrv/a8Aak6az7l2lmtH8
64xNSa0TAptxdzRfdqIjC4YXD/0poiRroc9eXMfUgz9snKWi3yVpiQa0qiAv6jeg
zX4NhrAub6AZGhpHLetJRG8vOQMgv2TX55QWOhIDHzciU3XjGTBh9S8g2+Zfq84e
o5EMy4VV68ZphQjEh1mj3DmnCwhjoj/B+ciDjidgGV54gSuMZaAsMYiuFYKl70yX
jUY=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:31:55 2025 by rpki-client