Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HrqWW9yeis5JkCgGbJNQpXg0heM.roa
File: HrqWW9yeis5JkCgGbJNQpXg0heM.roa (raw, json)
Hash identifier: x061JIB+zEyP1THK9rE1e0Fca+l8OBNn4vsKGx9Ivs0=
Subject key identifier: 1E:BA:96:5B:DC:9E:8A:CE:49:90:28:06:6C:93:50:A5:78:34:85:E3
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189EDB6613586C1CA94CE334C01E305A8DB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HrqWW9yeis5JkCgGbJNQpXg0heM.roa
Signing time: Sun 13 Aug 2023 07:04:59 +0000
ROA not before: Sun 13 Aug 2023 07:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:edb5:dd41/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ed:b6:61:35:86:c1:ca:94:ce:33:4c:01:e3:05:a8:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 13 07:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1eba965bdc9e8ace499028066c9350a5783485e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:3f:dd:27:e3:4e:37:e5:5a:19:92:eb:24:ac:
96:c0:54:0a:62:2e:f4:cf:1b:2a:e8:85:d2:8e:28:
5a:e5:aa:d4:30:dd:84:2d:b7:cb:6a:0b:e2:ad:9e:
73:95:fe:41:1f:88:83:25:18:94:72:29:bd:87:ce:
c8:b4:88:a9:b5:b8:78:c7:51:eb:bd:03:21:cd:b6:
4f:e6:9f:ef:b2:85:14:93:33:8a:45:11:37:70:4b:
5e:ce:35:90:0e:10:ed:f2:37:e1:22:11:c6:9c:c5:
93:20:d9:74:3e:e6:e5:f0:14:96:9f:65:b4:5c:c2:
64:d0:6f:e6:26:74:e1:de:64:82:da:c7:4f:c9:c4:
55:43:d9:26:6f:66:86:e7:aa:5d:eb:bd:3e:e9:d6:
a8:01:41:58:c3:bc:fb:04:c9:45:99:3c:aa:58:5c:
6e:e5:3a:97:f7:cc:a5:d7:14:4f:01:5a:4c:49:06:
d0:15:bb:4b:4d:07:02:2a:f2:ae:28:53:d1:ca:b9:
3d:4e:4a:df:5a:81:2c:37:5a:ee:08:68:77:a9:d6:
76:58:c8:11:8a:9a:ab:07:8b:b6:88:51:9f:0d:23:
b3:8d:a0:af:ae:0c:69:07:b6:34:8d:e1:ce:cc:33:
31:d3:65:73:7a:22:3c:e2:d7:ca:3e:d9:73:b6:43:
4b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:BA:96:5B:DC:9E:8A:CE:49:90:28:06:6C:93:50:A5:78:34:85:E3
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HrqWW9yeis5JkCgGbJNQpXg0heM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
96:65:b2:d1:b1:3e:aa:80:74:b9:97:74:e3:a3:a8:e2:01:d4:
13:24:2c:3c:b9:60:d1:50:e4:77:85:4d:88:5f:91:0c:da:b3:
55:bd:6d:63:5d:7f:99:13:da:b5:d6:2e:a4:e6:09:0b:cb:9b:
98:28:47:f1:b2:cf:b0:ba:b9:d9:9b:e4:7d:81:28:a4:f4:c0:
d4:74:98:32:a6:d3:08:f5:12:dd:6d:93:8a:84:64:3b:47:32:
55:89:c9:ca:ba:87:5f:91:81:a7:70:a8:bf:cf:8d:ee:78:61:
00:88:3d:d9:95:0a:f8:fe:1d:6c:56:28:94:28:bc:38:2e:ef:
de:fd:dd:96:85:7f:0c:01:a3:0c:6c:06:bc:9e:6b:0d:a3:0b:
33:43:b5:fb:aa:15:b6:ed:33:03:52:a9:d7:92:e7:2f:c9:2c:
f5:07:37:9d:6a:94:49:77:25:b0:94:13:64:ba:38:2d:72:37:
0f:12:d6:35:7b:4e:ff:3b:63:14:73:b8:79:a3:fb:bf:b9:db:
10:8c:cd:ac:cf:d6:4e:f8:f9:03:8a:66:24:d9:da:73:53:78:
0f:71:88:d8:bd:a6:98:d4:57:4b:df:95:03:33:2a:e8:c6:00:
69:bc:06:ea:6e:41:5c:22:b2:25:79:7f:eb:52:14:ca:bc:d7:
c6:a9:31:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnttmE1hsHKlM4zTAHjBajbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODEzMDcwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWJhOTY1YmRjOWU4YWNlNDk5MDI4MDY2YzkzNTBhNTc4MzQ4NWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjz/dJ+NON+VaGZLrJKyWwFQKYi70
zxsq6IXSjiha5arUMN2ELbfLagvirZ5zlf5BH4iDJRiUcim9h87ItIiptbh4x1Hr
vQMhzbZP5p/vsoUUkzOKRRE3cEtezjWQDhDt8jfhIhHGnMWTINl0Publ8BSWn2W0
XMJk0G/mJnTh3mSC2sdPycRVQ9kmb2aG56pd670+6daoAUFYw7z7BMlFmTyqWFxu
5TqX98yl1xRPAVpMSQbQFbtLTQcCKvKuKFPRyrk9TkrfWoEsN1ruCGh3qdZ2WMgR
ipqrB4u2iFGfDSOzjaCvrgxpB7Y0jeHOzDMx02VzeiI84tfKPtlztkNLawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB66llvcnorOSZAoBmyTUKV4NIXjMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSHJxV1c5eWVpczVKa0NnR2JKTlFwWGcwaGVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJZlstGxPqqAdLmXdOOj
qOIB1BMkLDy5YNFQ5HeFTYhfkQzas1W9bWNdf5kT2rXWLqTmCQvLm5goR/Gyz7C6
udmb5H2BKKT0wNR0mDKm0wj1Et1tk4qEZDtHMlWJycq6h1+RgadwqL/Pje54YQCI
PdmVCvj+HWxWKJQovDgu79793ZaFfwwBowxsBryeaw2jCzNDtfuqFbbtMwNSqdeS
5y/JLPUHN51qlEl3JbCUE2S6OC1yNw8S1jV7Tv87YxRzuHmj+7+52xCMzazP1k74
+QOKZiTZ2nNTeA9xiNi9ppjUV0vflQMzKujGAGm8BupuQVwisiV5f+tSFMq818ap
MQE=
-----END CERTIFICATE-----
Generated at Wed Apr 30 23:12:35 2025 by rpki-client