Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HteCUJyIHWxPQWvJVR7VYxK3ATw.roa
File: HteCUJyIHWxPQWvJVR7VYxK3ATw.roa (raw, json)
Hash identifier: jSSG/LLNE+1yoDQFNvgKI1nPPI/UQDNofbFhm0ZnKOU=
Subject key identifier: 1E:D7:82:50:9C:88:1D:6C:4F:41:6B:C9:55:1E:D5:63:12:B7:01:3C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01868BEDAEEC6D6C90036EE1CF2185168AFF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HteCUJyIHWxPQWvJVR7VYxK3ATw.roa
Signing time: Sun 26 Feb 2023 04:14:15 +0000
ROA not before: Sun 26 Feb 2023 04:14:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:8b:ed:ae:ec:6d:6c:90:03:6e:e1:cf:21:85:16:8a:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 26 04:14:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ed782509c881d6c4f416bc9551ed56312b7013c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5d:50:c7:1f:43:f6:8f:b3:f7:ed:df:60:97:
88:e0:e3:ac:3e:71:a5:5c:f8:a2:c7:70:36:2b:9f:
ca:03:4c:ff:7f:23:43:94:9f:9c:5e:dc:df:23:4d:
44:33:5f:fd:9e:9b:dc:89:e8:a8:ae:6e:11:c5:e0:
19:db:46:87:9a:3e:23:cd:5f:97:6c:e6:4a:68:90:
92:6d:f1:e0:8e:32:b3:d7:2b:c6:7b:3e:a0:c0:dd:
a9:f8:12:75:3a:46:db:bf:74:c7:c0:20:a7:28:c4:
5e:88:b1:57:8d:68:f6:e1:a2:79:2d:00:82:df:99:
cf:d3:e4:bb:e2:15:10:87:4b:9e:09:b5:bf:5f:27:
39:80:af:4f:cc:23:00:77:7a:17:0c:3a:4b:78:0e:
c7:5a:f4:96:72:bd:a4:55:49:92:ad:21:28:2e:ff:
05:96:f1:8f:5b:e6:ab:f8:d8:4e:a1:ed:05:66:a0:
46:bd:12:6d:50:1a:77:61:40:be:bc:e7:a4:55:f6:
69:13:db:e5:45:bf:4a:06:03:7e:49:a9:72:4f:30:
37:b5:bd:ef:87:c0:4a:f8:ee:81:24:4f:26:64:b1:
39:8d:20:06:30:7f:74:75:6d:17:99:fc:29:cd:b1:
ac:dd:8c:1b:cf:26:11:47:3d:4d:b6:e5:a7:cd:d1:
ab:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D7:82:50:9C:88:1D:6C:4F:41:6B:C9:55:1E:D5:63:12:B7:01:3C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HteCUJyIHWxPQWvJVR7VYxK3ATw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
08:38:f2:a7:8e:66:83:fe:f7:16:ce:8e:d0:cf:33:1a:11:53:
57:a7:0f:3b:ea:aa:1e:0e:85:c3:4c:8a:e3:46:c2:3f:92:2c:
58:5b:65:ee:b6:df:e3:21:49:cb:d0:ff:64:ae:a7:1b:d6:78:
d7:8d:46:90:08:bc:79:74:8a:b4:53:58:65:f6:c8:3b:a7:7a:
ab:d6:1c:29:f8:89:58:e9:cb:be:b6:db:89:0f:9c:d0:90:05:
40:15:a1:e3:e7:04:68:89:98:8e:c6:10:da:87:1b:c5:a5:09:
7e:a9:f3:bd:f2:fb:e5:0d:f2:dc:35:27:14:81:ac:a5:07:4f:
2c:78:ff:6f:46:53:4f:07:35:f0:dc:68:2f:12:7b:8a:ed:8e:
a0:23:af:fb:eb:61:32:2c:04:f5:a6:76:16:e0:58:8e:76:84:
de:78:45:6b:6b:3d:da:48:e5:c8:ba:a9:6f:0b:88:0c:24:4d:
d8:34:44:98:db:67:77:57:97:6f:4f:8e:50:4d:57:cd:94:e9:
13:d8:23:57:22:2c:22:22:43:31:41:68:9e:d3:35:f9:bd:56:
98:6a:ab:79:c4:24:9a:7f:33:f5:26:ed:e4:ac:33:42:b5:7b:
d8:b9:d4:ae:66:e3:e3:2d:48:5d:3b:82:a9:8e:c8:83:48:e1:
7a:04:bb:90
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaL7a7sbWyQA27hzyGFFor/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI2MDQxNDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWQ3ODI1MDljODgxZDZjNGY0MTZiYzk1NTFlZDU2MzEyYjcwMTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtV1Qxx9D9o+z9+3fYJeI4OOsPnGl
XPiix3A2K5/KA0z/fyNDlJ+cXtzfI01EM1/9npvcieiorm4RxeAZ20aHmj4jzV+X
bOZKaJCSbfHgjjKz1yvGez6gwN2p+BJ1Okbbv3THwCCnKMReiLFXjWj24aJ5LQCC
35nP0+S74hUQh0ueCbW/Xyc5gK9PzCMAd3oXDDpLeA7HWvSWcr2kVUmSrSEoLv8F
lvGPW+ar+NhOoe0FZqBGvRJtUBp3YUC+vOekVfZpE9vlRb9KBgN+SalyTzA3tb3v
h8BK+O6BJE8mZLE5jSAGMH90dW0XmfwpzbGs3YwbzyYRRz1NtuWnzdGrtwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB7XglCciB1sT0FryVUe1WMStwE8MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSHRlQ1VKeUlIV3hQUVd2SlZSN1ZZeEszQVR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAg48qeOZoP+9xbOjtDP
MxoRU1enDzvqqh4OhcNMiuNGwj+SLFhbZe623+MhScvQ/2SupxvWeNeNRpAIvHl0
irRTWGX2yDuneqvWHCn4iVjpy76224kPnNCQBUAVoePnBGiJmI7GENqHG8WlCX6p
873y++UN8tw1JxSBrKUHTyx4/29GU08HNfDcaC8Se4rtjqAjr/vrYTIsBPWmdhbg
WI52hN54RWtrPdpI5ci6qW8LiAwkTdg0RJjbZ3dXl29PjlBNV82U6RPYI1ciLCIi
QzFBaJ7TNfm9Vphqq3nEJJp/M/Um7eSsM0K1e9i51K5m4+MtSF07gqmOyINI4XoE
u5A=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:26:39 2025 by rpki-client