Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Hz9mMPrS2vU7DfAe3MBo6IhVQK0.roa
File: Hz9mMPrS2vU7DfAe3MBo6IhVQK0.roa (raw, json)
Hash identifier: AAUfsW/6wzgeuaV+ItOEoeRiXroB77Y95P36ASkvTKg=
Subject key identifier: 1F:3F:66:30:FA:D2:DA:F5:3B:0D:F0:1E:DC:C0:68:E8:88:55:40:AD
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A23D251CC19892751A1F1381F547C56FC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Hz9mMPrS2vU7DfAe3MBo6IhVQK0.roa
Signing time: Wed 23 Aug 2023 19:15:00 +0000
ROA not before: Wed 23 Aug 2023 19:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:23:d2:51:cc:19:89:27:51:a1:f1:38:1f:54:7c:56:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 23 19:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f3f6630fad2daf53b0df01edcc068e8885540ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2d:a3:22:9a:22:a5:90:9c:1e:f1:bf:9e:70:
92:c9:ee:da:01:0f:4b:96:0d:fc:d0:e2:32:55:44:
f6:63:0c:bb:e6:43:a4:37:be:47:d7:87:28:a9:60:
a4:41:76:ec:b1:c7:79:2c:a6:ec:2f:63:ce:0b:56:
7f:c9:4c:16:ce:5e:79:3e:56:47:8f:e5:f8:81:9c:
84:6e:d7:22:16:ea:51:be:ff:f7:c7:37:dd:98:9f:
dd:fa:06:79:66:0e:10:27:02:a8:42:7a:2c:3b:e8:
b9:de:5b:ba:66:31:30:cc:71:ef:aa:fd:af:58:86:
03:72:51:ba:84:89:f9:7d:b4:f8:33:59:27:d8:55:
cf:16:0b:d1:31:5a:f1:90:a9:8d:da:6c:b1:6b:aa:
6d:0f:8d:2a:30:e1:aa:2d:b3:bb:3c:12:c8:24:9a:
78:36:b6:56:3d:70:71:00:98:ec:bb:3e:ac:e3:31:
19:0c:05:56:ac:b7:2e:ee:0b:4d:91:96:18:64:aa:
2d:7d:a0:f4:d8:68:50:bb:a7:c4:12:ca:ab:f0:6f:
31:7c:12:ca:1f:be:30:74:80:72:35:42:61:d5:24:
95:68:6a:a4:7a:9f:74:19:0b:6f:ba:bb:aa:3d:ee:
f1:ec:59:b2:51:ed:1b:2f:44:cd:d0:e6:ac:9f:62:
8f:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:3F:66:30:FA:D2:DA:F5:3B:0D:F0:1E:DC:C0:68:E8:88:55:40:AD
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Hz9mMPrS2vU7DfAe3MBo6IhVQK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:72:13:2d:07:15:5b:e5:8c:3f:31:fd:d9:fa:ec:25:ee:74:
d4:6c:42:d7:08:a1:b6:61:e6:d9:eb:43:c8:09:1a:96:c1:52:
17:08:71:44:9c:c0:00:05:79:aa:a6:80:0c:4f:22:b0:af:79:
f8:75:da:3c:b9:6b:f4:ae:81:68:4d:fe:1c:92:57:7b:a0:9d:
87:92:49:2a:48:a8:6c:fc:1e:ea:71:7d:68:12:7d:9b:85:b8:
56:36:f3:76:8f:82:17:03:fd:24:94:bb:65:fe:56:fc:fa:91:
5a:6d:14:08:20:1f:03:d6:40:fe:25:9e:db:ca:17:6c:45:f5:
20:ab:f3:1e:f4:69:af:e0:e5:c3:89:fe:b0:a9:1e:e2:b4:3e:
f4:b2:d1:fa:fe:f8:35:35:da:62:38:6f:2d:81:14:74:5c:2c:
16:8f:60:53:4d:d9:99:cc:fe:3f:2c:e0:b4:7f:47:10:56:0b:
19:53:8f:29:53:5b:b3:f4:99:27:2c:d7:07:10:41:22:54:eb:
5d:8e:f8:7b:ec:cf:dc:52:c6:99:26:79:58:1a:75:a4:f6:0a:
d8:07:ff:33:05:be:23:ee:3f:62:b8:8c:61:cb:c2:d9:bd:18:
20:96:73:b2:d9:cf:4b:1f:5e:dd:be:c4:cf:c9:10:7f:d2:3e:
3b:b6:53:89
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoj0lHMGYknUaHxOB9UfFb8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIzMTkxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjNmNjYzMGZhZDJkYWY1M2IwZGYwMWVkY2MwNjhlODg4NTU0MGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvC2jIpoipZCcHvG/nnCSye7aAQ9L
lg380OIyVUT2Ywy75kOkN75H14coqWCkQXbsscd5LKbsL2POC1Z/yUwWzl55PlZH
j+X4gZyEbtciFupRvv/3xzfdmJ/d+gZ5Zg4QJwKoQnosO+i53lu6ZjEwzHHvqv2v
WIYDclG6hIn5fbT4M1kn2FXPFgvRMVrxkKmN2myxa6ptD40qMOGqLbO7PBLIJJp4
NrZWPXBxAJjsuz6s4zEZDAVWrLcu7gtNkZYYZKotfaD02GhQu6fEEsqr8G8xfBLK
H74wdIByNUJh1SSVaGqkep90GQtvuruqPe7x7FmyUe0bL0TN0Oasn2KPHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB8/ZjD60tr1Ow3wHtzAaOiIVUCtMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSHo5bU1QclMydlU3RGZBZTNNQm82SWhWUUswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGZyEy0HFVvljD8x/dn6
7CXudNRsQtcIobZh5tnrQ8gJGpbBUhcIcUScwAAFeaqmgAxPIrCvefh12jy5a/Su
gWhN/hySV3ugnYeSSSpIqGz8HupxfWgSfZuFuFY283aPghcD/SSUu2X+Vvz6kVpt
FAggHwPWQP4lntvKF2xF9SCr8x70aa/g5cOJ/rCpHuK0PvSy0fr++DU12mI4by2B
FHRcLBaPYFNN2ZnM/j8s4LR/RxBWCxlTjylTW7P0mScs1wcQQSJU612O+Hvsz9xS
xpkmeVgadaT2CtgH/zMFviPuP2K4jGHLwtm9GCCWc7LZz0sfXt2+xM/JEH/SPju2
U4k=
-----END CERTIFICATE-----
Generated at Thu May 1 11:17:13 2025 by rpki-client