Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Hzhn1Cjci-Ngyglrmb_agS32yug.roa
File: Hzhn1Cjci-Ngyglrmb_agS32yug.roa (raw, json)
Hash identifier: zq5AB37gC4Kby9mznbv475aEzVZZp7JtSP/juECodKI=
Subject key identifier: 1F:38:67:D4:28:DC:8B:E3:60:CA:09:6B:99:BF:DA:81:2D:F6:CA:E8
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01851D6597709A0DD09F93AB9E86095F7F0E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Hzhn1Cjci-Ngyglrmb_agS32yug.roa
Signing time: Sat 17 Dec 2022 00:04:35 +0000
ROA not before: Sat 17 Dec 2022 00:04:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:185:1d65:284d/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1d:65:97:70:9a:0d:d0:9f:93:ab:9e:86:09:5f:7f:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 17 00:04:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f3867d428dc8be360ca096b99bfda812df6cae8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:90:a3:de:97:4e:1a:6f:8f:f3:83:52:04:d4:
e3:ff:ac:33:d2:22:40:1a:22:20:6c:93:41:a8:99:
01:22:e0:5d:c1:23:15:9b:8f:99:02:3e:3d:7b:82:
e2:69:69:17:9f:76:31:67:ab:f7:77:06:13:c3:30:
c6:51:ec:c5:42:69:78:8d:9b:82:f6:5b:a9:7a:aa:
79:c2:92:e2:aa:16:ba:0b:90:b9:a2:01:50:e0:1c:
79:cc:e6:f3:58:36:54:8e:d8:39:40:a7:c7:ce:e9:
e6:c6:b8:31:3a:de:0e:01:f8:af:9a:79:5c:e3:cc:
e8:f2:1f:ba:6d:b5:f4:4a:aa:4f:46:5f:7e:66:59:
67:1c:c5:57:20:fe:3d:77:dd:78:c8:7f:03:6d:25:
79:df:fb:01:5f:3b:41:06:bb:90:7e:4b:48:88:d3:
e6:b2:78:5d:ff:e2:85:12:90:f2:a5:2d:f0:d7:95:
0b:0e:a9:94:4f:36:c5:d5:05:16:68:c6:f2:35:64:
2c:5b:97:da:24:7f:5d:f4:c1:e6:6f:af:9c:38:93:
52:8c:16:34:4b:73:53:33:d8:9a:fa:7b:cc:cb:2a:
db:1a:b3:f9:27:45:bc:93:f5:da:60:ce:02:8a:39:
fd:cf:7a:6e:b4:e6:d3:c0:b6:62:e8:16:3b:19:30:
29:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:38:67:D4:28:DC:8B:E3:60:CA:09:6B:99:BF:DA:81:2D:F6:CA:E8
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Hzhn1Cjci-Ngyglrmb_agS32yug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8c:cf:02:d7:35:ea:66:82:5d:ba:0b:47:ff:5d:08:d7:31:6f:
9a:dd:3f:ff:e8:13:e7:b3:79:ea:2e:e5:06:9a:13:b7:0c:47:
44:36:fb:49:41:54:af:bb:a1:b9:b9:64:c1:b8:b8:07:8c:1d:
18:41:70:3b:74:46:f8:45:fe:69:85:66:32:3e:9e:63:53:df:
13:32:01:97:30:64:42:c3:f3:98:de:73:b8:92:0e:b5:fa:b2:
99:e7:c6:be:14:e4:e2:f0:f3:98:34:79:2f:36:ee:24:a5:ec:
34:ae:a8:e6:e0:36:4c:c1:28:0e:3d:36:d6:38:34:d0:d0:d5:
ec:a7:66:54:36:ab:98:df:ca:b6:d7:dd:96:83:fc:9d:7c:26:
01:ff:cb:7f:36:de:c0:8c:32:cc:d5:ae:de:ae:f9:c0:04:88:
d1:df:e1:d2:44:d7:b9:a4:a6:d6:0e:23:03:06:84:d9:4b:1c:
12:1f:03:c6:95:73:8d:46:8b:df:ce:a2:c8:40:2b:df:3b:74:
4b:a2:20:3a:8a:cf:51:bb:de:32:d4:6e:91:b8:cd:b5:02:b0:
f7:40:29:6e:18:04:52:2c:dc:9e:9b:9d:d3:3c:8b:c4:18:38:
76:50:aa:f7:56:fb:19:c0:d1:bd:e5:2e:79:2e:b7:6f:78:46:
6e:45:4b:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUdZZdwmg3Qn5OrnoYJX38OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE3MDAwNDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjM4NjdkNDI4ZGM4YmUzNjBjYTA5NmI5OWJmZGE4MTJkZjZjYWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJCj3pdOGm+P84NSBNTj/6wz0iJA
GiIgbJNBqJkBIuBdwSMVm4+ZAj49e4LiaWkXn3YxZ6v3dwYTwzDGUezFQml4jZuC
9lupeqp5wpLiqha6C5C5ogFQ4Bx5zObzWDZUjtg5QKfHzunmxrgxOt4OAfivmnlc
48zo8h+6bbX0SqpPRl9+ZllnHMVXIP49d914yH8DbSV53/sBXztBBruQfktIiNPm
snhd/+KFEpDypS3w15ULDqmUTzbF1QUWaMbyNWQsW5faJH9d9MHmb6+cOJNSjBY0
S3NTM9ia+nvMyyrbGrP5J0W8k/XaYM4Cijn9z3putObTwLZi6BY7GTApCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB84Z9Qo3IvjYMoJa5m/2oEt9sroMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSHpobjFDamNpLU5neWdscm1iX2FnUzMyeXVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIzPAtc16maCXboLR/9d
CNcxb5rdP//oE+ezeeou5QaaE7cMR0Q2+0lBVK+7obm5ZMG4uAeMHRhBcDt0RvhF
/mmFZjI+nmNT3xMyAZcwZELD85jec7iSDrX6spnnxr4U5OLw85g0eS827iSl7DSu
qObgNkzBKA49NtY4NNDQ1eynZlQ2q5jfyrbX3ZaD/J18JgH/y3823sCMMszVrt6u
+cAEiNHf4dJE17mkptYOIwMGhNlLHBIfA8aVc41Gi9/OoshAK987dEuiIDqKz1G7
3jLUbpG4zbUCsPdAKW4YBFIs3J6bndM8i8QYOHZQqvdW+xnA0b3lLnkut294Rm5F
S+E=
-----END CERTIFICATE-----
Generated at Thu May 1 14:59:08 2025 by rpki-client