Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NHqiKKKFBVe1WErURYW8fWXG74g.roa
File: NHqiKKKFBVe1WErURYW8fWXG74g.roa (raw, json)
Hash identifier: UJz+xnzcF6Vk9OyqSZ83rPAggwV0sbVrbb92MNEJglU=
Subject key identifier: 34:7A:A2:28:A2:85:05:57:B5:58:4A:D4:45:85:BC:7D:65:C6:EF:88
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0182A84B2C8398BD21EF97582AC3B64CCF3D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NHqiKKKFBVe1WErURYW8fWXG74g.roa
Signing time: Tue 16 Aug 2022 20:14:35 +0000
ROA not before: Tue 16 Aug 2022 20:14:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a8:4b:2c:83:98:bd:21:ef:97:58:2a:c3:b6:4c:cf:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 16 20:14:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=347aa228a2850557b5584ad44585bc7d65c6ef88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:53:b6:3d:d2:6d:32:ff:c9:c5:46:d1:32:cf:
21:4e:ff:7b:cd:e5:bb:57:0c:59:ea:3e:a0:37:6d:
05:98:8b:ad:f1:ee:8a:75:e9:cc:cc:a3:38:7b:1e:
36:79:ce:10:fa:86:7d:1f:46:c8:57:fc:9f:d0:68:
a2:a6:cf:b5:d8:3d:dd:7d:4f:f8:7d:39:b9:dd:1b:
51:43:0d:45:06:d3:b8:71:27:c5:d0:34:4a:bf:6b:
dd:30:58:a5:22:88:9c:68:f2:82:89:15:8a:5c:d1:
4d:84:91:b8:5d:40:e6:0a:bf:78:97:cf:dc:e4:9e:
54:01:f2:eb:8c:ff:d9:28:37:f3:03:6d:19:bc:d7:
41:ad:42:89:98:7e:8d:26:04:b4:58:b1:f9:68:ee:
89:96:ed:66:9c:f2:c1:83:93:a8:4d:ad:c1:64:3b:
51:c7:d8:94:e6:a9:3c:d2:5c:99:4a:74:0d:60:ff:
6d:d9:17:be:cd:ee:14:94:27:c2:c1:a9:9b:79:27:
f7:a6:b8:b4:78:4d:5f:43:34:83:97:57:ae:76:23:
b7:d0:b3:83:fe:28:ee:e3:f1:4a:71:12:ba:f1:41:
7c:15:54:26:7d:03:6c:d0:a5:46:da:31:dc:cb:1d:
39:1d:a3:1f:a6:3f:09:cb:1a:38:90:b9:70:41:e0:
7d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:7A:A2:28:A2:85:05:57:B5:58:4A:D4:45:85:BC:7D:65:C6:EF:88
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NHqiKKKFBVe1WErURYW8fWXG74g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
75:41:68:0c:c0:de:64:71:36:b8:c7:81:72:c0:1f:60:83:7b:
cb:12:cd:8a:2e:a3:6c:68:e9:6b:75:14:2c:4c:67:f2:8f:28:
b9:4d:57:3b:d0:9e:6b:6f:d1:b9:cd:60:42:b3:b3:9a:d1:ef:
d4:59:e7:29:11:eb:ce:65:98:59:f0:5b:f4:2d:3f:bb:86:2a:
13:34:1b:c6:9b:03:80:59:56:de:4e:b6:48:c8:12:2a:69:73:
85:c0:c3:9f:2c:da:be:cf:41:fa:78:66:f0:52:7f:b9:bd:1e:
75:00:70:9b:ef:e7:c7:6b:2a:68:68:14:c7:fc:91:24:08:97:
ef:54:fc:06:c0:00:0c:83:5d:38:0a:06:51:ce:f0:37:fb:24:
b9:06:17:59:df:5d:51:d3:ea:e0:92:bc:e2:36:d9:d1:f3:90:
b3:00:e9:82:be:c7:ce:9c:89:26:9e:ae:36:2d:a3:aa:0d:5c:
e9:6a:9c:27:f7:0f:95:42:da:3c:98:89:32:53:36:45:44:62:
b1:69:85:dd:23:97:79:41:6d:c4:db:be:6a:b4:32:7f:07:89:
7f:8c:d7:82:5b:40:14:01:f4:5e:56:90:5e:29:b5:1f:28:14:
77:6b:5c:61:a3:ea:21:47:56:e6:e8:68:b5:1c:9a:29:0f:84:
7e:39:a5:30
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYKoSyyDmL0h75dYKsO2TM89MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwODE2MjAxNDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDdhYTIyOGEyODUwNTU3YjU1ODRhZDQ0NTg1YmM3ZDY1YzZlZjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lO2PdJtMv/JxUbRMs8hTv97zeW7
VwxZ6j6gN20FmIut8e6KdenMzKM4ex42ec4Q+oZ9H0bIV/yf0Giips+12D3dfU/4
fTm53RtRQw1FBtO4cSfF0DRKv2vdMFilIoicaPKCiRWKXNFNhJG4XUDmCr94l8/c
5J5UAfLrjP/ZKDfzA20ZvNdBrUKJmH6NJgS0WLH5aO6Jlu1mnPLBg5OoTa3BZDtR
x9iU5qk80lyZSnQNYP9t2Re+ze4UlCfCwambeSf3pri0eE1fQzSDl1eudiO30LOD
/iju4/FKcRK68UF8FVQmfQNs0KVG2jHcyx05HaMfpj8Jyxo4kLlwQeB9GQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDR6oiiihQVXtVhK1EWFvH1lxu+IMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTkhxaUtLS0ZCVmUxV0VyVVJZVzhmV1hHNzRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHVBaAzA3mRxNrjHgXLA
H2CDe8sSzYouo2xo6Wt1FCxMZ/KPKLlNVzvQnmtv0bnNYEKzs5rR79RZ5ykR685l
mFnwW/QtP7uGKhM0G8abA4BZVt5OtkjIEippc4XAw58s2r7PQfp4ZvBSf7m9HnUA
cJvv58drKmhoFMf8kSQIl+9U/AbAAAyDXTgKBlHO8Df7JLkGF1nfXVHT6uCSvOI2
2dHzkLMA6YK+x86ciSaerjYto6oNXOlqnCf3D5VC2jyYiTJTNkVEYrFphd0jl3lB
bcTbvmq0Mn8HiX+M14JbQBQB9F5WkF4ptR8oFHdrXGGj6iFHVuboaLUcmikPhH45
pTA=
-----END CERTIFICATE-----
Generated at Thu May 1 23:59:42 2025 by rpki-client