Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/WHfmMaCVBqvjVEPWnviFNKOn2U4.roa
File: WHfmMaCVBqvjVEPWnviFNKOn2U4.roa (raw, json)
Hash identifier: iL8+KlmHqzSGiu1mnKwJ6djTIVpslLxk3wC1wSoKIo0=
Subject key identifier: 58:77:E6:31:A0:95:06:AB:E3:54:43:D6:9E:F8:85:34:A3:A7:D9:4E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186C3B7E0F7628E02E26A84E9D60B97F567
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/WHfmMaCVBqvjVEPWnviFNKOn2U4.roa
Signing time: Thu 09 Mar 2023 00:14:13 +0000
ROA not before: Thu 09 Mar 2023 00:14:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c3:b7:e0:f7:62:8e:02:e2:6a:84:e9:d6:0b:97:f5:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 9 00:14:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5877e631a09506abe35443d69ef88534a3a7d94e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:8c:00:81:5f:fe:99:94:63:37:12:c6:cb:78:
b4:81:a0:b3:fe:31:a3:45:07:19:2a:8f:0d:5b:33:
e7:4f:40:c3:08:c5:3e:23:56:66:31:7d:89:29:b4:
17:37:29:80:57:65:b6:9e:f6:4a:b6:9c:f6:6c:14:
b7:49:02:40:10:0c:5d:ca:84:d2:92:44:d1:e5:c4:
1d:42:cf:dd:1f:be:7c:e7:2f:ff:bd:49:0b:c4:ca:
a7:f9:9f:12:b6:70:65:7d:7c:a5:d6:06:38:e2:a8:
6c:b7:6e:d7:88:0f:df:b3:7a:cc:d5:d5:b5:c4:86:
ad:a0:ef:bc:43:1f:fc:6a:78:2f:8a:e7:2e:d2:60:
34:13:ca:58:5d:1d:e2:0d:af:20:f8:d0:fa:05:40:
32:fc:f1:76:c5:66:ce:eb:cf:fd:d2:64:60:07:f9:
f3:67:f3:0d:a0:a2:c2:f4:18:b4:70:63:46:ce:e1:
25:1e:91:20:ae:11:f0:62:20:97:d2:99:06:03:f5:
33:2e:0a:2a:bc:28:fd:89:d2:8d:01:b5:99:e6:4e:
94:a4:93:c0:17:7f:ec:6c:5f:45:35:49:8a:70:f8:
ab:08:aa:0f:5c:1b:f0:27:ce:d5:6b:33:15:66:46:
bf:85:b9:84:16:6a:7f:79:2f:68:21:ab:7a:00:7c:
ce:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:77:E6:31:A0:95:06:AB:E3:54:43:D6:9E:F8:85:34:A3:A7:D9:4E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/WHfmMaCVBqvjVEPWnviFNKOn2U4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
41:df:56:6c:9e:37:79:a7:89:5e:ec:f0:1c:c3:1d:f9:96:5b:
60:6e:8a:29:61:aa:d2:54:1b:3a:90:46:d7:82:f7:a3:73:9e:
7a:a3:c5:fe:f5:0f:cf:9a:0b:ff:27:ae:f3:56:34:22:a3:c8:
97:64:dc:95:07:ab:eb:02:e9:3f:ac:05:34:96:fb:de:44:f9:
62:07:a9:41:11:79:c7:55:ce:76:27:8a:89:4f:98:6e:99:19:
44:a5:0c:c7:71:48:d5:b1:83:e7:c6:66:75:da:f3:57:e0:f0:
37:f1:7e:88:76:6e:b8:3d:6a:31:57:7c:33:23:cc:f4:ff:0a:
08:ef:38:0b:ec:19:82:93:b4:70:e5:bf:6a:94:e9:3e:6b:35:
d6:7e:51:d9:16:ca:ff:36:36:c5:15:15:60:71:15:91:22:c7:
e3:c8:22:38:a2:e7:bd:60:e5:99:7f:5c:8f:a0:b9:a8:8f:33:
e1:08:0b:79:ac:00:30:64:a4:04:0d:54:05:43:9a:97:4d:17:
22:21:b5:70:00:7a:57:56:82:4f:f8:f4:10:ac:d0:cb:64:26:
22:71:7b:6e:c0:b3:a9:5e:14:84:ec:14:2e:ac:fc:45:6e:3d:
f1:46:dd:d2:82:4b:eb:17:2a:5e:08:e7:4a:55:09:ae:7b:f8:
b0:07:81:4a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbDt+D3Yo4C4mqE6dYLl/VnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA5MDAxNDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODc3ZTYzMWEwOTUwNmFiZTM1NDQzZDY5ZWY4ODUzNGEzYTdkOTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYwAgV/+mZRjNxLGy3i0gaCz/jGj
RQcZKo8NWzPnT0DDCMU+I1ZmMX2JKbQXNymAV2W2nvZKtpz2bBS3SQJAEAxdyoTS
kkTR5cQdQs/dH7585y//vUkLxMqn+Z8StnBlfXyl1gY44qhst27XiA/fs3rM1dW1
xIatoO+8Qx/8angviucu0mA0E8pYXR3iDa8g+ND6BUAy/PF2xWbO68/90mRgB/nz
Z/MNoKLC9Bi0cGNGzuElHpEgrhHwYiCX0pkGA/UzLgoqvCj9idKNAbWZ5k6UpJPA
F3/sbF9FNUmKcPirCKoPXBvwJ87VazMVZka/hbmEFmp/eS9oIat6AHzOFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFh35jGglQar41RD1p74hTSjp9lOMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvV0hmbU1hQ1ZCcXZqVkVQV252aUZOS09uMlU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEHfVmyeN3mniV7s8BzD
HfmWW2BuiilhqtJUGzqQRteC96Nznnqjxf71D8+aC/8nrvNWNCKjyJdk3JUHq+sC
6T+sBTSW+95E+WIHqUERecdVznYniolPmG6ZGUSlDMdxSNWxg+fGZnXa81fg8Dfx
foh2brg9ajFXfDMjzPT/CgjvOAvsGYKTtHDlv2qU6T5rNdZ+UdkWyv82NsUVFWBx
FZEix+PIIjii571g5Zl/XI+guaiPM+EIC3msADBkpAQNVAVDmpdNFyIhtXAAeldW
gk/49BCs0MtkJiJxe27As6leFITsFC6s/EVuPfFG3dKCS+sXKl4I50pVCa57+LAH
gUo=
-----END CERTIFICATE-----
Generated at Thu May 1 07:21:49 2025 by rpki-client