Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fhaOcr420bFZ8qb8pbjAFvRKBds.roa
File: fhaOcr420bFZ8qb8pbjAFvRKBds.roa (raw, json)
Hash identifier: KSGX2PKU+/mW7Q5bD+GZcm2AKRV2rnItaGqwKZW41ws=
Subject key identifier: 7E:16:8E:72:BE:36:D1:B1:59:F2:A6:FC:A5:B8:C0:16:F4:4A:05:DB
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 8DA53EC5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fhaOcr420bFZ8qb8pbjAFvRKBds.roa
Signing time: Fri 17 Jun 2022 22:08:44 +0000
ROA not before: Fri 17 Jun 2022 22:08:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:181:56ba:5b78/128 maxlen: 128
2001:67c:64:ffff:0:181:22f:7a99/128 maxlen: 128
2001:67c:64:ffff:0:181:477e:58d8/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2376416965 (0x8da53ec5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 17 22:08:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e168e72be36d1b159f2a6fca5b8c016f44a05db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:81:ef:d2:09:78:7e:de:42:ce:8c:3f:86:5a:
8f:da:e3:7e:60:45:00:2e:dc:ca:8d:14:db:fd:98:
ff:69:7c:c1:2f:31:86:b9:a9:40:1e:97:af:5c:51:
96:b3:0c:f6:56:64:73:fc:6e:16:3e:e7:12:44:95:
42:e0:ca:21:57:e4:16:d3:89:2b:5a:27:ac:bb:38:
f6:3f:da:16:ef:af:b0:3c:87:c2:ae:b2:c8:a5:ce:
08:82:d5:90:11:83:f3:3d:39:cc:6a:bd:32:37:74:
33:85:d1:dc:59:25:7a:1d:c1:b3:ab:a8:38:26:ed:
85:b8:64:95:4b:95:b3:a8:85:c7:40:d5:34:4a:d4:
a6:88:55:99:f9:71:9c:56:02:10:11:65:d8:82:82:
b9:06:f4:e7:c8:79:55:f9:22:05:28:11:52:2a:52:
90:7a:a0:b7:54:62:80:49:cc:1d:ad:f7:85:35:3e:
d2:66:6c:e1:54:5a:99:b8:9c:31:df:59:39:a1:83:
b5:18:1c:dc:48:5f:70:f6:2a:3d:a8:3b:a2:35:5c:
df:23:6d:fa:7d:56:49:5b:2e:58:1c:0d:dd:07:7f:
61:84:e6:38:08:d7:6b:90:4e:84:d5:26:e3:02:75:
14:5e:5e:2a:09:e1:93:8a:5f:29:30:82:93:ad:7d:
ef:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:16:8E:72:BE:36:D1:B1:59:F2:A6:FC:A5:B8:C0:16:F4:4A:05:DB
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/fhaOcr420bFZ8qb8pbjAFvRKBds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
88:ba:b4:be:5a:77:13:38:a5:c3:d4:74:d1:e2:5f:58:6f:38:
20:c8:81:41:6c:aa:e5:49:f8:5b:5d:77:47:0a:1f:fd:87:26:
cc:de:7b:1f:04:78:5c:69:1a:eb:09:48:ee:80:1b:76:d2:61:
d8:ae:7e:2e:c8:29:84:48:1a:93:71:ad:ca:f9:af:f4:ea:a2:
c1:51:42:d5:c4:1c:dc:b0:ae:f1:34:35:e5:6d:e0:5c:4a:dc:
2e:0b:69:04:6d:76:c2:7d:3a:72:9d:9f:3e:4d:b1:70:a4:38:
50:88:56:ad:e0:57:49:97:df:3e:c7:c5:d3:03:f4:83:b9:f3:
cf:a8:b2:8b:de:05:90:fd:93:e5:42:42:ee:5a:cb:35:67:a4:
c2:f2:2c:1e:3a:37:c0:63:1c:d6:2e:18:91:72:41:ed:91:3e:
82:c9:7d:dc:3a:55:2d:00:75:24:47:f9:ec:cd:6a:28:10:39:
80:a9:e1:ca:1d:e6:70:b3:fb:85:69:c1:52:09:3f:54:e0:53:
63:85:3b:d9:55:38:c5:50:77:ad:33:cf:2d:92:41:38:78:0c:
02:75:63:3b:9c:25:a5:75:1c:d9:75:b9:8d:78:de:fa:aa:73:
cf:a5:ef:58:08:50:25:a8:8d:29:5f:a2:4c:95:19:69:ae:d0:
2a:f7:45:60
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAI2lPsUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA2
MTcyMjA4NDRaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDdlMTY4ZTcyYmUz
NmQxYjE1OWYyYTZmY2E1YjhjMDE2ZjQ0YTA1ZGIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCege/SCXh+3kLOjD+GWo/a435gRQAu3MqNFNv9mP9pfMEv
MYa5qUAel69cUZazDPZWZHP8bhY+5xJElULgyiFX5BbTiStaJ6y7OPY/2hbvr7A8
h8KussilzgiC1ZARg/M9OcxqvTI3dDOF0dxZJXodwbOrqDgm7YW4ZJVLlbOohcdA
1TRK1KaIVZn5cZxWAhARZdiCgrkG9OfIeVX5IgUoEVIqUpB6oLdUYoBJzB2t94U1
PtJmbOFUWpm4nDHfWTmhg7UYHNxIX3D2Kj2oO6I1XN8jbfp9VklbLlgcDd0Hf2GE
5jgI12uQToTVJuMCdRReXioJ4ZOKXykwgpOtfe9ZAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUfhaOcr420bFZ8qb8pbjAFvRKBdswHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9maGFPY3I0MjBiRlo4cWI4cGJqQUZ2UktCZHMucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAiLq0vlp3Ezilw9R00eJfWG84IMiBQWyq5Un4
W113Rwof/YcmzN57HwR4XGka6wlI7oAbdtJh2K5+LsgphEgak3Gtyvmv9OqiwVFC
1cQc3LCu8TQ15W3gXErcLgtpBG12wn06cp2fPk2xcKQ4UIhWreBXSZffPsfF0wP0
g7nzz6iyi94FkP2T5UJC7lrLNWekwvIsHjo3wGMc1i4YkXJB7ZE+gsl93DpVLQB1
JEf57M1qKBA5gKnhyh3mcLP7hWnBUgk/VOBTY4U72VU4xVB3rTPPLZJBOHgMAnVj
O5wlpXUc2XW5jXje+qpzz6XvWAhQJaiNKV+iTJUZaa7QKvdFYA==
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:44:16 2025 by rpki-client