Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/h145YrcA52JkKCiY8upxRryBrPQ.roa
File: h145YrcA52JkKCiY8upxRryBrPQ.roa (raw, json)
Hash identifier: O/qaGJlmHGbpiE/8a7eSdUpKAznEqzjoI0Cf6fTf7EQ=
Subject key identifier: 87:5E:39:62:B7:00:E7:62:64:28:28:98:F2:EA:71:46:BC:81:AC:F4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01873B344858190386A31843B699CE6B15AB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/h145YrcA52JkKCiY8upxRryBrPQ.roa
Signing time: Sat 01 Apr 2023 05:04:54 +0000
ROA not before: Sat 01 Apr 2023 05:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:187:3b34:dc/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:3b:34:48:58:19:03:86:a3:18:43:b6:99:ce:6b:15:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 1 05:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=875e3962b700e76264282898f2ea7146bc81acf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:99:ba:2a:60:77:7f:32:08:0b:85:05:a4:22:
40:ce:74:ab:6d:ff:f5:2f:6d:62:21:d8:d9:81:d6:
65:56:4e:98:83:5d:21:42:76:02:04:8c:a2:27:fb:
20:90:13:0c:ab:82:80:b7:ce:c9:c7:54:01:bb:95:
3e:b9:74:bb:9b:75:27:97:28:ce:07:3b:38:1d:92:
bd:c8:9d:2a:a0:b6:20:57:44:eb:08:bf:d0:c0:36:
26:6f:42:8e:9e:63:6f:fe:98:53:b4:b8:a3:aa:7b:
9c:67:5f:e3:49:65:da:7c:84:ac:e2:af:5b:eb:2c:
be:6d:89:33:36:e8:29:2f:ae:c5:88:1f:18:87:ff:
7a:bd:be:81:39:72:35:1d:02:01:26:3e:75:6d:54:
c0:c3:d8:af:2d:ac:f0:b3:2b:8a:9c:50:6b:73:d6:
7d:c5:7e:af:f1:2c:bf:d0:b6:ba:58:46:96:7d:7b:
c3:bf:c0:a9:c1:2f:62:0d:20:cb:13:2c:0d:aa:1b:
ff:ee:74:06:d3:09:c5:b5:45:c4:ee:ec:91:41:c3:
f4:b4:1f:ac:44:72:c1:ca:5a:85:a3:73:dd:52:d8:
ef:47:e2:d7:9e:c2:56:74:ab:6a:56:45:01:c5:cc:
15:07:c0:24:60:5a:59:75:a1:1b:74:b6:c4:bd:b9:
7b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:5E:39:62:B7:00:E7:62:64:28:28:98:F2:EA:71:46:BC:81:AC:F4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/h145YrcA52JkKCiY8upxRryBrPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:b7:66:9c:5e:66:d9:d4:9c:f4:0f:ad:ad:17:43:57:11:c0:
76:b1:12:97:07:52:99:47:6f:d8:8e:e2:75:1d:f1:16:64:00:
ec:31:17:49:f7:9c:63:f3:a8:94:bb:a9:94:96:ad:09:28:94:
d8:6f:1a:97:2d:3e:b3:44:95:90:0f:13:11:7f:02:d6:a1:3c:
7d:3e:52:91:c2:3a:57:65:bc:f5:c3:0d:7d:07:82:d8:18:fa:
ab:b1:a5:5a:4b:0d:b6:d5:d3:ff:1a:a8:fb:3f:96:a4:a2:53:
8c:a6:26:f0:90:6a:ff:f0:78:95:88:df:a3:00:f3:be:93:50:
b4:7d:90:72:d0:9c:47:c7:dc:de:a9:5c:77:a9:70:01:02:24:
73:4f:84:a9:0e:e1:8b:19:90:c6:4f:0c:11:44:8a:9f:4c:87:
29:c3:d3:91:12:5f:a4:bc:fb:cc:27:5c:14:ba:d4:1a:53:0e:
c8:13:a7:d9:83:70:24:c9:05:bf:96:16:56:1d:37:0a:de:57:
20:2f:95:9f:ce:3c:d4:c6:8e:c8:69:04:59:73:fc:63:ed:82:
6e:bb:f7:09:75:29:01:65:7b:2a:82:b4:f4:f3:de:1c:f3:e5:
5e:47:35:34:af:d2:91:1a:fb:46:c7:35:04:29:22:8a:86:74:
8f:30:aa:9b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYc7NEhYGQOGoxhDtpnOaxWrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDAxMDUwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzVlMzk2MmI3MDBlNzYyNjQyODI4OThmMmVhNzE0NmJjODFhY2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJm6KmB3fzIIC4UFpCJAznSrbf/1
L21iIdjZgdZlVk6Yg10hQnYCBIyiJ/sgkBMMq4KAt87Jx1QBu5U+uXS7m3UnlyjO
Bzs4HZK9yJ0qoLYgV0TrCL/QwDYmb0KOnmNv/phTtLijqnucZ1/jSWXafISs4q9b
6yy+bYkzNugpL67FiB8Yh/96vb6BOXI1HQIBJj51bVTAw9ivLazwsyuKnFBrc9Z9
xX6v8Sy/0La6WEaWfXvDv8CpwS9iDSDLEywNqhv/7nQG0wnFtUXE7uyRQcP0tB+s
RHLBylqFo3PdUtjvR+LXnsJWdKtqVkUBxcwVB8AkYFpZdaEbdLbEvbl7cQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIdeOWK3AOdiZCgomPLqcUa8gaz0MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaDE0NVlyY0E1MkprS0NpWTh1cHhScnlCclBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGG3ZpxeZtnUnPQPra0X
Q1cRwHaxEpcHUplHb9iO4nUd8RZkAOwxF0n3nGPzqJS7qZSWrQkolNhvGpctPrNE
lZAPExF/AtahPH0+UpHCOldlvPXDDX0HgtgY+quxpVpLDbbV0/8aqPs/lqSiU4ym
JvCQav/weJWI36MA876TULR9kHLQnEfH3N6pXHepcAECJHNPhKkO4YsZkMZPDBFE
ip9MhynD05ESX6S8+8wnXBS61BpTDsgTp9mDcCTJBb+WFlYdNwreVyAvlZ/OPNTG
jshpBFlz/GPtgm679wl1KQFleyqCtPTz3hzz5V5HNTSv0pEa+0bHNQQpIoqGdI8w
qps=
-----END CERTIFICATE-----
Generated at Thu May 1 07:54:58 2025 by rpki-client