Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hEe-g29eXKHXUW15z1Gpma4Pnic.roa
File: hEe-g29eXKHXUW15z1Gpma4Pnic.roa (raw, json)
Hash identifier: IeuLo8w2wNQkxsSnTA77UY1WUntCgUP6W0nxbgafO+o=
Subject key identifier: 84:47:BE:83:6F:5E:5C:A1:D7:51:6D:79:CF:51:A9:99:AE:0F:9E:27
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 81BBC6DF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hEe-g29eXKHXUW15z1Gpma4Pnic.roa
Signing time: Fri 06 May 2022 19:04:25 +0000
ROA not before: Fri 06 May 2022 19:04:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:8961:505f/128 maxlen: 128
2001:67c:64:ffff:0:180:9ac2:4681/128 maxlen: 128
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2176567007 (0x81bbc6df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 6 19:04:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8447be836f5e5ca1d7516d79cf51a999ae0f9e27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f0:81:c3:7a:ed:68:f1:76:92:93:bb:16:15:
a6:49:7f:10:bc:7c:93:ff:91:4c:8a:3e:42:8a:af:
bb:51:83:ee:a1:e8:63:b7:68:eb:70:17:21:0c:b4:
54:55:de:46:0f:c8:8a:56:2e:ca:79:97:2d:81:7f:
0a:b3:db:e3:0d:81:65:15:81:f7:26:c5:25:93:37:
db:b4:19:68:45:87:69:d0:e9:28:6f:39:3b:c7:a5:
b2:13:35:54:cd:74:d0:b2:d8:d1:b0:c3:82:2b:f3:
ab:86:08:89:96:db:ac:e3:df:7a:d1:12:96:c5:48:
a8:62:c4:8d:a1:d1:8b:1f:b4:6c:e8:dc:07:64:6c:
29:da:55:a0:bc:c3:b7:8e:bd:06:6a:3e:1a:82:d4:
1e:92:41:a4:f4:06:38:a3:73:36:48:89:bf:73:bc:
80:84:35:c0:0d:7a:97:25:e0:bb:cd:0a:66:c8:f3:
06:ab:2e:d7:cf:d0:bf:26:0d:e7:0b:23:e3:b8:5f:
39:27:7d:cc:28:3a:12:72:d5:70:a5:24:1b:db:de:
ab:f9:d2:79:65:87:52:2a:ff:39:b9:47:1c:9d:bc:
30:83:b2:c2:25:38:ca:c3:c9:d5:0c:b3:d8:6e:ae:
0e:6a:af:56:25:80:b2:e9:73:2b:66:ca:99:d7:c0:
c4:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:47:BE:83:6F:5E:5C:A1:D7:51:6D:79:CF:51:A9:99:AE:0F:9E:27
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hEe-g29eXKHXUW15z1Gpma4Pnic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:26:08:7f:4e:3d:78:7d:0b:24:2c:a9:c4:ed:79:30:8c:da:
c8:82:ca:1c:f1:8d:72:54:bd:42:13:e8:e7:a8:22:78:27:3e:
5b:94:a2:33:76:85:27:d0:de:c5:11:51:30:c9:01:55:6c:bf:
cc:a0:9b:77:60:b7:5e:db:65:e2:c3:0d:74:7d:7e:fa:7f:69:
6a:be:7c:50:ba:41:89:2d:05:fc:d2:9f:4c:2f:8e:5f:71:6b:
21:34:1d:1e:7e:2a:e0:e5:8a:bd:9c:54:38:cf:88:81:7f:d1:
1a:19:28:51:d7:4e:57:be:c0:6c:99:c0:64:ea:ff:b4:3f:f7:
47:78:a3:65:21:a2:29:8e:fc:70:61:b2:3e:07:62:23:59:d6:
cc:b6:53:b1:11:43:2b:5a:86:82:84:5f:75:8c:ab:73:50:af:
91:ba:61:43:b6:d1:20:2a:5a:87:13:b2:70:90:65:5c:57:3d:
6b:b2:8c:58:bb:a3:0e:a3:51:5a:ab:d1:cf:f5:49:c0:08:a7:
fc:21:15:d4:9a:47:09:de:e0:2a:fc:8b:fb:51:6f:54:9f:fb:
59:28:db:4b:2c:17:6c:f8:5c:46:88:e6:bc:28:2c:46:7a:3a:
9a:44:41:0f:68:51:30:aa:f6:16:5e:43:71:c9:dc:d7:2c:d9:
cb:2c:a6:fe
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIG7xt8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MDYxOTA0MjVaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDg0NDdiZTgzNmY1
ZTVjYTFkNzUxNmQ3OWNmNTFhOTk5YWUwZjllMjcwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC58IHDeu1o8XaSk7sWFaZJfxC8fJP/kUyKPkKKr7tRg+6h
6GO3aOtwFyEMtFRV3kYPyIpWLsp5ly2Bfwqz2+MNgWUVgfcmxSWTN9u0GWhFh2nQ
6ShvOTvHpbITNVTNdNCy2NGww4Ir86uGCImW26zj33rREpbFSKhixI2h0YsftGzo
3AdkbCnaVaC8w7eOvQZqPhqC1B6SQaT0BjijczZIib9zvICENcANepcl4LvNCmbI
8warLtfP0L8mDecLI+O4XzknfcwoOhJy1XClJBvb3qv50nllh1Iq/zm5RxydvDCD
ssIlOMrDydUMs9hurg5qr1YlgLLpcytmypnXwMTHAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUhEe+g29eXKHXUW15z1Gpma4PnicwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9oRWUtZzI5ZVhLSFhVVzE1ejFHcG1hNFBuaWMucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAHiYIf049eH0LJCypxO15MIzayILKHPGNclS9
QhPo56gieCc+W5SiM3aFJ9DexRFRMMkBVWy/zKCbd2C3Xttl4sMNdH1++n9par58
ULpBiS0F/NKfTC+OX3FrITQdHn4q4OWKvZxUOM+IgX/RGhkoUddOV77AbJnAZOr/
tD/3R3ijZSGiKY78cGGyPgdiI1nWzLZTsRFDK1qGgoRfdYyrc1CvkbphQ7bRICpa
hxOycJBlXFc9a7KMWLujDqNRWqvRz/VJwAin/CEV1JpHCd7gKvyL+1FvVJ/7WSjb
SywXbPhcRojmvCgsRno6mkRBD2hRMKr2Fl5Dccnc1yzZyyym/g==
-----END CERTIFICATE-----
Generated at Sat May 3 07:35:28 2025 by rpki-client