Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hFtLotV4pzdgD1trp31Hv_YD7v8.roa
File: hFtLotV4pzdgD1trp31Hv_YD7v8.roa (raw, json)
Hash identifier: biXwrDdqPLvQn9vEVpm0bWTRawTxfRPDxO03oqJs+/E=
Subject key identifier: 84:5B:4B:A2:D5:78:A7:37:60:0F:5B:6B:A7:7D:47:BF:F6:03:EE:FF
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018738A11A4A5FF6DDFA2BC4C4881E7B3651
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hFtLotV4pzdgD1trp31Hv_YD7v8.roa
Signing time: Fri 31 Mar 2023 17:04:54 +0000
ROA not before: Fri 31 Mar 2023 17:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:187:38a0:6f19/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:38:a1:1a:4a:5f:f6:dd:fa:2b:c4:c4:88:1e:7b:36:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 31 17:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=845b4ba2d578a737600f5b6ba77d47bff603eeff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9d:5d:d8:c0:07:2b:f8:9f:ed:c8:44:6f:a2:
ed:df:e0:d4:47:59:3e:f6:d4:5d:df:1d:5d:a4:d2:
1e:69:38:26:81:d0:30:18:0c:f0:7b:a3:8f:e1:a1:
66:61:cb:d0:b6:8f:57:da:5a:a4:c8:13:b3:f4:9a:
92:53:ef:33:9f:09:c7:87:6c:bb:c8:64:83:54:19:
45:37:69:ef:4d:ae:70:cd:5f:2a:6d:4f:cb:cf:f7:
8b:00:67:b5:37:66:4b:96:30:23:62:2b:57:f9:f6:
01:4a:c3:77:c7:65:48:cf:01:7e:72:e3:e9:91:0e:
08:01:a9:24:e5:dc:a6:37:e0:26:cb:75:9f:78:69:
68:21:b7:a2:e7:85:b7:bf:13:09:ff:06:eb:ff:d6:
c6:87:a0:e1:cb:11:4e:ae:2c:ff:05:82:23:1f:ef:
5b:eb:b6:0f:33:79:dd:0b:96:30:ea:af:4a:7b:5f:
0e:97:aa:ed:a7:b9:67:4b:e5:1f:e8:2b:40:39:6e:
4b:67:1b:4d:f6:0f:b4:40:bb:a4:57:2f:73:88:e2:
e1:15:c3:e5:b8:61:a2:19:86:47:e1:f6:bd:71:71:
8b:eb:65:39:4e:61:95:e8:94:0a:d1:f8:d6:d7:56:
8b:c4:4b:da:bf:fd:cd:7e:ef:7f:30:f1:17:61:e1:
3f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:5B:4B:A2:D5:78:A7:37:60:0F:5B:6B:A7:7D:47:BF:F6:03:EE:FF
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hFtLotV4pzdgD1trp31Hv_YD7v8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:21:b7:f4:fc:40:a1:17:0c:20:94:a7:37:8c:b0:b5:86:b7:
c3:ba:10:4b:5b:06:9a:98:34:03:5f:dd:d5:ad:e9:77:68:d9:
93:3e:18:2c:2d:f7:e9:f9:6d:17:18:6c:85:35:1f:09:32:13:
51:8f:d5:4c:b6:4d:20:00:e7:71:17:b2:63:df:56:ac:76:93:
01:0f:4e:a9:b3:09:eb:85:ce:76:28:b6:bc:02:6d:34:e4:b9:
cd:3b:e1:7d:c6:dc:11:6a:a8:14:15:72:fd:aa:6b:3d:d7:c1:
e7:5f:3e:22:28:77:0b:4b:73:99:5c:5f:b2:9e:10:d4:44:cd:
51:7f:5b:7f:bd:0b:55:24:0f:80:38:5e:40:35:ee:33:7d:73:
a1:63:4b:c2:b0:ad:f2:e6:20:fc:a5:93:d7:d0:c3:22:2a:47:
4f:25:4b:89:6e:c9:86:81:e8:ed:af:3f:d7:80:eb:df:d4:9d:
e0:19:5e:6b:b0:d3:55:ad:25:e4:fd:02:b8:4b:61:df:dc:6a:
d0:8b:90:9b:29:35:8a:3d:b1:e0:44:82:84:17:cc:38:f6:58:
e4:62:7f:a6:a7:c0:b7:a6:74:9b:d4:48:44:ae:84:3e:a4:47:
99:10:12:2e:bb:af:e6:c3:b7:55:57:03:3f:29:e2:3b:f6:5f:
e0:96:af:2b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYc4oRpKX/bd+ivExIgeezZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzMxMTcwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDViNGJhMmQ1NzhhNzM3NjAwZjViNmJhNzdkNDdiZmY2MDNlZWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJ1d2MAHK/if7chEb6Lt3+DUR1k+
9tRd3x1dpNIeaTgmgdAwGAzwe6OP4aFmYcvQto9X2lqkyBOz9JqSU+8znwnHh2y7
yGSDVBlFN2nvTa5wzV8qbU/Lz/eLAGe1N2ZLljAjYitX+fYBSsN3x2VIzwF+cuPp
kQ4IAakk5dymN+Amy3WfeGloIbei54W3vxMJ/wbr/9bGh6DhyxFOriz/BYIjH+9b
67YPM3ndC5Yw6q9Ke18Ol6rtp7lnS+Uf6CtAOW5LZxtN9g+0QLukVy9ziOLhFcPl
uGGiGYZH4fa9cXGL62U5TmGV6JQK0fjW11aLxEvav/3Nfu9/MPEXYeE/nwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIRbS6LVeKc3YA9ba6d9R7/2A+7/MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaEZ0TG90VjRwemRnRDF0cnAzMUh2X1lEN3Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI4ht/T8QKEXDCCUpzeM
sLWGt8O6EEtbBpqYNANf3dWt6Xdo2ZM+GCwt9+n5bRcYbIU1HwkyE1GP1Uy2TSAA
53EXsmPfVqx2kwEPTqmzCeuFznYotrwCbTTkuc074X3G3BFqqBQVcv2qaz3Xwedf
PiIodwtLc5lcX7KeENREzVF/W3+9C1UkD4A4XkA17jN9c6FjS8KwrfLmIPylk9fQ
wyIqR08lS4luyYaB6O2vP9eA69/UneAZXmuw01WtJeT9ArhLYd/catCLkJspNYo9
seBEgoQXzDj2WORif6anwLemdJvUSESuhD6kR5kQEi67r+bDt1VXAz8p4jv2X+CW
rys=
-----END CERTIFICATE-----
Generated at Thu May 1 21:19:19 2025 by rpki-client