Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hJyLWHK20MltK1oyeMetrMamA4w.roa
File: hJyLWHK20MltK1oyeMetrMamA4w.roa (raw, json)
Hash identifier: HDTLeV6u8ZSLUIasBiozq29nALELiNwqCNtHdYus8dA=
Subject key identifier: 84:9C:8B:58:72:B6:D0:C9:6D:2B:5A:32:78:C7:AD:AC:C6:A6:03:8C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185045079E34E36928D347C31F0E310A8FF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hJyLWHK20MltK1oyeMetrMamA4w.roa
Signing time: Mon 12 Dec 2022 03:11:00 +0000
ROA not before: Mon 12 Dec 2022 03:11:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:04:50:79:e3:4e:36:92:8d:34:7c:31:f0:e3:10:a8:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 12 03:11:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=849c8b5872b6d0c96d2b5a3278c7adacc6a6038c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b9:29:e1:22:ab:d7:db:d9:7a:e7:0c:fa:d9:
b8:c5:cd:d9:84:f5:df:6a:a3:1c:d6:7b:8f:b6:a8:
68:ea:4e:43:fb:23:b0:b1:5b:88:25:b2:9f:a1:f2:
90:41:b6:0a:20:5d:c2:76:78:c8:8c:c7:1c:1b:c4:
8e:3d:f3:94:da:55:1a:db:62:3f:57:8e:7d:d0:7d:
c6:4c:88:ac:f8:ce:52:f4:03:fe:fc:bb:66:36:f5:
6e:f7:5e:af:db:a6:d1:24:e0:34:40:4f:3f:0e:2d:
9b:6a:ff:84:3d:67:62:8e:c0:bc:a2:90:9e:91:43:
0a:71:16:b3:b7:45:8e:e4:a6:68:67:38:30:97:40:
f7:f5:57:93:2c:8a:30:b7:f8:ff:a6:59:59:1f:29:
e2:b0:7b:09:13:32:f3:24:cd:69:c6:ab:57:21:76:
ff:24:ef:fc:a3:c0:79:cc:5e:fb:5f:a3:2a:03:6d:
33:ca:53:d7:ce:9f:e9:8d:bf:4c:3a:8e:b9:55:56:
a0:d6:95:ad:32:b3:2f:9b:17:02:cb:de:70:e0:f3:
9c:8f:92:23:b8:25:34:bb:42:38:ae:ce:f9:3d:54:
60:cb:7e:72:af:a7:c3:09:68:4e:d9:93:93:e6:90:
82:35:50:e2:dc:70:35:d9:dc:59:33:51:a8:cb:ad:
61:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:9C:8B:58:72:B6:D0:C9:6D:2B:5A:32:78:C7:AD:AC:C6:A6:03:8C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hJyLWHK20MltK1oyeMetrMamA4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
42:6f:54:22:57:c0:bc:13:7f:06:88:52:5f:76:60:25:a0:01:
62:c5:33:b5:5b:b0:87:25:6f:f3:b3:f3:37:2b:fa:5a:a1:12:
7c:08:5f:98:90:94:e2:37:16:c3:ba:13:e5:5e:65:05:05:70:
b6:71:b2:36:56:77:11:4e:82:04:2c:80:67:12:9d:c4:bb:34:
07:52:ca:9a:a2:6e:80:a4:f1:1f:60:9c:99:00:15:fa:ef:d8:
7c:1a:db:a5:a7:2d:7f:d5:80:a0:de:48:3a:59:29:20:a7:21:
f7:88:e5:86:3f:d6:23:75:5a:b0:a3:05:28:3b:96:eb:5c:65:
6a:9c:a7:42:2c:ce:16:76:8d:a7:b6:fe:21:eb:1d:0f:8c:f0:
60:fe:56:f2:59:1a:c3:39:9f:c5:ec:bd:03:21:6b:53:c1:80:
87:5c:fb:da:90:d4:09:5c:11:a0:7a:6c:e9:ef:af:b0:7b:f2:
5b:0c:44:7d:16:a0:27:4d:c5:71:22:2f:f9:fc:c2:c6:8b:7a:
dd:e7:7a:5c:50:1f:b3:61:69:35:26:a2:06:82:e0:d8:61:21:
fc:35:de:ff:53:d4:7f:56:b0:b6:16:fd:db:33:44:a3:17:27:
c7:79:e9:b0:5f:42:b3:78:49:76:c8:2b:7f:9c:3d:0a:f2:01:
b8:28:fe:87
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUEUHnjTjaSjTR8MfDjEKj/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjEyMDMxMTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDljOGI1ODcyYjZkMGM5NmQyYjVhMzI3OGM3YWRhY2M2YTYwMzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprkp4SKr19vZeucM+tm4xc3ZhPXf
aqMc1nuPtqho6k5D+yOwsVuIJbKfofKQQbYKIF3CdnjIjMccG8SOPfOU2lUa22I/
V4590H3GTIis+M5S9AP+/LtmNvVu916v26bRJOA0QE8/Di2bav+EPWdijsC8opCe
kUMKcRazt0WO5KZoZzgwl0D39VeTLIowt/j/pllZHynisHsJEzLzJM1pxqtXIXb/
JO/8o8B5zF77X6MqA20zylPXzp/pjb9MOo65VVag1pWtMrMvmxcCy95w4POcj5Ij
uCU0u0I4rs75PVRgy35yr6fDCWhO2ZOT5pCCNVDi3HA12dxZM1Goy61hzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFISci1hyttDJbStaMnjHrazGpgOMMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaEp5TFdISzIwTWx0SzFveWVNZXRyTWFtQTR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEJvVCJXwLwTfwaIUl92
YCWgAWLFM7VbsIclb/Oz8zcr+lqhEnwIX5iQlOI3FsO6E+VeZQUFcLZxsjZWdxFO
ggQsgGcSncS7NAdSypqiboCk8R9gnJkAFfrv2Hwa26WnLX/VgKDeSDpZKSCnIfeI
5YY/1iN1WrCjBSg7lutcZWqcp0IszhZ2jae2/iHrHQ+M8GD+VvJZGsM5n8XsvQMh
a1PBgIdc+9qQ1AlcEaB6bOnvr7B78lsMRH0WoCdNxXEiL/n8wsaLet3nelxQH7Nh
aTUmogaC4NhhIfw13v9T1H9WsLYW/dszRKMXJ8d56bBfQrN4SXbIK3+cPQryAbgo
/oc=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:51:37 2025 by rpki-client