Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hLsy5VN1vlSxorVGhcxV-MMC4zA.roa
File: hLsy5VN1vlSxorVGhcxV-MMC4zA.roa (raw, json)
Hash identifier: WX1MW0ulhrGRx41zCGKruJzrxjUaLEO9GsIbl64hWR8=
Subject key identifier: 84:BB:32:E5:53:75:BE:54:B1:A2:B5:46:85:CC:55:F8:C3:02:E3:30
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0181E4CD86C25A82CF90BA3926833BEFEB6E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hLsy5VN1vlSxorVGhcxV-MMC4zA.roa
Signing time: Sat 09 Jul 2022 21:11:23 +0000
ROA not before: Sat 09 Jul 2022 21:11:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:e4:cd:86:c2:5a:82:cf:90:ba:39:26:83:3b:ef:eb:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 9 21:11:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84bb32e55375be54b1a2b54685cc55f8c302e330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d8:b5:df:21:3e:34:ee:2a:26:f1:26:44:c6:
3a:d3:27:a9:48:49:28:39:11:8d:bf:22:6b:c5:e8:
6e:55:48:40:b1:7b:7e:e1:4a:42:9c:9c:b9:bf:8f:
8b:ed:f3:e1:70:08:2d:d1:7d:d0:1f:12:a6:36:0c:
f5:60:5b:e2:0f:42:c8:3f:9b:22:de:de:4e:73:27:
fb:e0:d7:26:24:64:b0:ea:7c:2b:4c:20:ab:1b:47:
cd:88:24:3d:8d:33:6b:6c:68:8d:f0:24:94:d0:bb:
55:2b:25:9e:ca:ef:90:29:20:05:09:52:b4:a5:42:
b5:eb:5d:ac:46:a2:df:0f:b7:11:c6:00:70:e3:9a:
3e:45:f0:fd:4c:10:db:e1:ff:da:0c:f5:31:b8:42:
8b:17:6d:ae:a6:5d:1b:72:66:06:4e:18:5f:90:1e:
8d:67:71:5c:73:ab:e4:cf:f3:d8:92:c4:d4:db:54:
bc:63:e2:a0:dd:f6:40:e9:40:e6:4b:94:dc:7f:27:
c7:99:af:62:9a:1c:a9:a5:dd:82:48:9e:9b:6a:e4:
0e:2d:e9:02:db:52:55:dc:2e:d0:81:50:85:59:5c:
c7:8f:29:43:57:47:0b:1a:e3:ea:4c:98:6a:f8:84:
dd:57:80:9e:14:20:77:24:c3:80:6c:ae:19:b1:55:
89:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:BB:32:E5:53:75:BE:54:B1:A2:B5:46:85:CC:55:F8:C3:02:E3:30
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hLsy5VN1vlSxorVGhcxV-MMC4zA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9b:89:80:47:17:2a:23:b8:f9:8f:dd:33:e7:53:2d:0a:50:d8:
85:cb:c6:92:a0:c1:d9:2e:66:55:c7:3f:4f:d6:57:44:09:6f:
25:c4:73:59:14:ab:6b:57:17:69:e9:06:09:ac:f0:3a:42:e1:
41:05:fb:40:8b:86:cf:3d:d9:df:a8:ff:86:3e:47:1d:d9:9e:
0b:d1:3f:60:4c:b6:da:a2:74:da:b1:c0:b3:2e:d8:83:4e:dd:
f4:8f:c5:e9:f1:47:ca:0a:33:58:4e:73:b0:26:53:e0:4f:94:
ac:49:df:c5:90:39:b3:47:6c:33:1d:94:3e:6e:64:0a:ba:e4:
c4:d9:bd:1e:4b:e2:f1:a0:5e:80:62:d5:9b:98:09:06:7f:92:
dd:d8:c2:f2:35:6e:09:b1:33:96:a2:7b:5a:88:7c:aa:f9:2b:
2c:e0:15:00:75:0c:e2:9b:6e:f5:5c:73:a2:c5:c9:d4:f6:af:
d5:5f:c9:57:e6:86:14:3c:aa:10:ab:89:e4:12:c3:a3:9a:88:
25:31:b8:ff:26:aa:50:e1:42:d3:bf:41:88:d1:1e:cd:55:25:
6d:fd:f6:20:af:aa:1d:02:74:37:58:c9:35:de:bc:45:23:2d:
4b:38:42:5e:54:71:ea:b8:be:9c:4c:d0:fb:04:b2:db:6c:01:
f3:c4:02:c6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYHkzYbCWoLPkLo5JoM77+tuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwNzA5MjExMTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGJiMzJlNTUzNzViZTU0YjFhMmI1NDY4NWNjNTVmOGMzMDJlMzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9i13yE+NO4qJvEmRMY60yepSEko
ORGNvyJrxehuVUhAsXt+4UpCnJy5v4+L7fPhcAgt0X3QHxKmNgz1YFviD0LIP5si
3t5Ocyf74NcmJGSw6nwrTCCrG0fNiCQ9jTNrbGiN8CSU0LtVKyWeyu+QKSAFCVK0
pUK1612sRqLfD7cRxgBw45o+RfD9TBDb4f/aDPUxuEKLF22upl0bcmYGThhfkB6N
Z3Fcc6vkz/PYksTU21S8Y+Kg3fZA6UDmS5TcfyfHma9imhyppd2CSJ6bauQOLekC
21JV3C7QgVCFWVzHjylDV0cLGuPqTJhq+ITdV4CeFCB3JMOAbK4ZsVWJjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIS7MuVTdb5UsaK1RoXMVfjDAuMwMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaExzeTVWTjF2bFN4b3JWR2hjeFYtTU1DNHpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJuJgEcXKiO4+Y/dM+dT
LQpQ2IXLxpKgwdkuZlXHP0/WV0QJbyXEc1kUq2tXF2npBgms8DpC4UEF+0CLhs89
2d+o/4Y+Rx3ZngvRP2BMttqidNqxwLMu2INO3fSPxenxR8oKM1hOc7AmU+BPlKxJ
38WQObNHbDMdlD5uZAq65MTZvR5L4vGgXoBi1ZuYCQZ/kt3YwvI1bgmxM5aie1qI
fKr5KyzgFQB1DOKbbvVcc6LFydT2r9VfyVfmhhQ8qhCrieQSw6OaiCUxuP8mqlDh
QtO/QYjRHs1VJW399iCvqh0CdDdYyTXevEUjLUs4Ql5Uceq4vpxM0PsEsttsAfPE
AsY=
-----END CERTIFICATE-----
Generated at Thu May 1 02:53:37 2025 by rpki-client