Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hM1pHxSMqaO5s06JkHWoiBHU16w.roa
File: hM1pHxSMqaO5s06JkHWoiBHU16w.roa (raw, json)
Hash identifier: zGlR2VKWNkd+qZe6n+rbv9pBTpLJsFTfi23+l03wj/k=
Subject key identifier: 84:CD:69:1F:14:8C:A9:A3:B9:B3:4E:89:90:75:A8:88:11:D4:D7:AC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01867FE7B62F716ADE88AD1267561E0BFA21
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hM1pHxSMqaO5s06JkHWoiBHU16w.roa
Signing time: Thu 23 Feb 2023 20:12:17 +0000
ROA not before: Thu 23 Feb 2023 20:12:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7f:e7:b6:2f:71:6a:de:88:ad:12:67:56:1e:0b:fa:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 23 20:12:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84cd691f148ca9a3b9b34e899075a88811d4d7ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1e:ba:47:a8:60:1d:f5:15:a3:64:bf:af:0d:
8c:5c:e3:15:6f:fb:1b:8e:45:80:f3:0b:64:55:ff:
96:9e:74:20:fa:44:4a:62:6a:72:88:86:dc:19:f8:
e7:6c:a3:a1:cd:d3:98:4c:8d:08:6e:12:d8:8c:55:
d3:ff:c8:fb:39:b8:9b:f5:92:e1:b3:f6:4d:35:7a:
79:47:9b:4f:55:48:e7:18:99:e1:14:59:05:f5:8f:
08:2c:1e:81:7a:ee:7d:53:6b:68:e3:6f:3b:ff:4c:
e8:33:6e:13:27:44:d4:ed:e3:2a:f5:73:15:6b:41:
af:66:92:37:de:4d:03:32:54:94:97:47:6d:ca:49:
21:2c:78:4f:a9:1f:b1:e6:90:b3:e6:81:8a:f7:4f:
25:12:31:fe:cc:d2:c2:66:41:a6:ec:fd:8c:ad:80:
98:56:2b:94:f7:bb:58:60:de:29:01:a4:d0:a7:db:
9c:c9:4e:dc:d1:2c:4e:e9:4c:0b:d4:c4:7d:d2:44:
ce:e4:38:d0:43:e1:66:8e:0c:3a:e5:40:7c:50:34:
0e:c1:c6:5e:4e:95:9f:b2:f4:03:57:aa:6a:19:f0:
65:e4:4d:07:78:5d:58:61:91:c8:91:de:72:30:9f:
69:c1:46:b8:68:11:ce:4e:c4:ae:10:51:e7:53:29:
3b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:CD:69:1F:14:8C:A9:A3:B9:B3:4E:89:90:75:A8:88:11:D4:D7:AC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hM1pHxSMqaO5s06JkHWoiBHU16w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
57:5b:3c:67:07:e8:78:b1:81:29:9c:b2:30:a6:a6:2f:09:f8:
cf:92:d4:41:d6:42:c1:50:26:40:d5:9c:91:ef:53:d6:62:0b:
bd:f6:2b:f8:60:a8:71:da:d4:68:ab:87:32:52:08:50:b1:9f:
9e:6f:f3:f9:f4:d0:7e:0c:73:74:83:30:50:70:6b:c2:e2:90:
64:dc:89:b6:41:dd:b8:71:1e:8d:71:c0:1c:28:9e:f5:c9:07:
ad:eb:2c:21:42:40:d7:33:eb:1d:11:2b:fe:6c:ed:f6:dd:ce:
99:9b:c1:2f:71:59:fb:ae:3a:22:ae:c7:0b:a4:86:7f:d7:4a:
6c:1d:7b:c3:05:9f:00:c1:b9:36:2a:8a:a2:a8:05:fe:70:ec:
d6:2a:3b:6f:bf:60:a7:cd:1e:88:5d:72:7c:95:87:92:fb:c4:
ce:af:3d:6a:1c:5a:64:e0:aa:ba:a6:85:de:98:70:f5:55:8a:
d0:34:95:bf:53:65:ea:af:54:53:e9:f0:b4:6c:0a:e1:fb:1b:
a3:d2:f4:e6:21:f8:2e:0c:be:85:b9:89:61:92:f8:a3:d3:4c:
43:20:fb:92:86:f5:c5:13:16:d0:3d:30:71:89:61:99:85:bb:
3b:d7:41:7a:84:91:ea:4a:a2:e3:04:60:99:be:43:94:45:90:
32:16:7b:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ/57YvcWreiK0SZ1YeC/ohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIzMjAxMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGNkNjkxZjE0OGNhOWEzYjliMzRlODk5MDc1YTg4ODExZDRkN2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApB66R6hgHfUVo2S/rw2MXOMVb/sb
jkWA8wtkVf+WnnQg+kRKYmpyiIbcGfjnbKOhzdOYTI0IbhLYjFXT/8j7Obib9ZLh
s/ZNNXp5R5tPVUjnGJnhFFkF9Y8ILB6Beu59U2to4287/0zoM24TJ0TU7eMq9XMV
a0GvZpI33k0DMlSUl0dtykkhLHhPqR+x5pCz5oGK908lEjH+zNLCZkGm7P2MrYCY
ViuU97tYYN4pAaTQp9ucyU7c0SxO6UwL1MR90kTO5DjQQ+Fmjgw65UB8UDQOwcZe
TpWfsvQDV6pqGfBl5E0HeF1YYZHIkd5yMJ9pwUa4aBHOTsSuEFHnUyk7EwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFITNaR8UjKmjubNOiZB1qIgR1NesMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaE0xcEh4U01xYU81czA2SmtIV29pQkhVMTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFdbPGcH6HixgSmcsjCm
pi8J+M+S1EHWQsFQJkDVnJHvU9ZiC732K/hgqHHa1GirhzJSCFCxn55v8/n00H4M
c3SDMFBwa8LikGTcibZB3bhxHo1xwBwonvXJB63rLCFCQNcz6x0RK/5s7fbdzpmb
wS9xWfuuOiKuxwukhn/XSmwde8MFnwDBuTYqiqKoBf5w7NYqO2+/YKfNHohdcnyV
h5L7xM6vPWocWmTgqrqmhd6YcPVVitA0lb9TZeqvVFPp8LRsCuH7G6PS9OYh+C4M
voW5iWGS+KPTTEMg+5KG9cUTFtA9MHGJYZmFuzvXQXqEkepKouMEYJm+Q5RFkDIW
ewE=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:53:36 2025 by rpki-client