Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hMh6Y_pmR6zNioBeYGctilZzcdk.roa
File: hMh6Y_pmR6zNioBeYGctilZzcdk.roa (raw, json)
Hash identifier: hKwbeOLN7zGLFjS2iauNpaKhaYFBv3bQFpm/r310Ln0=
Subject key identifier: 84:C8:7A:63:FA:66:47:AC:CD:8A:80:5E:60:67:2D:8A:56:73:71:D9
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189B57E43471F1663E5183CDED8B86B9DD3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hMh6Y_pmR6zNioBeYGctilZzcdk.roa
Signing time: Wed 02 Aug 2023 09:04:58 +0000
ROA not before: Wed 02 Aug 2023 09:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:b57d:c5a3/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b5:7e:43:47:1f:16:63:e5:18:3c:de:d8:b8:6b:9d:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 2 09:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84c87a63fa6647accd8a805e60672d8a567371d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e4:9d:fb:6b:0f:79:f8:17:ef:86:4f:7a:4d:
07:04:dd:ed:f7:f8:d5:a9:e0:10:e8:c1:e8:aa:a0:
d3:a6:c6:c2:39:55:58:bb:cd:cc:71:f1:95:c0:42:
e4:c3:51:17:65:2b:f8:01:27:a2:1e:a9:26:a0:80:
35:98:c0:b3:53:5b:73:a9:eb:c6:56:a6:c4:5a:16:
35:b3:d9:9b:65:ca:41:59:66:2d:6d:13:6d:cc:a0:
56:cb:4c:99:fa:cc:d2:a3:24:74:a9:a7:87:34:ba:
34:1b:da:de:b1:39:83:89:08:1c:6b:ac:20:b4:43:
49:de:c5:85:c3:30:74:a2:d1:55:9e:b6:9e:46:94:
23:88:8a:8e:19:34:49:4a:77:5a:65:e1:d8:2e:fd:
e6:fb:d9:0f:6d:14:f7:23:8e:33:a2:72:a4:5e:a9:
57:c4:b8:83:57:fc:fa:98:13:96:40:2e:a8:bb:0b:
02:1f:fa:2d:4c:3f:f5:ca:af:07:2d:15:fd:ac:e9:
68:77:d9:5b:fa:a1:a6:a0:8d:03:7a:64:7e:65:77:
fa:59:db:ae:74:c5:ff:89:f0:c6:12:42:76:c0:f5:
bd:25:d4:d3:1c:5d:af:7b:a0:64:c8:60:c2:4e:eb:
4a:00:62:c5:7a:27:1d:e3:c0:36:9b:26:ec:19:e1:
8f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:C8:7A:63:FA:66:47:AC:CD:8A:80:5E:60:67:2D:8A:56:73:71:D9
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hMh6Y_pmR6zNioBeYGctilZzcdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
68:3e:98:41:87:e6:36:01:0e:02:1f:8c:a3:91:68:c6:86:f0:
2a:e2:41:12:a8:ec:5c:7c:f4:fd:97:c0:09:e0:be:b0:b3:c4:
7c:93:10:c2:f4:dd:c8:15:4d:72:ff:dc:eb:ad:63:90:1d:69:
47:a6:13:26:a6:34:52:00:06:e2:c7:c6:0a:2e:6c:54:cb:52:
58:12:3d:0d:e3:ba:31:02:08:96:9a:04:06:81:eb:b4:2e:c7:
28:06:d7:5a:d9:e6:84:b1:35:b4:f5:e0:7f:c2:58:07:4d:3a:
00:7a:ee:2e:64:af:5e:5b:20:f6:11:23:af:cb:1a:be:df:ec:
e1:ca:21:90:39:4d:4a:e7:41:34:a6:f4:17:56:0f:73:1c:13:
a0:22:96:d3:44:38:b7:d9:1b:2e:0c:d8:96:73:2b:c0:4c:8e:
25:5d:7b:46:83:95:1a:3f:25:7b:c2:85:17:71:e4:fa:82:2c:
f4:9b:9d:c3:99:2b:dc:79:dd:88:51:a9:de:d1:2c:cc:39:cf:
e3:92:9a:ab:4f:79:b6:95:39:f9:fe:52:21:78:3c:0e:9b:c5:
73:16:49:73:63:3c:f4:6e:6a:35:3d:6d:94:06:a8:03:27:18:
9b:b9:3f:51:8a:59:1d:ff:26:56:2c:9e:d7:ad:00:90:f0:97:
2c:88:ab:ae
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYm1fkNHHxZj5Rg83ti4a53TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODAyMDkwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGM4N2E2M2ZhNjY0N2FjY2Q4YTgwNWU2MDY3MmQ4YTU2NzM3MWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOSd+2sPefgX74ZPek0HBN3t9/jV
qeAQ6MHoqqDTpsbCOVVYu83McfGVwELkw1EXZSv4ASeiHqkmoIA1mMCzU1tzqevG
VqbEWhY1s9mbZcpBWWYtbRNtzKBWy0yZ+szSoyR0qaeHNLo0G9resTmDiQgca6wg
tENJ3sWFwzB0otFVnraeRpQjiIqOGTRJSndaZeHYLv3m+9kPbRT3I44zonKkXqlX
xLiDV/z6mBOWQC6ouwsCH/otTD/1yq8HLRX9rOlod9lb+qGmoI0DemR+ZXf6Wduu
dMX/ifDGEkJ2wPW9JdTTHF2ve6BkyGDCTutKAGLFeicd48A2mybsGeGPUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFITIemP6ZkeszYqAXmBnLYpWc3HZMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaE1oNllfcG1SNnpOaW9CZVlHY3RpbFp6Y2RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGg+mEGH5jYBDgIfjKOR
aMaG8CriQRKo7Fx89P2XwAngvrCzxHyTEML03cgVTXL/3OutY5AdaUemEyamNFIA
BuLHxgoubFTLUlgSPQ3jujECCJaaBAaB67QuxygG11rZ5oSxNbT14H/CWAdNOgB6
7i5kr15bIPYRI6/LGr7f7OHKIZA5TUrnQTSm9BdWD3McE6AiltNEOLfZGy4M2JZz
K8BMjiVde0aDlRo/JXvChRdx5PqCLPSbncOZK9x53YhRqd7RLMw5z+OSmqtPebaV
Ofn+UiF4PA6bxXMWSXNjPPRuajU9bZQGqAMnGJu5P1GKWR3/JlYsntetAJDwlyyI
q64=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:35:51 2025 by rpki-client