Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hONlsD_ZN_0IeDIG1fePScibWKI.roa
File: hONlsD_ZN_0IeDIG1fePScibWKI.roa (raw, json)
Hash identifier: 4GWnu3WAxjUxUbmSd2HiHEpwZvORzbnMTFJp/6mzqIU=
Subject key identifier: 84:E3:65:B0:3F:D9:37:FD:08:78:32:06:D5:F7:8F:49:C8:9B:58:A2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A0C9BFEF5A62435BADEDB9E3A715AEA5D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hONlsD_ZN_0IeDIG1fePScibWKI.roa
Signing time: Sat 19 Aug 2023 07:04:24 +0000
ROA not before: Sat 19 Aug 2023 07:04:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
2001:67c:64:ffff:0:18a:c9b:e3a3/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:0c:9b:fe:f5:a6:24:35:ba:de:db:9e:3a:71:5a:ea:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 19 07:04:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84e365b03fd937fd08783206d5f78f49c89b58a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a1:44:c5:55:f8:91:33:cf:97:cd:b8:b3:4c:
e1:25:b1:a4:e2:7d:33:bb:81:fb:02:3c:51:17:3d:
07:1e:66:2f:c8:6b:ae:1a:fb:c6:1f:7c:b9:91:bb:
05:6a:6b:fe:a8:b5:00:54:4a:33:0b:37:23:03:7c:
d2:ff:62:65:62:61:42:3b:d4:80:fc:57:28:2b:1f:
4b:a6:20:74:2a:0e:1c:30:cc:14:2c:1c:55:a8:83:
09:2f:a6:e1:28:bd:5b:02:ff:52:61:0d:60:30:2e:
74:29:df:85:f8:fc:49:5c:ea:09:cc:c4:4a:6c:b1:
d9:cd:23:86:40:7c:a2:7d:1e:1e:34:00:44:77:8f:
dc:36:e6:04:f4:43:c4:11:81:44:97:bc:10:ce:05:
aa:bd:de:26:36:e9:e6:77:41:d7:80:9a:09:61:fe:
cd:d4:f3:b4:c8:73:2f:31:b4:10:41:11:9e:e0:11:
1f:80:7a:30:42:b6:24:9b:7b:00:84:27:ec:72:8b:
fd:c9:eb:fb:cf:25:3b:6d:1f:55:13:2f:5d:6f:69:
8b:97:c1:82:d3:ce:e4:98:fb:75:43:cd:32:59:2c:
6d:85:dc:38:c7:ba:8a:9d:5f:e0:9b:69:f8:a9:cf:
36:e8:69:74:6a:87:24:6e:0f:19:76:68:a2:e1:5f:
c3:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:E3:65:B0:3F:D9:37:FD:08:78:32:06:D5:F7:8F:49:C8:9B:58:A2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hONlsD_ZN_0IeDIG1fePScibWKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
98:76:8d:de:7a:a6:c8:68:7e:dd:8d:14:49:39:f1:f1:70:77:
db:db:33:bf:b3:71:a0:06:00:15:ed:00:05:0e:36:0e:4d:03:
69:fa:78:ef:dd:48:5e:e5:00:63:98:c0:f2:1e:5c:26:e5:85:
90:f2:65:87:0b:7d:4e:c2:af:e9:41:8f:b1:c6:d4:41:0d:7a:
5b:ca:fb:2e:b1:70:b8:b1:de:3b:4e:10:b0:6d:53:b5:46:01:
c7:99:e7:b4:d1:ca:7c:08:6c:33:64:0b:84:1f:93:1d:cc:02:
7e:0a:43:47:dd:64:e1:b7:66:55:6b:c5:f5:57:f7:8c:05:37:
fb:e2:1a:f7:b0:c6:ca:08:0b:4b:8f:26:40:72:60:db:41:9c:
9b:5a:6b:d4:9c:07:34:19:71:8c:21:1a:dc:d2:f1:8e:db:c1:
fe:60:83:d1:1d:1e:3e:27:e9:c9:72:b5:7a:b1:25:fc:7f:9b:
ca:60:39:04:b7:7f:03:c6:d0:1d:13:21:cc:12:c3:89:56:ca:
1a:7b:c7:1a:cf:59:5c:55:66:f1:48:79:cb:43:b6:e2:a4:56:
49:7e:00:92:22:4d:20:8f:00:3b:cc:99:16:7a:d1:52:80:15:
a4:1b:a3:c2:70:46:3c:5d:67:58:93:38:b9:76:10:eb:05:e4:
70:0f:9b:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoMm/71piQ1ut7bnjpxWupdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE5MDcwNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGUzNjViMDNmZDkzN2ZkMDg3ODMyMDZkNWY3OGY0OWM4OWI1OGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaFExVX4kTPPl824s0zhJbGk4n0z
u4H7AjxRFz0HHmYvyGuuGvvGH3y5kbsFamv+qLUAVEozCzcjA3zS/2JlYmFCO9SA
/FcoKx9LpiB0Kg4cMMwULBxVqIMJL6bhKL1bAv9SYQ1gMC50Kd+F+PxJXOoJzMRK
bLHZzSOGQHyifR4eNABEd4/cNuYE9EPEEYFEl7wQzgWqvd4mNunmd0HXgJoJYf7N
1PO0yHMvMbQQQRGe4BEfgHowQrYkm3sAhCfscov9yev7zyU7bR9VEy9db2mLl8GC
087kmPt1Q80yWSxthdw4x7qKnV/gm2n4qc826Gl0aockbg8Zdmii4V/DiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFITjZbA/2Tf9CHgyBtX3j0nIm1iiMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaE9ObHNEX1pOXzBJZURJRzFmZVBTY2liV0tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJh2jd56pshoft2NFEk5
8fFwd9vbM7+zcaAGABXtAAUONg5NA2n6eO/dSF7lAGOYwPIeXCblhZDyZYcLfU7C
r+lBj7HG1EENelvK+y6xcLix3jtOELBtU7VGAceZ57TRynwIbDNkC4Qfkx3MAn4K
Q0fdZOG3ZlVrxfVX94wFN/viGvewxsoIC0uPJkByYNtBnJtaa9ScBzQZcYwhGtzS
8Y7bwf5gg9EdHj4n6clytXqxJfx/m8pgOQS3fwPG0B0TIcwSw4lWyhp7xxrPWVxV
ZvFIectDtuKkVkl+AJIiTSCPADvMmRZ60VKAFaQbo8JwRjxdZ1iTOLl2EOsF5HAP
mwI=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:35:58 2025 by rpki-client