Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hQZ-abnxZo6forr4LSHaZTOxE8Q.roa
File: hQZ-abnxZo6forr4LSHaZTOxE8Q.roa (raw, json)
Hash identifier: jx1RKBZteU41II02MNuqIHOT3FI3fOfrg60Sl3xZDrQ=
Subject key identifier: 85:06:7E:69:B9:F1:66:8E:9F:A2:BA:F8:2D:21:DA:65:33:B1:13:C4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01850CE8FB50D6ABECD0F4AEC1857DB172CE
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hQZ-abnxZo6forr4LSHaZTOxE8Q.roa
Signing time: Tue 13 Dec 2022 19:14:33 +0000
ROA not before: Tue 13 Dec 2022 19:14:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0c:e8:fb:50:d6:ab:ec:d0:f4:ae:c1:85:7d:b1:72:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 13 19:14:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85067e69b9f1668e9fa2baf82d21da6533b113c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:36:b7:10:e8:4b:4d:03:a1:c5:cc:fa:e4:04:
90:ee:d7:ce:04:37:56:95:bd:bc:04:d4:3f:40:89:
89:00:ea:e4:8a:82:da:85:f9:8b:ee:eb:f6:86:45:
ef:b4:a6:61:7a:81:19:bd:59:27:aa:fe:5d:1a:a5:
83:2f:6a:52:1d:eb:f5:71:d8:1c:94:ce:ea:df:2a:
50:74:b1:88:0b:c5:64:f0:8a:b2:6e:94:7a:d0:46:
61:c4:8c:7c:ec:1b:03:1d:46:a2:12:2f:eb:1f:32:
45:83:76:93:19:2c:f9:74:c4:00:89:d0:de:6b:c2:
6d:08:14:8d:ff:fc:e3:bb:92:b8:18:ea:ed:3c:2c:
f1:49:f3:ac:c6:61:b5:dc:d9:51:96:20:c8:44:13:
9e:34:ef:09:a4:1f:ea:d7:8b:9e:c9:e6:ca:9d:02:
8a:6d:da:14:36:40:dc:6c:f7:40:ad:e8:ae:c8:41:
39:1e:50:f0:9e:35:8e:b4:bb:3d:29:16:f5:21:7a:
44:0d:a4:c4:6f:8a:7f:19:c5:df:cb:f9:20:20:62:
61:37:c4:f3:bd:c4:ee:ea:94:4a:dc:eb:e3:12:fc:
b5:e3:1a:8f:5b:34:ae:95:84:91:a7:59:39:f5:6c:
b0:b4:8b:2b:d6:b1:bc:65:db:ed:40:9f:40:23:aa:
9c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:06:7E:69:B9:F1:66:8E:9F:A2:BA:F8:2D:21:DA:65:33:B1:13:C4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hQZ-abnxZo6forr4LSHaZTOxE8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:c6:5f:b8:fa:3b:58:00:88:38:5e:98:61:94:18:34:b1:df:
cf:69:29:5e:bc:c8:7e:17:9a:85:5f:17:11:3d:66:48:26:25:
18:17:ea:f2:44:f0:47:6b:63:61:8e:3d:bf:f5:5d:05:1b:95:
4c:50:a2:12:21:cc:fd:aa:02:bd:c5:77:ba:2a:9e:ef:bf:e2:
91:5b:e5:4b:63:f4:80:4a:5f:e7:71:90:42:f6:5a:bb:b4:ec:
65:ea:b3:5e:37:eb:e3:fe:ce:c9:7b:cf:a4:f1:d5:e2:28:3e:
39:1d:fd:15:78:44:0c:0c:a9:98:a6:8d:7f:d2:3f:02:0a:62:
0a:0a:1c:a7:a8:3b:73:79:ea:3b:c7:39:b3:04:fe:ad:3b:c4:
1c:fb:7b:3d:75:c7:1a:62:ef:e6:5a:e9:12:7e:26:4b:48:33:
d6:f9:1f:b9:79:5f:6d:1b:a6:6a:b3:4c:d0:3b:e2:8f:73:06:
24:0d:07:51:96:52:24:f0:d0:8e:fc:e9:4d:1e:a4:d0:0c:f6:
12:40:8a:ac:9b:b5:95:98:16:cd:4f:3d:31:02:28:4e:51:2c:
ea:40:46:50:92:11:6b:12:4a:e3:4f:df:3f:74:e3:42:5c:11:
30:31:59:a5:b8:3e:49:7b:21:64:00:a0:ed:60:56:34:05:69:
4f:78:01:de
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUM6PtQ1qvs0PSuwYV9sXLOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjEzMTkxNDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTA2N2U2OWI5ZjE2NjhlOWZhMmJhZjgyZDIxZGE2NTMzYjExM2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgja3EOhLTQOhxcz65ASQ7tfOBDdW
lb28BNQ/QImJAOrkioLahfmL7uv2hkXvtKZheoEZvVknqv5dGqWDL2pSHev1cdgc
lM7q3ypQdLGIC8Vk8IqybpR60EZhxIx87BsDHUaiEi/rHzJFg3aTGSz5dMQAidDe
a8JtCBSN//zju5K4GOrtPCzxSfOsxmG13NlRliDIRBOeNO8JpB/q14ueyebKnQKK
bdoUNkDcbPdAreiuyEE5HlDwnjWOtLs9KRb1IXpEDaTEb4p/GcXfy/kgIGJhN8Tz
vcTu6pRK3OvjEvy14xqPWzSulYSRp1k59WywtIsr1rG8ZdvtQJ9AI6qcGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIUGfmm58WaOn6K6+C0h2mUzsRPEMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaFFaLWFibnhabzZmb3JyNExTSGFaVE94RThRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGbGX7j6O1gAiDhemGGU
GDSx389pKV68yH4XmoVfFxE9ZkgmJRgX6vJE8EdrY2GOPb/1XQUblUxQohIhzP2q
Ar3Fd7oqnu+/4pFb5Utj9IBKX+dxkEL2Wru07GXqs1436+P+zsl7z6Tx1eIoPjkd
/RV4RAwMqZimjX/SPwIKYgoKHKeoO3N56jvHObME/q07xBz7ez11xxpi7+Za6RJ+
JktIM9b5H7l5X20bpmqzTNA74o9zBiQNB1GWUiTw0I786U0epNAM9hJAiqybtZWY
Fs1PPTECKE5RLOpARlCSEWsSSuNP3z9040JcETAxWaW4Pkl7IWQAoO1gVjQFaU94
Ad4=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:52:58 2025 by rpki-client