Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hRDas4hl-LX3Pt2Er5B8uNuP9ug.roa
File: hRDas4hl-LX3Pt2Er5B8uNuP9ug.roa (raw, json)
Hash identifier: V7BHDA4lPmReoGXuGcYReoDD3CV+v5i05q9Ohm+hJUA=
Subject key identifier: 85:10:DA:B3:88:65:F8:B5:F7:3E:DD:84:AF:90:7C:B8:DB:8F:F6:E8
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186F51433FDFB942DAFD3AF59F56D2351B2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hRDas4hl-LX3Pt2Er5B8uNuP9ug.roa
Signing time: Sat 18 Mar 2023 14:16:27 +0000
ROA not before: Sat 18 Mar 2023 14:16:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f5:14:33:fd:fb:94:2d:af:d3:af:59:f5:6d:23:51:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 18 14:16:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8510dab38865f8b5f73edd84af907cb8db8ff6e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f5:1b:48:43:12:6a:ae:82:de:80:14:cc:4c:
c2:fa:2b:13:fe:e3:85:04:28:04:31:e6:4b:39:03:
3a:ca:04:f7:81:9c:6a:0c:73:1b:bf:51:bb:f0:9e:
dd:83:3f:47:76:3f:c9:9b:72:42:6e:02:3f:aa:fd:
2f:d5:32:26:d3:ba:d0:fd:66:f6:df:1a:98:62:e4:
88:21:53:b2:13:b0:ac:30:45:c2:d6:19:a8:f5:e7:
ab:32:b0:c0:7f:c7:2c:45:6d:2c:e9:e3:32:9d:84:
20:1f:63:61:ce:4b:3b:e9:ee:8f:e7:55:3e:59:d9:
8f:10:94:20:d2:ce:4e:4f:ec:78:9c:d1:bc:d6:81:
0c:5e:9b:dd:db:f5:b9:a5:ad:71:20:ac:e3:b3:b4:
45:ce:09:5d:40:f0:1f:13:b9:d6:56:93:ef:75:29:
3f:c0:ea:10:98:6e:2e:77:96:0d:1a:8b:28:e7:42:
ac:8a:d0:81:30:f1:39:1d:1e:c3:f7:01:61:0a:67:
c9:b4:01:69:ea:9b:c4:8c:ce:50:cd:de:d1:f2:31:
ef:2c:f1:12:5c:06:1a:bc:3f:4d:37:89:5c:f1:63:
a9:ca:c8:be:33:0d:a5:72:37:8e:27:80:d5:cf:1a:
31:20:aa:82:2a:05:8e:f6:ee:19:34:90:7e:80:b6:
04:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:10:DA:B3:88:65:F8:B5:F7:3E:DD:84:AF:90:7C:B8:DB:8F:F6:E8
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hRDas4hl-LX3Pt2Er5B8uNuP9ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:04:65:ad:42:86:27:e4:dc:b5:8d:b7:11:e9:88:e2:31:28:
d4:2e:83:ab:a1:e2:93:73:88:5b:ae:05:7b:52:96:b9:52:a2:
fd:2a:2f:95:c3:f2:2a:b0:23:71:ac:1a:ca:39:92:c0:4d:b4:
d4:bf:3c:9d:86:f1:4b:63:d3:40:df:10:22:e2:fd:b4:88:0c:
3c:21:8c:f9:86:a1:ba:01:a0:fe:0a:4b:ba:0a:01:04:36:3f:
97:1b:2a:3e:1e:fd:09:f8:3b:9a:fc:fa:9d:ed:d7:1f:07:45:
76:ff:f6:47:89:99:bb:10:9b:06:83:52:d3:5c:bc:f5:ee:a5:
bb:6a:a5:7f:eb:b6:7c:c6:e1:9c:1f:24:15:d9:cc:67:9a:39:
6c:40:17:5d:c5:2f:5a:42:6b:c5:48:81:42:0e:32:aa:8e:87:
21:b6:4b:5f:89:b3:32:48:26:e7:c1:18:aa:d1:9f:2d:af:e7:
15:ae:28:c9:9e:bb:e5:9b:84:c1:16:c1:02:b2:2a:f4:46:de:
b6:e6:0b:62:63:d0:63:24:cd:6e:04:49:12:4e:3a:77:9d:fa:
d5:d7:ee:41:f8:57:26:89:a0:3f:a8:97:e7:b3:81:57:16:ce:
97:b7:1a:43:77:88:a0:32:f4:0d:1a:22:45:0b:ea:76:55:d3:
26:5c:9e:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYb1FDP9+5Qtr9OvWfVtI1GyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzE4MTQxNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTEwZGFiMzg4NjVmOGI1ZjczZWRkODRhZjkwN2NiOGRiOGZmNmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPUbSEMSaq6C3oAUzEzC+isT/uOF
BCgEMeZLOQM6ygT3gZxqDHMbv1G78J7dgz9Hdj/Jm3JCbgI/qv0v1TIm07rQ/Wb2
3xqYYuSIIVOyE7CsMEXC1hmo9eerMrDAf8csRW0s6eMynYQgH2Nhzks76e6P51U+
WdmPEJQg0s5OT+x4nNG81oEMXpvd2/W5pa1xIKzjs7RFzgldQPAfE7nWVpPvdSk/
wOoQmG4ud5YNGoso50KsitCBMPE5HR7D9wFhCmfJtAFp6pvEjM5Qzd7R8jHvLPES
XAYavD9NN4lc8WOpysi+Mw2lcjeOJ4DVzxoxIKqCKgWO9u4ZNJB+gLYE7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIUQ2rOIZfi19z7dhK+QfLjbj/boMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaFJEYXM0aGwtTFgzUHQyRXI1Qjh1TnVQOXVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFgEZa1Chifk3LWNtxHp
iOIxKNQug6uh4pNziFuuBXtSlrlSov0qL5XD8iqwI3GsGso5ksBNtNS/PJ2G8Utj
00DfECLi/bSIDDwhjPmGoboBoP4KS7oKAQQ2P5cbKj4e/Qn4O5r8+p3t1x8HRXb/
9keJmbsQmwaDUtNcvPXupbtqpX/rtnzG4ZwfJBXZzGeaOWxAF13FL1pCa8VIgUIO
MqqOhyG2S1+JszJIJufBGKrRny2v5xWuKMmeu+WbhMEWwQKyKvRG3rbmC2Jj0GMk
zW4ESRJOOned+tXX7kH4VyaJoD+ol+ezgVcWzpe3GkN3iKAy9A0aIkUL6nZV0yZc
nuE=
-----END CERTIFICATE-----
Generated at Fri May 2 04:30:41 2025 by rpki-client