Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hRjSB7dYfKQoFae8ajxcMJOBIr0.roa
File: hRjSB7dYfKQoFae8ajxcMJOBIr0.roa (raw, json)
Hash identifier: /aJRVyi7RNEkDe0VPwCtt2P8BCKhDadVdlfgmu22Ag8=
Subject key identifier: 85:18:D2:07:B7:58:7C:A4:28:15:A7:BC:6A:3C:5C:30:93:81:22:BD
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01864AE5FA931900BB67A2582C655030EAC2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hRjSB7dYfKQoFae8ajxcMJOBIr0.roa
Signing time: Mon 13 Feb 2023 13:10:31 +0000
ROA not before: Mon 13 Feb 2023 13:10:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4a:e5:fa:93:19:00:bb:67:a2:58:2c:65:50:30:ea:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 13 13:10:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8518d207b7587ca42815a7bc6a3c5c30938122bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:01:89:17:66:07:2e:0d:4b:74:3e:3c:f6:23:
6a:a2:8c:87:9e:e0:37:6f:63:aa:73:ba:66:21:69:
1d:00:ae:22:41:ed:4e:ee:11:af:af:3b:8b:cb:de:
87:c1:95:d6:3e:24:62:d1:a2:db:59:0c:40:2f:97:
f5:59:1d:f5:25:33:0c:25:d3:ed:21:f5:bc:7a:e9:
b7:5a:e6:0b:c2:2d:98:76:89:52:51:c7:3a:e8:97:
ef:51:98:9d:35:5d:bd:28:67:6c:65:fd:87:3c:2c:
96:9f:7d:50:19:48:42:43:f9:50:39:fd:e8:d4:e5:
eb:ef:d2:72:43:a8:db:f8:22:b9:3d:e8:93:74:ca:
4d:5c:06:c9:5c:e5:eb:e0:c5:51:84:57:da:85:15:
8b:af:d5:93:86:b0:81:55:5c:a6:d0:57:e0:16:9d:
95:40:b9:26:23:6a:11:13:45:c8:6f:72:2a:38:ad:
78:92:55:69:42:79:b3:52:95:fd:a6:6c:02:9a:c6:
c7:32:c1:f3:d9:b0:51:7b:53:8c:56:34:05:a8:e8:
e6:de:f0:06:34:6d:52:0e:2c:2f:f2:8d:48:31:ae:
61:50:c1:8a:0b:89:e0:ae:d6:41:c1:cc:26:0a:e3:
1c:76:81:9f:fc:93:c6:ab:62:f5:31:49:3b:20:67:
76:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:18:D2:07:B7:58:7C:A4:28:15:A7:BC:6A:3C:5C:30:93:81:22:BD
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hRjSB7dYfKQoFae8ajxcMJOBIr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
41:ce:54:8a:70:92:c6:1b:08:c3:5f:3a:24:ec:94:62:3f:a5:
55:05:34:c9:12:23:8c:c8:9d:76:c2:1f:91:12:f7:50:6b:44:
66:ee:a8:7f:70:90:88:4c:f7:5a:db:32:66:7f:c1:be:5f:7c:
f5:1c:fd:e2:cb:fd:61:df:14:50:f2:93:1f:8d:e2:10:98:b5:
1e:e6:92:24:0e:f3:05:1c:b7:f3:3f:75:62:17:7e:98:8d:75:
ba:c0:4c:1a:ea:f6:00:b5:d1:be:ca:42:5f:ee:78:9a:cd:de:
11:09:46:6a:1d:e6:a2:1d:fc:a4:9c:f7:34:49:14:f7:53:7c:
44:a2:85:47:4e:af:79:83:5d:81:96:b6:5d:9b:a4:43:90:0e:
83:fc:b1:28:e4:a1:86:f5:24:02:7a:b5:43:87:e5:aa:05:9b:
ff:d0:cd:0e:87:0c:b5:5c:e6:a9:31:67:80:d3:6e:b6:3c:28:
25:5f:94:eb:6f:45:3c:7e:d7:ec:7b:b5:d7:05:f2:a7:9d:72:
8e:58:57:49:e8:86:93:d5:2c:9a:91:8f:4c:6a:d5:ee:96:dd:
cd:c9:28:79:aa:68:a8:d1:c0:3a:9e:4c:2f:d2:f2:ab:6a:6e:
c3:ef:72:de:fe:1b:4a:07:b7:c9:9a:89:3d:00:7e:84:c5:bd:
e8:9b:6a:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZK5fqTGQC7Z6JYLGVQMOrCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjEzMTMxMDMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTE4ZDIwN2I3NTg3Y2E0MjgxNWE3YmM2YTNjNWMzMDkzODEyMmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3gGJF2YHLg1LdD489iNqooyHnuA3
b2Oqc7pmIWkdAK4iQe1O7hGvrzuLy96HwZXWPiRi0aLbWQxAL5f1WR31JTMMJdPt
IfW8eum3WuYLwi2YdolSUcc66JfvUZidNV29KGdsZf2HPCyWn31QGUhCQ/lQOf3o
1OXr79JyQ6jb+CK5PeiTdMpNXAbJXOXr4MVRhFfahRWLr9WThrCBVVym0FfgFp2V
QLkmI2oRE0XIb3IqOK14klVpQnmzUpX9pmwCmsbHMsHz2bBRe1OMVjQFqOjm3vAG
NG1SDiwv8o1IMa5hUMGKC4ngrtZBwcwmCuMcdoGf/JPGq2L1MUk7IGd2kQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIUY0ge3WHykKBWnvGo8XDCTgSK9MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaFJqU0I3ZFlmS1FvRmFlOGFqeGNNSk9CSXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEHOVIpwksYbCMNfOiTs
lGI/pVUFNMkSI4zInXbCH5ES91BrRGbuqH9wkIhM91rbMmZ/wb5ffPUc/eLL/WHf
FFDykx+N4hCYtR7mkiQO8wUct/M/dWIXfpiNdbrATBrq9gC10b7KQl/ueJrN3hEJ
Rmod5qId/KSc9zRJFPdTfESihUdOr3mDXYGWtl2bpEOQDoP8sSjkoYb1JAJ6tUOH
5aoFm//QzQ6HDLVc5qkxZ4DTbrY8KCVflOtvRTx+1+x7tdcF8qedco5YV0nohpPV
LJqRj0xq1e6W3c3JKHmqaKjRwDqeTC/S8qtqbsPvct7+G0oHt8maiT0AfoTFveib
amI=
-----END CERTIFICATE-----
Generated at Sat May 3 00:01:43 2025 by rpki-client