Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hS5NhvdzFc-ZmA2IKkCwpmAZ-yQ.roa
File: hS5NhvdzFc-ZmA2IKkCwpmAZ-yQ.roa (raw, json)
Hash identifier: dg50LhlLBpy00iD1JvkhRL/3NhvGI0U1J3h3ZsEUYUQ=
Subject key identifier: 85:2E:4D:86:F7:73:15:CF:99:98:0D:88:2A:40:B0:A6:60:19:FB:24
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185E3F1CEDE32AB8620CA98E4F4483B087D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hS5NhvdzFc-ZmA2IKkCwpmAZ-yQ.roa
Signing time: Tue 24 Jan 2023 13:22:33 +0000
ROA not before: Tue 24 Jan 2023 13:22:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e3:f1:ce:de:32:ab:86:20:ca:98:e4:f4:48:3b:08:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 24 13:22:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=852e4d86f77315cf99980d882a40b0a66019fb24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3b:de:99:1b:ce:57:af:3b:6a:54:81:98:66:
6f:67:c2:1d:bf:a1:9b:69:d8:5b:79:62:41:47:b6:
b5:ce:cc:ab:6f:08:a1:4b:af:84:6d:42:2a:78:28:
b3:12:c9:a5:c9:09:38:d7:5e:bb:e1:75:0c:1a:c2:
f8:f5:33:cc:7b:23:d8:7c:e0:a3:8f:7a:9c:62:9b:
36:74:21:80:ee:35:fe:51:0a:11:7d:ab:f3:2b:ca:
09:98:c2:38:5c:49:a9:0c:8d:fc:ea:a6:64:18:44:
bc:6c:35:bf:ce:40:31:ab:67:03:ef:f5:94:87:fa:
6f:b9:97:30:28:08:f5:c2:28:08:24:de:c0:7c:6d:
7c:28:a0:9d:cc:36:27:a1:4d:55:90:4c:24:0d:fc:
cf:05:3e:2c:e8:4b:4e:46:f2:e1:15:fa:ad:35:52:
96:3f:c4:e8:35:a0:03:a9:d0:7c:2d:db:82:37:91:
39:76:69:05:45:e3:5c:a8:f3:03:c8:ac:f5:52:8c:
8a:9b:6c:cc:aa:ec:d7:ec:ab:ea:ac:38:0b:1c:68:
0b:bf:72:27:ca:29:fc:72:89:74:22:74:3b:44:37:
78:b1:d3:82:de:00:e2:1b:00:97:c3:ff:fc:57:ce:
c7:09:6a:4d:bd:4c:53:4d:f4:93:8a:8c:b8:41:8e:
88:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:2E:4D:86:F7:73:15:CF:99:98:0D:88:2A:40:B0:A6:60:19:FB:24
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hS5NhvdzFc-ZmA2IKkCwpmAZ-yQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:6f:c8:5c:ef:ab:3e:56:7f:aa:bb:f8:e9:20:5e:93:56:b1:
78:d7:0a:1e:c4:45:e3:a6:15:7f:7c:8f:59:4f:2f:e3:a0:13:
3d:55:63:4b:56:c6:e3:37:10:b3:e5:03:6e:82:c0:36:83:6a:
bd:8d:80:a2:70:27:a2:74:99:dd:b2:ce:3b:b1:5b:11:2c:e2:
7b:5d:97:6d:80:58:09:8c:3a:1d:54:f8:62:ee:cc:3b:3a:aa:
19:3b:00:e3:fa:d6:52:f2:51:01:18:bf:0a:f0:9e:77:80:31:
96:fc:75:75:19:1d:64:be:93:54:9c:9c:76:2c:f9:d3:2d:e1:
74:f0:98:25:13:cd:cf:d0:53:2c:55:df:c0:2b:c8:0a:f5:09:
e9:5a:cc:d5:10:30:ac:24:bf:c7:3e:65:db:ce:ed:3f:83:6d:
61:81:57:3a:4d:96:44:33:7b:7d:4d:c1:33:e0:7c:91:84:4b:
a3:90:f1:33:d1:8a:c0:22:6f:60:54:e6:ce:ad:9c:59:b7:f7:
35:eb:a6:d4:d8:e4:de:7e:5e:71:7f:88:25:78:b3:e2:8b:3d:
d2:57:56:75:27:51:c6:70:18:c2:07:0b:20:7d:06:67:c4:48:
66:91:52:b9:ce:e2:40:3e:7e:b9:7e:48:ba:0b:da:88:a9:56:
32:3d:58:85
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXj8c7eMquGIMqY5PRIOwh9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTI0MTMyMjMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTJlNGQ4NmY3NzMxNWNmOTk5ODBkODgyYTQwYjBhNjYwMTlmYjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTvemRvOV687alSBmGZvZ8Idv6Gb
adhbeWJBR7a1zsyrbwihS6+EbUIqeCizEsmlyQk411674XUMGsL49TPMeyPYfOCj
j3qcYps2dCGA7jX+UQoRfavzK8oJmMI4XEmpDI386qZkGES8bDW/zkAxq2cD7/WU
h/pvuZcwKAj1wigIJN7AfG18KKCdzDYnoU1VkEwkDfzPBT4s6EtORvLhFfqtNVKW
P8ToNaADqdB8LduCN5E5dmkFReNcqPMDyKz1UoyKm2zMquzX7KvqrDgLHGgLv3In
yin8col0InQ7RDd4sdOC3gDiGwCXw//8V87HCWpNvUxTTfSTioy4QY6IzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIUuTYb3cxXPmZgNiCpAsKZgGfskMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaFM1Tmh2ZHpGYy1abUEySUtrQ3dwbUFaLXlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABJvyFzvqz5Wf6q7+Okg
XpNWsXjXCh7EReOmFX98j1lPL+OgEz1VY0tWxuM3ELPlA26CwDaDar2NgKJwJ6J0
md2yzjuxWxEs4ntdl22AWAmMOh1U+GLuzDs6qhk7AOP61lLyUQEYvwrwnneAMZb8
dXUZHWS+k1ScnHYs+dMt4XTwmCUTzc/QUyxV38AryAr1CelazNUQMKwkv8c+ZdvO
7T+DbWGBVzpNlkQze31NwTPgfJGES6OQ8TPRisAib2BU5s6tnFm39zXrptTY5N5+
XnF/iCV4s+KLPdJXVnUnUcZwGMIHCyB9BmfESGaRUrnO4kA+frl+SLoL2oipVjI9
WIU=
-----END CERTIFICATE-----
Generated at Thu May 1 00:08:13 2025 by rpki-client