Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hXkmb8geI1ZG1LnS9loc2pVo28s.roa
File: hXkmb8geI1ZG1LnS9loc2pVo28s.roa (raw, json)
Hash identifier: mjvSDTuvDT4VilmqZbf/i2hhqjs4ZQ5xEFCb28GLrEI=
Subject key identifier: 85:79:26:6F:C8:1E:23:56:46:D4:B9:D2:F6:5A:1C:DA:95:68:DB:CB
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 77D067DF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hXkmb8geI1ZG1LnS9loc2pVo28s.roa
Signing time: Sat 02 Apr 2022 15:09:12 +0000
ROA not before: Sat 02 Apr 2022 15:09:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2010146783 (0x77d067df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 2 15:09:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8579266fc81e235646d4b9d2f65a1cda9568dbcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:65:ff:ed:53:50:c1:28:e2:50:0d:58:5b:ab:
f0:a6:4f:5c:8d:57:d7:40:06:4e:63:5c:0f:ae:8b:
84:47:c6:73:9e:43:0d:7c:cc:61:59:2e:d8:7f:e6:
d9:2b:9a:46:8b:cb:ea:0b:be:39:36:cf:9e:d3:43:
2b:f6:cc:2c:f0:1e:93:23:f3:0d:d1:8e:16:12:1f:
bb:20:cb:8f:21:f7:71:8e:c5:70:6f:c9:9b:5b:dd:
f5:33:24:75:d8:d0:48:e8:4a:8e:76:37:2c:21:90:
e7:9c:2b:20:2e:eb:f8:0f:34:eb:b9:45:b0:ac:76:
b4:63:43:71:b1:17:1a:31:b0:23:d1:c6:e1:75:39:
cd:69:83:2d:ba:f0:94:62:bb:f7:3a:d4:0c:a9:e7:
bb:d2:a4:2e:14:d2:84:f9:e2:db:1e:01:fe:4c:91:
d2:69:19:4c:31:21:35:62:06:80:47:a5:6d:87:af:
ac:9a:23:86:0e:47:6e:95:5b:7a:21:66:bb:27:62:
71:9f:0c:56:45:63:c8:fc:47:62:94:7f:2e:dd:de:
59:8f:7b:b6:90:6f:28:e1:ad:ab:ae:50:f5:a5:be:
16:76:cd:c4:4d:91:cc:98:55:4a:0a:a6:67:0f:d3:
a7:8e:8b:3a:29:22:9a:b3:6f:88:52:63:29:20:b0:
c8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:79:26:6F:C8:1E:23:56:46:D4:B9:D2:F6:5A:1C:DA:95:68:DB:CB
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hXkmb8geI1ZG1LnS9loc2pVo28s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:ce:5e:bb:a0:86:b3:a4:aa:c6:11:1b:5a:f7:06:42:30:c6:
fc:f7:8c:0e:b1:4e:49:d4:bb:a4:2f:a6:c9:d4:a3:ae:1f:82:
b8:7a:c1:2c:85:59:e4:03:c0:6a:13:62:dd:21:4c:ff:b6:0d:
c1:79:7d:f1:67:1d:4e:1c:f3:6a:4e:93:99:44:0e:54:ff:b0:
36:36:c0:55:5e:fd:bd:99:1c:6c:e9:05:10:7a:98:03:9d:9e:
98:d1:68:e2:ae:14:b1:72:c5:bc:f6:b0:a2:64:82:16:d3:51:
73:fd:72:d6:f7:14:d5:10:aa:28:01:f8:6a:05:e4:94:c0:c7:
76:d0:b2:6c:af:fc:5f:ae:ec:2e:ae:9c:02:05:c3:76:24:af:
7d:63:23:20:b0:9e:a6:65:d2:62:16:bd:68:f8:5a:d7:fb:6f:
34:8f:d6:9d:d0:39:de:79:dd:24:31:6b:64:da:e5:a7:13:2e:
4d:0f:07:65:71:d1:78:81:b8:f1:da:7d:cf:fc:56:8a:2b:ee:
53:21:cc:e8:3c:b0:64:3f:56:9a:24:35:58:ac:9e:dc:da:9d:
2a:df:88:f3:44:dd:dc:9b:b4:19:8c:5d:11:e5:2f:aa:b9:2d:
f9:08:18:ab:b7:f4:7a:ed:f3:8c:49:f5:be:98:57:dd:72:39:
c0:22:82:bd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEd9Bn3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDQw
MjE1MDkxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODU3OTI2NmZjODFl
MjM1NjQ2ZDRiOWQyZjY1YTFjZGE5NTY4ZGJjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxl/+1TUMEo4lANWFur8KZPXI1X10AGTmNcD66LhEfGc55D
DXzMYVku2H/m2SuaRovL6gu+OTbPntNDK/bMLPAekyPzDdGOFhIfuyDLjyH3cY7F
cG/Jm1vd9TMkddjQSOhKjnY3LCGQ55wrIC7r+A8067lFsKx2tGNDcbEXGjGwI9HG
4XU5zWmDLbrwlGK79zrUDKnnu9KkLhTShPni2x4B/kyR0mkZTDEhNWIGgEelbYev
rJojhg5HbpVbeiFmuydicZ8MVkVjyPxHYpR/Lt3eWY97tpBvKOGtq65Q9aW+FnbN
xE2RzJhVSgqmZw/Tp46LOikimrNviFJjKSCwyDkCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSFeSZvyB4jVkbUudL2WhzalWjbyzAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L2hYa21iOGdlSTFaRzFMblM5bG9jMnBWbzI4cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQAzzl67oIazpKrGERta9wZCMMb894wOsU5J1Luk
L6bJ1KOuH4K4esEshVnkA8BqE2LdIUz/tg3BeX3xZx1OHPNqTpOZRA5U/7A2NsBV
Xv29mRxs6QUQepgDnZ6Y0WjirhSxcsW89rCiZIIW01Fz/XLW9xTVEKooAfhqBeSU
wMd20LJsr/xfruwurpwCBcN2JK99YyMgsJ6mZdJiFr1o+FrX+280j9ad0Dneed0k
MWtk2uWnEy5NDwdlcdF4gbjx2n3P/FaKK+5TIczoPLBkP1aaJDVYrJ7c2p0q34jz
RN3cm7QZjF0R5S+quS35CBirt/R67fOMSfW+mFfdcjnAIoK9
-----END CERTIFICATE-----
Generated at Thu May 1 09:43:13 2025 by rpki-client