Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hZ60wNSUWoC498EMc246iqA7mhY.roa
File: hZ60wNSUWoC498EMc246iqA7mhY.roa (raw, json)
Hash identifier: NCqGgdaDibjE1WgupMiC7qGxKvIqT/YWYJpLuuv5zUU=
Subject key identifier: 85:9E:B4:C0:D4:94:5A:80:B8:F7:C1:0C:73:6E:3A:8A:A0:3B:9A:16
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01893E703DDC0E0B5E366DF64CA5C5ECE3A9
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hZ60wNSUWoC498EMc246iqA7mhY.roa
Signing time: Mon 10 Jul 2023 06:14:50 +0000
ROA not before: Mon 10 Jul 2023 06:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3e:70:3d:dc:0e:0b:5e:36:6d:f6:4c:a5:c5:ec:e3:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 10 06:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=859eb4c0d4945a80b8f7c10c736e3a8aa03b9a16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:3e:51:19:ec:f8:b4:30:4d:ce:f3:ae:8a:61:
0a:71:09:6e:45:7d:ea:52:fd:05:54:bd:87:63:20:
0d:a8:24:b4:ba:92:a9:01:2e:3a:71:61:b4:38:1d:
ae:ce:bd:37:cd:8a:c0:cd:64:28:a1:8c:d6:05:f3:
87:76:16:c8:ba:92:ae:be:6a:cb:4a:e7:c8:c0:f4:
96:ea:8c:28:eb:4e:7f:a4:32:fb:57:b4:15:e8:62:
48:95:44:d9:59:03:06:fa:ea:cc:fb:97:69:39:2a:
70:01:c2:8c:63:57:ad:3e:94:68:18:05:c6:28:d2:
e2:1f:75:6a:98:1a:43:80:1b:eb:cd:78:8c:50:73:
0c:c8:94:15:92:15:5d:bb:d3:ac:f1:9c:3b:82:bb:
ae:1f:fc:0a:a2:a5:19:06:7c:c5:ab:7e:eb:88:64:
74:d4:0e:22:c4:1a:6c:65:70:67:98:4c:77:9e:a7:
0c:c4:3c:36:a5:b9:2d:5f:be:5b:0b:2f:54:8e:32:
95:c1:88:53:f3:bd:2c:26:fd:b1:ee:c7:ee:38:a3:
fa:4a:b7:ea:8b:bc:02:11:de:4c:70:96:7f:20:81:
25:b2:c1:72:0a:84:10:cb:5c:63:c7:8a:43:38:f6:
08:b3:97:d2:91:6d:e4:ab:48:a8:ee:5f:b7:aa:1d:
e8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:9E:B4:C0:D4:94:5A:80:B8:F7:C1:0C:73:6E:3A:8A:A0:3B:9A:16
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hZ60wNSUWoC498EMc246iqA7mhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:97:0a:4b:4f:2f:77:d7:71:e9:2f:ae:1f:cd:4b:33:c6:e4:
b3:66:e2:36:d2:86:3e:34:19:e2:96:67:25:0f:64:6d:13:0b:
0a:67:96:62:ed:04:89:19:7d:55:6a:a2:64:24:1f:38:61:26:
a1:ea:e6:b5:26:5d:09:fb:29:7e:e9:7e:0e:37:e2:60:a3:75:
76:99:3a:cb:ed:e9:66:42:c8:49:cb:54:46:c7:be:4a:6b:ea:
df:cb:be:6c:60:5c:7c:95:6e:c2:1f:0f:ae:df:95:1d:61:79:
67:5a:13:de:2b:b5:97:24:9c:97:11:76:10:cf:2c:43:b6:a1:
c6:4e:2d:0a:77:81:9d:b7:4c:f8:55:cc:c3:f5:13:84:5b:a5:
17:a2:e9:a9:3a:c5:34:62:55:31:8d:6d:96:8f:68:0c:2b:01:
1e:2a:40:02:bb:0f:d6:87:d0:e4:e7:cd:aa:ea:1f:31:87:5c:
08:90:71:0a:3f:d4:52:a9:f6:7f:91:95:16:b7:b6:9c:41:e9:
7b:fc:aa:75:ba:2e:ef:e8:8a:71:26:7a:c4:9e:ca:ac:9c:35:
a5:30:e2:ba:8b:72:af:8d:c1:93:36:03:1b:cc:e2:e4:44:6f:
a0:5d:ec:3b:9a:3b:aa:a9:d3:a8:82:86:76:79:9e:37:10:90:
f7:5a:b3:87
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYk+cD3cDgteNm32TKXF7OOpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzEwMDYxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTllYjRjMGQ0OTQ1YTgwYjhmN2MxMGM3MzZlM2E4YWEwM2I5YTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxT5RGez4tDBNzvOuimEKcQluRX3q
Uv0FVL2HYyANqCS0upKpAS46cWG0OB2uzr03zYrAzWQooYzWBfOHdhbIupKuvmrL
SufIwPSW6owo605/pDL7V7QV6GJIlUTZWQMG+urM+5dpOSpwAcKMY1etPpRoGAXG
KNLiH3VqmBpDgBvrzXiMUHMMyJQVkhVdu9Os8Zw7gruuH/wKoqUZBnzFq37riGR0
1A4ixBpsZXBnmEx3nqcMxDw2pbktX75bCy9UjjKVwYhT870sJv2x7sfuOKP6Srfq
i7wCEd5McJZ/IIElssFyCoQQy1xjx4pDOPYIs5fSkW3kq0io7l+3qh3oeQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIWetMDUlFqAuPfBDHNuOoqgO5oWMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaFo2MHdOU1VXb0M0OThFTWMyNDZpcUE3bWhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADOXCktPL3fXcekvrh/N
SzPG5LNm4jbShj40GeKWZyUPZG0TCwpnlmLtBIkZfVVqomQkHzhhJqHq5rUmXQn7
KX7pfg434mCjdXaZOsvt6WZCyEnLVEbHvkpr6t/LvmxgXHyVbsIfD67flR1heWda
E94rtZcknJcRdhDPLEO2ocZOLQp3gZ23TPhVzMP1E4RbpRei6ak6xTRiVTGNbZaP
aAwrAR4qQAK7D9aH0OTnzarqHzGHXAiQcQo/1FKp9n+RlRa3tpxB6Xv8qnW6Lu/o
inEmesSeyqycNaUw4rqLcq+NwZM2AxvM4uREb6Bd7DuaO6qp06iChnZ5njcQkPda
s4c=
-----END CERTIFICATE-----
Generated at Sun May 4 11:25:24 2025 by rpki-client