Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/h_0TTuk6f7lgc43iMgAsli3jDVs.roa
File: h_0TTuk6f7lgc43iMgAsli3jDVs.roa (raw, json)
Hash identifier: 3p3BoPje865i/Q5CGw3+Df+wir6FmpbtejmF6oHNRmo=
Subject key identifier: 87:FD:13:4E:E9:3A:7F:B9:60:73:8D:E2:32:00:2C:96:2D:E3:0D:5B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 7F3F66E0
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/h_0TTuk6f7lgc43iMgAsli3jDVs.roa
Signing time: Thu 28 Apr 2022 12:10:48 +0000
ROA not before: Thu 28 Apr 2022 12:10:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2134861536 (0x7f3f66e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 28 12:10:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87fd134ee93a7fb960738de232002c962de30d5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e9:35:23:03:c6:1d:cb:5a:77:32:ac:04:aa:
0f:87:42:3f:a8:a2:18:b5:4f:59:ac:20:9b:e0:4b:
c3:fb:cd:0d:15:c3:3f:a9:91:89:5c:b0:30:52:11:
96:78:45:fa:b8:f5:4f:6a:cc:e4:78:b5:91:4c:0a:
99:da:aa:a4:67:0c:92:05:3c:02:91:73:ac:cb:0b:
d5:7b:b9:e9:b7:9b:e1:13:ec:a4:f2:cc:f9:f0:b8:
d2:fb:d2:fc:5d:99:66:e2:4d:40:d2:df:bb:fa:8d:
cd:cf:df:d4:e1:e5:71:f1:54:48:ac:65:e4:81:df:
b3:8f:90:30:a7:8a:44:69:34:ba:3e:b3:35:e5:58:
f4:19:98:ed:f4:b3:35:36:8e:fb:0f:94:f1:83:c3:
1a:05:79:4b:d1:76:f9:5a:a6:3c:67:d7:80:95:fd:
95:e2:ee:e3:04:4e:08:31:6d:be:dd:80:73:80:d0:
b4:aa:82:01:a8:41:1a:69:99:c6:3e:54:69:5c:0d:
53:3a:53:b2:97:95:f6:41:b5:10:ee:f2:e2:d9:c2:
d1:bb:97:0e:6f:91:8d:61:cb:6b:3f:5e:9c:8b:df:
82:bf:a8:5c:93:4a:06:d3:7b:7a:07:8e:04:7a:58:
16:d9:ee:a5:95:0a:8f:5c:19:1f:c0:1b:93:16:3b:
72:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:FD:13:4E:E9:3A:7F:B9:60:73:8D:E2:32:00:2C:96:2D:E3:0D:5B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/h_0TTuk6f7lgc43iMgAsli3jDVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
07:33:c2:88:50:8a:b6:4e:8a:6c:87:1f:bd:9c:df:d2:85:1a:
c4:72:5e:89:3e:9b:b8:82:ad:3e:58:c6:e5:56:97:e1:f8:4d:
12:03:ee:58:a9:31:87:a1:4b:29:76:07:c7:2a:76:a4:27:ec:
3d:6b:36:20:0a:b9:c2:5e:60:60:53:68:fa:07:d4:d5:1e:24:
c8:4e:e9:9a:23:23:da:13:64:fd:91:ec:58:fa:88:63:2c:97:
d0:24:17:ca:e7:7f:9b:95:ee:f9:fc:e6:32:22:92:6b:87:28:
3b:db:c6:a0:fe:fe:80:12:fc:da:67:40:6f:aa:c5:69:23:12:
e2:bb:b3:43:f8:14:2f:80:c6:11:36:77:ca:cb:7e:d0:31:42:
81:55:63:99:91:5b:8c:94:4d:3e:ba:ee:bb:b4:3c:30:e4:ff:
14:80:35:99:c1:af:f2:29:0a:9b:53:e4:9f:f4:2e:41:4e:a2:
07:c3:25:99:bd:46:61:be:95:84:dc:2f:1a:cd:f1:fd:af:86:
aa:76:a8:00:b5:0f:31:58:51:0d:7d:8f:bf:16:61:b6:58:86:
b1:83:41:1a:90:e1:d9:ce:80:46:03:4c:58:31:c1:bd:85:0d:
2b:66:0e:06:59:31:35:2b:b2:2c:78:0b:ac:27:d0:26:46:20:
66:c1:20:7c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEfz9m4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDQy
ODEyMTA0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODdmZDEzNGVlOTNh
N2ZiOTYwNzM4ZGUyMzIwMDJjOTYyZGUzMGQ1YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALzpNSMDxh3LWncyrASqD4dCP6iiGLVPWawgm+BLw/vNDRXD
P6mRiVywMFIRlnhF+rj1T2rM5Hi1kUwKmdqqpGcMkgU8ApFzrMsL1Xu56beb4RPs
pPLM+fC40vvS/F2ZZuJNQNLfu/qNzc/f1OHlcfFUSKxl5IHfs4+QMKeKRGk0uj6z
NeVY9BmY7fSzNTaO+w+U8YPDGgV5S9F2+VqmPGfXgJX9leLu4wROCDFtvt2Ac4DQ
tKqCAahBGmmZxj5UaVwNUzpTspeV9kG1EO7y4tnC0buXDm+RjWHLaz9enIvfgr+o
XJNKBtN7egeOBHpYFtnupZUKj1wZH8AbkxY7cgsCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSH/RNO6Tp/uWBzjeIyACyWLeMNWzAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L2hfMFRUdWs2ZjdsZ2M0M2lNZ0FzbGkzakRWcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQAHM8KIUIq2Topshx+9nN/ShRrEcl6JPpu4gq0+
WMblVpfh+E0SA+5YqTGHoUspdgfHKnakJ+w9azYgCrnCXmBgU2j6B9TVHiTITuma
IyPaE2T9kexY+ohjLJfQJBfK53+ble75/OYyIpJrhyg728ag/v6AEvzaZ0BvqsVp
IxLiu7ND+BQvgMYRNnfKy37QMUKBVWOZkVuMlE0+uu67tDww5P8UgDWZwa/yKQqb
U+Sf9C5BTqIHwyWZvUZhvpWE3C8azfH9r4aqdqgAtQ8xWFENfY+/FmG2WIaxg0Ea
kOHZzoBGA0xYMcG9hQ0rZg4GWTE1K7IseAusJ9AmRiBmwSB8
-----END CERTIFICATE-----
Generated at Thu May 1 09:08:29 2025 by rpki-client