Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hibl0Kj1rglX2i9nSkS5z4In9p4.roa
File: hibl0Kj1rglX2i9nSkS5z4In9p4.roa (raw, json)
Hash identifier: PfGsAdyXaEjtv+GV/rE3Csq4LFR7peBA8I/tTKO50Dg=
Subject key identifier: 86:26:E5:D0:A8:F5:AE:09:57:DA:2F:67:4A:44:B9:CF:82:27:F6:9E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184CEE31D60E9A8F5C9B2129BB6981774D4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hibl0Kj1rglX2i9nSkS5z4In9p4.roa
Signing time: Thu 01 Dec 2022 18:11:41 +0000
ROA not before: Thu 01 Dec 2022 18:11:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ce:e3:1d:60:e9:a8:f5:c9:b2:12:9b:b6:98:17:74:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 1 18:11:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8626e5d0a8f5ae0957da2f674a44b9cf8227f69e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e4:70:e0:be:8f:b3:69:41:3b:8d:b1:95:d0:
fe:37:b6:cc:90:42:93:78:a2:a0:e2:9a:1e:e4:d7:
40:28:db:a2:69:1a:45:70:4e:e4:1f:36:ff:6e:cf:
95:65:c8:a1:83:9c:22:be:23:83:ef:cd:c9:65:42:
42:5f:7c:22:a8:31:12:67:9a:70:d9:af:b8:fc:ed:
2a:cc:8f:6b:6e:17:10:f6:e8:23:a2:4a:2d:55:eb:
39:32:d6:8b:1a:a8:64:0c:55:be:5b:90:12:e1:3d:
6c:8d:24:8a:2f:93:5c:92:49:01:44:e0:31:07:af:
82:87:82:92:f7:0c:30:5c:4e:53:f0:55:d6:5f:5e:
96:1d:a9:5b:20:9b:72:8d:8a:84:3a:dd:ea:18:ba:
c5:91:35:16:57:37:a0:63:21:ee:9d:80:cd:6a:ab:
be:5f:e9:c7:8e:64:aa:46:55:4a:4b:eb:81:73:0e:
f3:ba:81:30:3e:05:7f:ec:c3:1a:8f:2f:46:cd:dc:
59:04:ea:c8:09:48:46:90:8c:9e:db:ee:c7:8a:5e:
45:df:8f:ad:06:c0:ce:ed:a4:7f:20:57:d9:b9:33:
73:b0:4e:46:50:6a:28:30:e9:72:42:4c:65:ae:af:
6c:fa:d3:06:6b:eb:cf:fb:85:df:48:b5:76:d7:fc:
e9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:26:E5:D0:A8:F5:AE:09:57:DA:2F:67:4A:44:B9:CF:82:27:F6:9E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hibl0Kj1rglX2i9nSkS5z4In9p4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:85:16:2c:bf:d0:92:16:a7:4b:29:34:5f:9e:34:df:16:34:
91:3f:f1:9e:41:f4:4d:58:9a:ae:3c:85:68:f6:82:d2:a1:86:
a8:79:fd:95:93:69:e1:a7:27:23:e0:4a:4f:4e:66:05:3a:d3:
88:dd:50:49:05:e3:f8:6a:86:2d:7e:9c:b3:47:45:81:c5:07:
66:80:48:c3:98:44:09:de:6e:33:66:9c:6c:66:37:c6:84:ec:
e7:63:6b:2a:57:ca:64:3e:a4:8c:9c:fc:1f:f1:4a:fb:52:fe:
84:23:3f:98:a8:02:b6:f3:de:b7:4b:ed:cf:34:d3:1f:b2:a1:
bc:a5:59:ec:41:2d:16:a3:24:a2:fa:c8:c1:49:a0:65:86:2c:
a5:61:db:2c:45:f0:15:30:41:a9:db:98:e2:57:4a:64:d7:77:
69:3b:48:e4:55:37:19:d1:90:b7:03:97:48:16:11:8f:4b:7d:
12:69:f0:00:4c:80:65:17:96:60:b6:ec:af:a8:a9:c3:bf:10:
9f:8d:1c:ec:f7:9d:c2:17:2f:dc:e3:3e:f0:26:68:af:5b:2c:
21:81:0d:db:13:1c:7c:de:9e:8f:79:9f:5f:85:f7:bc:13:e6:
61:39:96:89:2f:09:6e:92:af:5b:31:3b:26:0b:b6:86:98:fe:
85:09:07:9b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTO4x1g6aj1ybISm7aYF3TUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjAxMTgxMTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjI2ZTVkMGE4ZjVhZTA5NTdkYTJmNjc0YTQ0YjljZjgyMjdmNjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeRw4L6Ps2lBO42xldD+N7bMkEKT
eKKg4poe5NdAKNuiaRpFcE7kHzb/bs+VZcihg5wiviOD783JZUJCX3wiqDESZ5pw
2a+4/O0qzI9rbhcQ9ugjokotVes5MtaLGqhkDFW+W5AS4T1sjSSKL5NckkkBROAx
B6+Ch4KS9wwwXE5T8FXWX16WHalbIJtyjYqEOt3qGLrFkTUWVzegYyHunYDNaqu+
X+nHjmSqRlVKS+uBcw7zuoEwPgV/7MMajy9GzdxZBOrICUhGkIye2+7Hil5F34+t
BsDO7aR/IFfZuTNzsE5GUGooMOlyQkxlrq9s+tMGa+vP+4XfSLV21/zpQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIYm5dCo9a4JV9ovZ0pEuc+CJ/aeMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaGlibDBLajFyZ2xYMmk5blNrUzV6NEluOXA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGOFFiy/0JIWp0spNF+e
NN8WNJE/8Z5B9E1Ymq48hWj2gtKhhqh5/ZWTaeGnJyPgSk9OZgU604jdUEkF4/hq
hi1+nLNHRYHFB2aASMOYRAnebjNmnGxmN8aE7OdjaypXymQ+pIyc/B/xSvtS/oQj
P5ioArbz3rdL7c800x+yobylWexBLRajJKL6yMFJoGWGLKVh2yxF8BUwQanbmOJX
SmTXd2k7SORVNxnRkLcDl0gWEY9LfRJp8ABMgGUXlmC27K+oqcO/EJ+NHOz3ncIX
L9zjPvAmaK9bLCGBDdsTHHzeno95n1+F97wT5mE5lokvCW6Sr1sxOyYLtoaY/oUJ
B5s=
-----END CERTIFICATE-----
Generated at Thu May 1 14:27:04 2025 by rpki-client