Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hmf8vqJaEZxiKw53O9KO7xiP38k.roa
File: hmf8vqJaEZxiKw53O9KO7xiP38k.roa (raw, json)
Hash identifier: ts4Ob3mvkqmEGZpG8e7hOYdmOoM3LZydoVWQRvTKhJ4=
Subject key identifier: 86:67:FC:BE:A2:5A:11:9C:62:2B:0E:77:3B:D2:8E:EF:18:8F:DF:C9
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01869970B47BD503AFC8F6A75FE58E641ABB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hmf8vqJaEZxiKw53O9KO7xiP38k.roa
Signing time: Tue 28 Feb 2023 19:12:25 +0000
ROA not before: Tue 28 Feb 2023 19:12:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:99:70:b4:7b:d5:03:af:c8:f6:a7:5f:e5:8e:64:1a:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 28 19:12:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8667fcbea25a119c622b0e773bd28eef188fdfc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:09:ae:01:23:6f:42:4b:03:9e:04:49:d5:b7:
1a:b0:3b:64:68:a8:90:35:f1:01:c0:7c:8e:98:cf:
ad:37:4f:c0:60:47:bf:08:0d:63:27:78:98:a9:76:
b5:90:7d:fb:e7:d0:d6:ff:d6:59:5c:f6:51:c1:d2:
ee:7e:41:9a:cd:48:8e:be:f3:48:75:7c:a9:ab:99:
34:65:24:53:2f:fc:44:1f:ca:30:df:3e:2c:95:ed:
fc:07:03:cc:80:6c:7b:f4:9a:76:ca:3f:08:d7:e9:
64:8e:85:01:28:97:c9:05:58:56:ac:b2:7a:5f:60:
31:cb:17:dc:06:64:7a:47:3d:0d:2f:cd:01:7f:f5:
02:03:40:49:32:62:2a:cf:b7:79:ba:85:f2:44:ed:
2e:cc:61:c5:fe:77:ad:3d:3e:3f:d4:0d:55:3c:39:
b4:be:62:93:a9:45:7d:53:d4:aa:33:ba:93:84:fe:
c9:58:9f:6c:32:7a:b3:38:a4:3b:cc:b7:eb:e0:19:
b1:1e:e4:38:74:80:8e:6e:a0:ea:91:48:dc:99:08:
63:d4:90:1b:4e:dc:1f:9f:a9:81:c2:a5:cd:3e:27:
f5:1c:01:7c:a2:8e:41:d8:d1:3b:62:db:2c:0d:25:
ef:fb:e6:9b:3e:cc:16:97:bc:e8:45:8a:20:90:ae:
f6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:67:FC:BE:A2:5A:11:9C:62:2B:0E:77:3B:D2:8E:EF:18:8F:DF:C9
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hmf8vqJaEZxiKw53O9KO7xiP38k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:d2:57:89:fb:18:54:39:2f:08:22:13:ad:56:e1:37:53:73:
c9:8b:28:4d:fe:f1:44:35:2c:42:1d:d2:90:87:6b:0e:ad:ce:
92:5e:83:4f:e3:cd:c4:e3:07:e5:3d:06:d9:e8:4a:56:9d:ca:
44:be:07:f2:d2:b9:78:01:38:70:46:9d:09:40:ba:ce:54:b5:
bb:45:76:9b:be:d5:0a:e2:15:7b:8e:ed:fe:5e:41:8e:3e:e3:
08:d6:5e:10:1e:24:5d:d7:65:d5:19:d8:15:e4:44:27:b9:ec:
63:4d:30:68:a3:22:04:c7:c4:d7:ab:22:07:26:99:7f:8d:c3:
39:1b:e9:46:1f:a8:14:07:b6:cc:68:0d:a4:c5:59:dc:87:97:
62:7f:43:99:94:50:f8:b9:87:b7:52:11:30:33:a8:64:d2:0c:
8c:ba:12:30:1a:be:f2:3f:89:b0:85:39:d4:3c:b2:6a:41:59:
95:ce:42:08:7d:9d:f8:22:cf:fc:a2:27:f8:9f:b5:6e:63:35:
b1:fe:11:cf:1a:b5:52:58:6e:29:27:90:03:3b:1b:97:fb:bc:
77:a5:82:90:50:9f:f5:78:7c:75:74:63:9e:42:df:75:fe:cf:
b2:67:20:5b:86:bd:8c:b8:fd:da:1c:41:69:8c:9b:45:3a:e2:
58:ca:a2:4f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaZcLR71QOvyPanX+WOZBq7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI4MTkxMjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjY3ZmNiZWEyNWExMTljNjIyYjBlNzczYmQyOGVlZjE4OGZkZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwmuASNvQksDngRJ1bcasDtkaKiQ
NfEBwHyOmM+tN0/AYEe/CA1jJ3iYqXa1kH3759DW/9ZZXPZRwdLufkGazUiOvvNI
dXypq5k0ZSRTL/xEH8ow3z4sle38BwPMgGx79Jp2yj8I1+lkjoUBKJfJBVhWrLJ6
X2AxyxfcBmR6Rz0NL80Bf/UCA0BJMmIqz7d5uoXyRO0uzGHF/netPT4/1A1VPDm0
vmKTqUV9U9SqM7qThP7JWJ9sMnqzOKQ7zLfr4BmxHuQ4dICObqDqkUjcmQhj1JAb
Ttwfn6mBwqXNPif1HAF8oo5B2NE7YtssDSXv++abPswWl7zoRYogkK72iwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIZn/L6iWhGcYisOdzvSju8Yj9/JMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaG1mOHZxSmFFWnhpS3c1M085S083eGlQMzhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGbSV4n7GFQ5LwgiE61W
4TdTc8mLKE3+8UQ1LEId0pCHaw6tzpJeg0/jzcTjB+U9BtnoSladykS+B/LSuXgB
OHBGnQlAus5UtbtFdpu+1QriFXuO7f5eQY4+4wjWXhAeJF3XZdUZ2BXkRCe57GNN
MGijIgTHxNerIgcmmX+Nwzkb6UYfqBQHtsxoDaTFWdyHl2J/Q5mUUPi5h7dSETAz
qGTSDIy6EjAavvI/ibCFOdQ8smpBWZXOQgh9nfgiz/yiJ/iftW5jNbH+Ec8atVJY
biknkAM7G5f7vHelgpBQn/V4fHV0Y55C33X+z7JnIFuGvYy4/docQWmMm0U64ljK
ok8=
-----END CERTIFICATE-----
Generated at Thu May 1 02:53:10 2025 by rpki-client