Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hq4vJlISrDVNWIfA2jN6OsNI0JA.roa
File: hq4vJlISrDVNWIfA2jN6OsNI0JA.roa (raw, json)
Hash identifier: N/b+aKCbYGAptAGPyFrRUKOrMLjNxGeCbziQUCpe3Yw=
Subject key identifier: 86:AE:2F:26:52:12:AC:35:4D:58:87:C0:DA:33:7A:3A:C3:48:D0:90
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A42BE07501478A7FEFC49C31F4712913C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hq4vJlISrDVNWIfA2jN6OsNI0JA.roa
Signing time: Tue 29 Aug 2023 19:21:04 +0000
ROA not before: Tue 29 Aug 2023 19:21:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:42:be:07:50:14:78:a7:fe:fc:49:c3:1f:47:12:91:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 29 19:21:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86ae2f265212ac354d5887c0da337a3ac348d090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:2d:4b:01:1c:86:1e:5f:3d:67:24:30:a8:60:
fb:b6:9e:84:b0:c5:48:f7:95:d3:72:34:3a:0e:4e:
aa:ce:14:49:ea:cd:2b:fd:23:e7:90:30:76:0c:1e:
4d:81:c7:3b:05:d7:76:0c:fe:0c:30:1b:6d:b7:d6:
e9:6c:4e:9d:cf:81:95:c4:6e:fe:bc:43:dd:57:f8:
17:13:56:8f:ad:0d:c8:c5:a9:82:dd:cf:67:ea:92:
fb:c2:83:33:01:e9:2a:9e:0e:6f:92:e5:27:ac:c4:
08:1c:65:0e:ec:a0:28:22:af:aa:d8:c9:17:19:27:
90:d0:8d:e1:9f:a7:ec:31:93:06:26:4b:fc:97:37:
bc:2d:ee:24:4e:6e:f7:b4:1e:31:44:57:5a:46:17:
10:63:0e:21:04:06:a8:e9:40:0e:84:2e:75:2b:98:
96:70:cd:3e:4b:1e:65:30:21:92:b3:a5:35:bf:37:
a5:65:ca:6b:26:46:fd:84:1c:81:44:91:57:1f:fc:
58:60:63:d2:5f:cd:40:76:21:b8:2e:21:55:2d:e0:
82:19:c5:cd:62:cf:12:37:38:01:c8:05:48:86:eb:
bc:f6:1b:28:7a:04:f0:51:89:70:1f:7e:2b:22:ca:
86:1a:a5:b2:5e:4a:d2:ea:d7:e3:81:05:87:36:5f:
87:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:AE:2F:26:52:12:AC:35:4D:58:87:C0:DA:33:7A:3A:C3:48:D0:90
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hq4vJlISrDVNWIfA2jN6OsNI0JA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
43:1b:24:3c:ca:21:cd:7e:1d:9f:89:1b:d4:4b:a2:68:85:48:
36:b5:e8:74:76:ea:88:73:f8:f3:16:57:ba:76:0f:b0:19:ec:
da:37:44:ce:d7:48:cc:90:cf:f3:ac:5f:3b:ae:eb:10:03:27:
3a:72:d7:e1:4a:39:e6:d3:97:df:74:93:b7:3d:d5:5a:ec:64:
54:2f:9c:6f:9a:7a:9c:73:a8:33:c5:60:7a:aa:a5:b5:a7:2d:
37:38:13:28:d2:82:1e:40:f8:9f:c3:9d:e9:1f:73:52:c0:06:
92:b7:71:e6:13:d8:17:ad:5d:81:ad:58:8d:8c:a5:85:d0:98:
85:ef:43:ce:d8:53:da:85:e9:36:f5:1f:2b:6d:87:80:56:45:
91:e1:14:bc:df:c9:b0:e2:63:4c:da:7d:78:3d:ad:ed:48:d3:
c2:6c:f4:39:1c:d7:28:dd:4a:79:af:8e:9b:2f:14:27:78:cc:
a0:76:1e:30:df:60:0d:40:7d:ce:4a:a6:cf:a0:a5:b0:7b:24:
24:73:81:63:02:27:00:db:3c:db:2e:f7:e6:c4:15:07:be:86:
48:c4:c9:06:43:67:7d:b8:fe:ee:1d:a1:05:b2:03:3b:1d:b9:
b1:44:0b:0a:d2:0b:a5:f9:6f:ba:ec:29:fa:18:c1:4c:35:6b:
54:b0:b1:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpCvgdQFHin/vxJwx9HEpE8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI5MTkyMTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmFlMmYyNjUyMTJhYzM1NGQ1ODg3YzBkYTMzN2EzYWMzNDhkMDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlS1LARyGHl89ZyQwqGD7tp6EsMVI
95XTcjQ6Dk6qzhRJ6s0r/SPnkDB2DB5Ngcc7Bdd2DP4MMBttt9bpbE6dz4GVxG7+
vEPdV/gXE1aPrQ3IxamC3c9n6pL7woMzAekqng5vkuUnrMQIHGUO7KAoIq+q2MkX
GSeQ0I3hn6fsMZMGJkv8lze8Le4kTm73tB4xRFdaRhcQYw4hBAao6UAOhC51K5iW
cM0+Sx5lMCGSs6U1vzelZcprJkb9hByBRJFXH/xYYGPSX81AdiG4LiFVLeCCGcXN
Ys8SNzgByAVIhuu89hsoegTwUYlwH34rIsqGGqWyXkrS6tfjgQWHNl+H9QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIauLyZSEqw1TViHwNozejrDSNCQMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaHE0dkpsSVNyRFZOV0lmQTJqTjZPc05JMEpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEMbJDzKIc1+HZ+JG9RL
omiFSDa16HR26ohz+PMWV7p2D7AZ7No3RM7XSMyQz/OsXzuu6xADJzpy1+FKOebT
l990k7c91VrsZFQvnG+aepxzqDPFYHqqpbWnLTc4EyjSgh5A+J/Dnekfc1LABpK3
ceYT2BetXYGtWI2MpYXQmIXvQ87YU9qF6Tb1Hytth4BWRZHhFLzfybDiY0zafXg9
re1I08Js9Dkc1yjdSnmvjpsvFCd4zKB2HjDfYA1Afc5Kps+gpbB7JCRzgWMCJwDb
PNsu9+bEFQe+hkjEyQZDZ324/u4doQWyAzsdubFECwrSC6X5b7rsKfoYwUw1a1Sw
seE=
-----END CERTIFICATE-----
Generated at Thu May 1 06:48:12 2025 by rpki-client