Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hrO6TpVn9TCZqUEr-LQhQEmql5Q.roa
File: hrO6TpVn9TCZqUEr-LQhQEmql5Q.roa (raw, json)
Hash identifier: kQM5WGgcqE5WweDEcVev25AT4DU7Bc+UATL9HrOy95c=
Subject key identifier: 86:B3:BA:4E:95:67:F5:30:99:A9:41:2B:F8:B4:21:40:49:AA:97:94
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189AD24F2585C7FA3541ABF670DC5141565
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hrO6TpVn9TCZqUEr-LQhQEmql5Q.roa
Signing time: Mon 31 Jul 2023 18:10:26 +0000
ROA not before: Mon 31 Jul 2023 18:10:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ad:24:f2:58:5c:7f:a3:54:1a:bf:67:0d:c5:14:15:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 31 18:10:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86b3ba4e9567f53099a9412bf8b4214049aa9794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:74:77:09:a1:94:65:0f:8d:07:c2:30:0a:b6:
af:79:a5:8f:5e:bc:5d:d9:67:da:9b:5c:f6:28:64:
ae:a9:9a:60:67:4c:b1:b3:02:95:29:5d:fd:e6:f4:
9e:e6:ae:a2:fd:e6:44:cf:2c:c8:b0:f9:6e:fe:76:
c3:45:5c:65:26:e8:6d:54:6e:b6:88:80:f6:ce:de:
45:18:c5:05:1e:57:df:ac:02:ac:35:5e:a5:02:fe:
b3:02:5f:2d:36:a8:a0:bc:39:76:fa:32:bc:a2:93:
69:1f:d8:1a:f5:d5:3d:56:ff:91:52:6c:d3:60:c9:
11:5e:32:2d:aa:d7:a4:06:44:47:e6:32:8f:e8:d6:
47:bd:ca:5b:08:f8:67:a5:aa:7c:77:56:84:2d:af:
11:9a:52:77:82:84:b9:cd:91:c9:d7:86:94:ee:a2:
09:fd:82:83:88:63:e0:31:25:f3:81:a1:14:e6:4b:
75:73:9e:aa:dc:7d:ff:a1:a8:e6:e7:a3:58:1a:cf:
98:63:86:d3:f6:a8:bb:fc:9d:86:5c:0d:d9:74:27:
54:c0:03:49:a5:d3:be:18:3b:02:23:73:79:27:2b:
75:16:bd:43:19:00:de:61:e8:1b:7b:c3:f2:e8:49:
fa:28:c8:cd:5d:c0:72:89:6c:01:fb:bd:e5:8b:d1:
1c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B3:BA:4E:95:67:F5:30:99:A9:41:2B:F8:B4:21:40:49:AA:97:94
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hrO6TpVn9TCZqUEr-LQhQEmql5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b5:9d:70:95:df:c0:1c:d6:48:f7:38:59:e2:78:6c:83:76:db:
93:ca:4f:96:1b:55:95:9d:2a:15:e3:fb:03:6e:56:2e:de:48:
a8:a2:35:e5:21:3d:7a:4c:22:0b:36:10:68:97:e5:e3:9f:9c:
7e:bc:85:76:5c:5d:c5:43:a1:d4:df:18:a9:cd:8b:e5:b1:60:
2e:dc:8b:35:d6:49:0c:8e:cb:95:2e:f9:1b:16:a6:b9:70:66:
9e:87:6e:2f:f4:31:31:02:b2:4c:a1:14:b9:8e:18:88:f9:1e:
5c:e5:7b:84:3d:d9:85:92:c9:8e:87:c5:1c:41:9a:69:0b:aa:
bb:34:2b:38:3e:9a:68:b6:a7:92:55:43:c9:8e:b3:b0:51:2e:
5f:af:c0:f6:63:cb:ec:38:17:c7:0f:85:10:2c:f1:60:af:5f:
7f:6d:57:5c:e5:8f:88:bd:c8:88:0b:01:0c:1e:2f:97:2f:b0:
09:86:88:d7:3c:02:3a:05:3c:80:7e:c7:6d:33:46:ed:e2:a9:
05:41:66:76:a6:f6:bc:ee:bd:cf:15:69:1a:66:83:8a:90:bb:
36:54:1a:fc:1b:b7:fd:f1:f3:79:a6:33:8d:47:2a:bb:63:9f:
2b:86:1c:af:bf:a0:20:c4:c1:e1:d1:ba:d0:ad:cf:b6:eb:ec:
d8:5c:05:0c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmtJPJYXH+jVBq/Zw3FFBVlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzMxMTgxMDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmIzYmE0ZTk1NjdmNTMwOTlhOTQxMmJmOGI0MjE0MDQ5YWE5Nzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXR3CaGUZQ+NB8IwCraveaWPXrxd
2Wfam1z2KGSuqZpgZ0yxswKVKV395vSe5q6i/eZEzyzIsPlu/nbDRVxlJuhtVG62
iID2zt5FGMUFHlffrAKsNV6lAv6zAl8tNqigvDl2+jK8opNpH9ga9dU9Vv+RUmzT
YMkRXjItqtekBkRH5jKP6NZHvcpbCPhnpap8d1aELa8RmlJ3goS5zZHJ14aU7qIJ
/YKDiGPgMSXzgaEU5kt1c56q3H3/oajm56NYGs+YY4bT9qi7/J2GXA3ZdCdUwANJ
pdO+GDsCI3N5Jyt1Fr1DGQDeYegbe8Py6En6KMjNXcByiWwB+73li9Ec0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIazuk6VZ/UwmalBK/i0IUBJqpeUMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaHJPNlRwVm45VENacVVFci1MUWhRRW1xbDVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALWdcJXfwBzWSPc4WeJ4
bIN225PKT5YbVZWdKhXj+wNuVi7eSKiiNeUhPXpMIgs2EGiX5eOfnH68hXZcXcVD
odTfGKnNi+WxYC7cizXWSQyOy5Uu+RsWprlwZp6Hbi/0MTECskyhFLmOGIj5Hlzl
e4Q92YWSyY6HxRxBmmkLqrs0Kzg+mmi2p5JVQ8mOs7BRLl+vwPZjy+w4F8cPhRAs
8WCvX39tV1zlj4i9yIgLAQweL5cvsAmGiNc8AjoFPIB+x20zRu3iqQVBZnam9rzu
vc8VaRpmg4qQuzZUGvwbt/3x83mmM41HKrtjnyuGHK+/oCDEweHRutCtz7br7Nhc
BQw=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:34:57 2025 by rpki-client