Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/htzAI9RoFKfreRayTQIENbDF7t0.roa
File: htzAI9RoFKfreRayTQIENbDF7t0.roa (raw, json)
Hash identifier: m+Z277N5V0C3ikHSf92PPsR2EGLT42rLTaHkZtEzNvQ=
Subject key identifier: 86:DC:C0:23:D4:68:14:A7:EB:79:16:B2:4D:02:04:35:B0:C5:EE:DD
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186315DADA56D3F29F6B403EA6E58BE9C43
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/htzAI9RoFKfreRayTQIENbDF7t0.roa
Signing time: Wed 08 Feb 2023 14:11:08 +0000
ROA not before: Wed 08 Feb 2023 14:11:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:31:5d:ad:a5:6d:3f:29:f6:b4:03:ea:6e:58:be:9c:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 8 14:11:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86dcc023d46814a7eb7916b24d020435b0c5eedd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:10:dd:ee:64:7f:42:25:78:91:b7:b8:52:02:
b8:41:3e:ff:7c:30:cd:6e:24:cd:8c:b2:39:1e:80:
29:0d:c0:fc:52:ef:e9:c3:f5:97:03:5f:98:66:1b:
49:78:ed:4e:05:20:00:87:38:d5:2d:56:03:d8:2f:
23:51:69:c7:07:4a:df:85:9b:35:27:87:e1:42:39:
94:08:68:69:be:a8:c7:e8:84:63:bd:af:ae:02:0a:
48:b8:69:06:67:12:ea:20:5c:6d:b1:2f:93:2d:16:
c4:55:d5:14:2d:54:59:66:77:aa:59:a0:df:ee:6a:
85:16:78:c2:d2:2b:36:63:26:9c:69:92:4d:d2:9e:
97:72:c4:d3:4e:63:7c:b1:0e:cc:d2:56:8d:c0:08:
41:4d:22:84:bf:44:5b:43:b9:c1:82:2e:64:2a:16:
f3:55:ed:7d:aa:8e:cb:2b:08:93:83:34:05:b7:a8:
68:17:9a:24:14:20:22:f9:7a:ec:3f:b0:e2:8a:5f:
7d:7f:28:c3:e5:e6:38:48:87:da:21:52:ca:23:02:
12:09:f3:b3:6a:c3:3e:f1:8c:05:32:69:6d:12:49:
6c:e1:dd:08:68:83:8f:85:38:ac:62:8e:fa:29:e4:
7c:94:c7:4c:ae:07:51:34:d1:33:7c:35:d7:6a:da:
8c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:DC:C0:23:D4:68:14:A7:EB:79:16:B2:4D:02:04:35:B0:C5:EE:DD
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/htzAI9RoFKfreRayTQIENbDF7t0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3a:ad:9a:63:11:25:00:fb:01:d6:24:cb:ec:f4:73:8c:3d:5a:
8e:43:86:6c:5a:a0:28:d3:d1:85:b8:14:79:f9:55:d7:32:db:
2b:64:fb:b4:32:2f:f0:c8:73:cc:11:b5:39:0f:d1:3b:13:26:
0c:73:c8:13:bf:12:da:4b:9a:c4:0b:67:6c:2b:fe:84:99:bc:
a1:c9:28:46:56:ef:c7:a1:e3:62:17:44:a0:51:a7:69:a5:f5:
66:87:8e:e4:7a:b7:cc:9f:17:51:22:01:8d:7b:17:22:54:df:
57:4d:5a:80:f8:29:27:19:4c:4a:a9:f3:54:9f:aa:a3:e6:20:
0d:52:da:92:39:44:fd:da:40:9f:cb:72:07:a3:a4:0c:83:35:
02:ef:bc:f7:f1:f8:ef:98:a4:3a:31:d8:9c:ad:3f:a9:79:7e:
b7:2f:9b:74:d0:37:84:c0:62:14:48:76:5b:cb:de:e4:1c:af:
d7:c3:c8:f8:56:91:1f:cd:62:7b:82:cb:6f:98:f7:2b:ca:5a:
f2:83:cf:66:10:da:85:f7:3b:12:38:a8:22:28:95:8f:17:78:
59:34:8e:be:c6:e7:b8:c4:81:dc:f1:7d:57:e8:57:c8:55:19:
df:fe:1a:42:c6:6c:15:e5:c8:76:ab:15:dd:45:35:3d:0d:ba:
69:56:a4:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYxXa2lbT8p9rQD6m5YvpxDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjA4MTQxMTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmRjYzAyM2Q0NjgxNGE3ZWI3OTE2YjI0ZDAyMDQzNWIwYzVlZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBDd7mR/QiV4kbe4UgK4QT7/fDDN
biTNjLI5HoApDcD8Uu/pw/WXA1+YZhtJeO1OBSAAhzjVLVYD2C8jUWnHB0rfhZs1
J4fhQjmUCGhpvqjH6IRjva+uAgpIuGkGZxLqIFxtsS+TLRbEVdUULVRZZneqWaDf
7mqFFnjC0is2YyacaZJN0p6XcsTTTmN8sQ7M0laNwAhBTSKEv0RbQ7nBgi5kKhbz
Ve19qo7LKwiTgzQFt6hoF5okFCAi+XrsP7Diil99fyjD5eY4SIfaIVLKIwISCfOz
asM+8YwFMmltEkls4d0IaIOPhTisYo76KeR8lMdMrgdRNNEzfDXXatqMgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIbcwCPUaBSn63kWsk0CBDWwxe7dMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaHR6QUk5Um9GS2ZyZVJheVRRSUVOYkRGN3QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADqtmmMRJQD7AdYky+z0
c4w9Wo5DhmxaoCjT0YW4FHn5Vdcy2ytk+7QyL/DIc8wRtTkP0TsTJgxzyBO/EtpL
msQLZ2wr/oSZvKHJKEZW78eh42IXRKBRp2ml9WaHjuR6t8yfF1EiAY17FyJU31dN
WoD4KScZTEqp81SfqqPmIA1S2pI5RP3aQJ/LcgejpAyDNQLvvPfx+O+YpDox2Jyt
P6l5frcvm3TQN4TAYhRIdlvL3uQcr9fDyPhWkR/NYnuCy2+Y9yvKWvKDz2YQ2oX3
OxI4qCIolY8XeFk0jr7G57jEgdzxfVfoV8hVGd/+GkLGbBXlyHarFd1FNT0NumlW
pHI=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:27:42 2025 by rpki-client