Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hwSTNMY1PxK1WpBkbSDTrAnAWDc.roa
File: hwSTNMY1PxK1WpBkbSDTrAnAWDc.roa (raw, json)
Hash identifier: iEXg7KScadDimUmUgkT0FVEjUZrfjyX3/rLf2hRHIzo=
Subject key identifier: 87:04:93:34:C6:35:3F:12:B5:5A:90:64:6D:20:D3:AC:09:C0:58:37
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184D470FBBC181525B9BA37E9B2260AD22D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hwSTNMY1PxK1WpBkbSDTrAnAWDc.roa
Signing time: Fri 02 Dec 2022 20:04:44 +0000
ROA not before: Fri 02 Dec 2022 20:04:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:184:d470:affd/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d4:70:fb:bc:18:15:25:b9:ba:37:e9:b2:26:0a:d2:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 2 20:04:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87049334c6353f12b55a90646d20d3ac09c05837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3f:99:5e:a8:97:37:02:d7:97:12:cb:30:55:
f1:fb:a4:01:39:df:a8:df:96:8e:32:cf:d4:cd:37:
c0:9a:2d:e8:91:23:a7:61:78:4d:bc:f1:24:88:3a:
7b:68:3f:4c:03:74:26:92:39:49:fe:f8:0c:5f:42:
0b:59:a9:2d:73:b3:f7:38:56:24:68:13:b7:e6:0c:
36:7d:b3:76:d7:c2:3c:2e:67:03:a6:5f:36:21:f4:
7a:8b:8a:1a:cc:7e:15:af:0f:ec:cb:2c:af:26:5e:
33:18:b1:69:01:52:61:ce:04:bb:97:25:b1:91:3f:
e5:12:25:33:59:3e:20:b6:da:d7:51:5c:74:37:6e:
7b:92:1f:26:ac:ce:fd:30:00:57:48:f5:b0:18:32:
8c:06:3b:ac:db:0e:dc:da:b5:3c:67:34:00:57:2c:
17:36:2e:64:16:97:1c:b3:e8:3b:b1:b1:db:70:d6:
b8:19:12:01:75:88:21:82:60:9a:cc:75:f0:32:05:
2d:3d:e6:93:06:8a:8e:ca:ec:33:90:a6:c7:a3:de:
4d:95:03:d3:62:d7:6b:3a:98:da:f6:fc:5f:e4:9d:
d7:6d:06:ff:52:ee:8e:1d:b9:8c:5d:6f:a6:91:db:
be:3d:6b:64:41:8d:2f:12:29:ef:20:c8:64:6d:9a:
dd:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:04:93:34:C6:35:3F:12:B5:5A:90:64:6D:20:D3:AC:09:C0:58:37
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hwSTNMY1PxK1WpBkbSDTrAnAWDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
07:72:ce:81:30:4d:aa:e6:3a:86:8e:52:ea:e3:bd:e0:e7:4c:
59:f0:c7:4e:12:74:e8:ae:ca:67:5f:44:37:33:54:f3:8f:f3:
dc:88:1c:89:79:9a:18:c3:a1:50:3e:6c:10:35:92:b3:f5:a3:
32:b4:6f:4e:82:88:ce:a4:f7:07:d0:d5:2b:9e:1c:e3:e6:8e:
03:12:23:79:d1:50:ce:ff:9c:d4:b8:f5:01:17:24:05:39:6b:
cb:fc:e6:41:67:c8:af:c9:85:d8:62:e3:6e:65:55:99:6f:a5:
75:a5:00:77:9d:1f:c5:a0:4b:a4:d8:d8:a3:3d:35:8e:9e:44:
86:11:5a:8a:72:d6:47:dc:e0:ba:71:cd:79:86:f6:b7:ca:bb:
33:c1:52:dc:27:c6:90:55:9f:2e:8d:c3:71:84:4e:63:9b:9a:
55:b5:1d:58:9e:ed:60:29:bf:df:c5:31:fe:df:25:75:01:8d:
39:73:7f:c5:28:6d:77:8d:12:33:1e:90:98:4c:89:80:83:71:
46:23:78:c0:8a:e7:d8:82:36:22:d7:53:e2:27:f8:a7:4a:ad:
e0:be:12:f1:64:20:db:ee:45:a1:22:72:fb:ba:db:12:4d:35:
31:43:d4:ed:ba:10:49:db:10:a9:31:22:f9:45:39:c7:d5:b3:
58:34:f6:9f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTUcPu8GBUlubo36bImCtItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjAyMjAwNDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzA0OTMzNGM2MzUzZjEyYjU1YTkwNjQ2ZDIwZDNhYzA5YzA1ODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtD+ZXqiXNwLXlxLLMFXx+6QBOd+o
35aOMs/UzTfAmi3okSOnYXhNvPEkiDp7aD9MA3QmkjlJ/vgMX0ILWaktc7P3OFYk
aBO35gw2fbN218I8LmcDpl82IfR6i4oazH4Vrw/syyyvJl4zGLFpAVJhzgS7lyWx
kT/lEiUzWT4gttrXUVx0N257kh8mrM79MABXSPWwGDKMBjus2w7c2rU8ZzQAVywX
Ni5kFpccs+g7sbHbcNa4GRIBdYghgmCazHXwMgUtPeaTBoqOyuwzkKbHo95NlQPT
YtdrOpja9vxf5J3XbQb/Uu6OHbmMXW+mkdu+PWtkQY0vEinvIMhkbZrd2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIcEkzTGNT8StVqQZG0g06wJwFg3MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaHdTVE5NWTFQeEsxV3BCa2JTRFRyQW5BV0RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAdyzoEwTarmOoaOUurj
veDnTFnwx04SdOiuymdfRDczVPOP89yIHIl5mhjDoVA+bBA1krP1ozK0b06CiM6k
9wfQ1SueHOPmjgMSI3nRUM7/nNS49QEXJAU5a8v85kFnyK/Jhdhi425lVZlvpXWl
AHedH8WgS6TY2KM9NY6eRIYRWopy1kfc4LpxzXmG9rfKuzPBUtwnxpBVny6Nw3GE
TmObmlW1HVie7WApv9/FMf7fJXUBjTlzf8UobXeNEjMekJhMiYCDcUYjeMCK59iC
NiLXU+In+KdKreC+EvFkINvuRaEicvu62xJNNTFD1O26EEnbEKkxIvlFOcfVs1g0
9p8=
-----END CERTIFICATE-----
Generated at Thu May 1 05:26:47 2025 by rpki-client