Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hyhhEldUKXLHcry8ia2OMO05k24.roa
File: hyhhEldUKXLHcry8ia2OMO05k24.roa (raw, json)
Hash identifier: oIscB+MpJpPQMzpEHU2kLRtLV2u4aeMt226L+HajkXA=
Subject key identifier: 87:28:61:12:57:54:29:72:C7:72:BC:BC:89:AD:8E:30:ED:39:93:6E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0188C71DE0A0A8516A35B157440ADCB4DCD2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hyhhEldUKXLHcry8ia2OMO05k24.roa
Signing time: Sat 17 Jun 2023 02:10:03 +0000
ROA not before: Sat 17 Jun 2023 02:10:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c7:1d:e0:a0:a8:51:6a:35:b1:57:44:0a:dc:b4:dc:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 17 02:10:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8728611257542972c772bcbc89ad8e30ed39936e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6d:8e:b0:ca:df:83:e4:96:10:8e:b2:14:22:
7c:30:08:b3:03:59:72:c0:5a:00:60:bd:de:fd:dc:
44:df:ce:67:80:fe:90:9a:58:24:b6:9a:2e:ea:8d:
be:a2:8e:14:2f:4b:0f:76:00:e3:36:b2:38:8c:78:
22:ef:19:a9:cf:10:62:98:65:5c:35:4f:38:72:9f:
85:9d:46:88:f1:6f:88:35:2d:ba:49:e9:0a:66:15:
97:55:d8:15:ee:7f:80:74:9c:c6:28:84:09:c9:c2:
81:d0:49:72:1e:34:9d:9a:b6:05:87:8e:56:08:f8:
8c:fe:aa:64:b8:89:b2:12:90:f3:88:f8:8f:5e:7c:
b0:cb:7f:dc:92:41:93:d4:62:e9:78:f3:a5:44:25:
40:c7:d5:41:e6:19:b8:b0:f0:ce:96:d0:ca:7d:4c:
84:8f:df:b4:f1:44:1a:54:50:87:69:d6:e0:67:e5:
2f:3f:22:8d:22:e2:a5:6b:bc:93:ae:a9:35:81:96:
6b:5c:85:30:72:a8:5a:5e:c2:aa:d3:99:f3:31:d8:
e3:77:a3:81:2f:05:e1:2a:77:31:9d:58:69:3f:06:
35:a5:74:ab:d4:1c:f9:fb:e7:48:d6:05:b8:32:63:
5d:e4:2b:cc:29:6a:1a:85:ee:83:1f:a5:d1:35:34:
0e:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:28:61:12:57:54:29:72:C7:72:BC:BC:89:AD:8E:30:ED:39:93:6E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hyhhEldUKXLHcry8ia2OMO05k24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
65:79:eb:57:80:bc:7d:08:eb:80:cd:5f:88:06:43:b3:a4:c9:
41:b1:70:84:55:da:ed:aa:f5:09:f0:7c:a3:c4:98:2b:cf:f7:
46:64:51:09:cb:42:14:d2:ee:b2:a2:9a:8b:da:c6:13:cf:bc:
6e:73:ac:12:dc:4d:ff:62:93:64:15:36:73:86:99:1d:dc:4d:
2d:97:39:92:97:e1:21:89:d8:44:24:7d:ba:0e:b4:3c:49:7a:
c2:9b:ce:9c:c8:ab:06:84:c9:29:86:fd:b2:ce:61:d5:e6:43:
55:74:d6:84:20:1a:77:d5:76:61:1e:75:5b:13:b0:f9:fc:8d:
77:f9:fd:1f:21:3d:db:1c:32:85:42:09:27:86:36:b5:ce:54:
21:ac:7c:89:f8:54:37:b1:3e:c9:40:17:a1:97:2f:7e:e8:62:
bc:73:d1:f1:4e:cf:32:d6:74:f3:4d:84:aa:af:88:70:7d:aa:
7f:86:f4:c2:16:48:87:f3:9e:f7:f3:4a:c9:8e:4a:59:8c:18:
51:09:61:8a:0c:b8:2c:d4:34:7c:18:c2:f1:e7:ac:4c:b9:34:
4b:ed:24:a6:e4:1c:a8:dc:58:0a:e8:c2:a1:c9:03:f8:50:86:
e9:9d:6b:32:4e:bd:8c:9d:07:58:6d:0b:6d:79:8f:91:b2:13:
c0:25:94:20
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYjHHeCgqFFqNbFXRArctNzSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjE3MDIxMDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzI4NjExMjU3NTQyOTcyYzc3MmJjYmM4OWFkOGUzMGVkMzk5MzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoG2OsMrfg+SWEI6yFCJ8MAizA1ly
wFoAYL3e/dxE385ngP6Qmlgktpou6o2+oo4UL0sPdgDjNrI4jHgi7xmpzxBimGVc
NU84cp+FnUaI8W+INS26SekKZhWXVdgV7n+AdJzGKIQJycKB0ElyHjSdmrYFh45W
CPiM/qpkuImyEpDziPiPXnywy3/ckkGT1GLpePOlRCVAx9VB5hm4sPDOltDKfUyE
j9+08UQaVFCHadbgZ+UvPyKNIuKla7yTrqk1gZZrXIUwcqhaXsKq05nzMdjjd6OB
LwXhKncxnVhpPwY1pXSr1Bz5++dI1gW4MmNd5CvMKWoahe6DH6XRNTQOdwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIcoYRJXVClyx3K8vImtjjDtOZNuMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaHloaEVsZFVLWExIY3J5OGlhMk9NTzA1azI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGV561eAvH0I64DNX4gG
Q7OkyUGxcIRV2u2q9QnwfKPEmCvP90ZkUQnLQhTS7rKimovaxhPPvG5zrBLcTf9i
k2QVNnOGmR3cTS2XOZKX4SGJ2EQkfboOtDxJesKbzpzIqwaEySmG/bLOYdXmQ1V0
1oQgGnfVdmEedVsTsPn8jXf5/R8hPdscMoVCCSeGNrXOVCGsfIn4VDexPslAF6GX
L37oYrxz0fFOzzLWdPNNhKqviHB9qn+G9MIWSIfznvfzSsmOSlmMGFEJYYoMuCzU
NHwYwvHnrEy5NEvtJKbkHKjcWArowqHJA/hQhumdazJOvYydB1htC215j5GyE8Al
lCA=
-----END CERTIFICATE-----
Generated at Sat May 3 03:15:16 2025 by rpki-client