Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hzl5KYNVyNvmpPk_PutvFYWLHvg.roa
File: hzl5KYNVyNvmpPk_PutvFYWLHvg.roa (raw, json)
Hash identifier: Xifbj7GopbqnoloC8zWX70t4krAoAyCMVMglj0Mg/XQ=
Subject key identifier: 87:39:79:29:83:55:C8:DB:E6:A4:F9:3F:3E:EB:6F:15:85:8B:1E:F8
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01865981A1D8A290799FC22CB2F21171CC4D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hzl5KYNVyNvmpPk_PutvFYWLHvg.roa
Signing time: Thu 16 Feb 2023 09:15:13 +0000
ROA not before: Thu 16 Feb 2023 09:15:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:59:81:a1:d8:a2:90:79:9f:c2:2c:b2:f2:11:71:cc:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 16 09:15:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=873979298355c8dbe6a4f93f3eeb6f15858b1ef8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a5:4b:3c:fa:10:4b:36:6f:9c:3f:7e:31:69:
65:ee:ff:46:5f:7b:af:ae:8d:72:04:a0:fa:e2:cb:
ef:b3:4c:65:09:1a:fc:74:01:4b:b6:98:55:62:2f:
d2:ad:d4:26:44:8c:b3:10:7c:d5:54:aa:bd:97:a9:
dc:bd:26:12:4d:a4:66:d1:50:4e:5c:f0:8d:9e:21:
80:74:f1:ac:6d:01:f9:4e:3e:ea:06:1e:df:13:21:
09:52:08:1d:4f:35:b0:99:0f:c7:fa:1a:1c:d8:fe:
07:c1:f4:e1:f5:77:db:58:29:a6:1b:1d:e8:ae:50:
4b:7e:e5:0c:27:c4:be:2a:32:59:f4:da:da:f2:26:
b6:97:f6:d3:57:37:11:9d:d1:27:ab:13:d3:4c:a9:
ca:44:78:d4:3d:7b:e9:68:1f:90:51:b5:54:c8:eb:
20:3b:91:02:d6:53:e6:56:80:1f:7c:24:4d:2b:fa:
d6:bf:f7:e8:04:8b:4a:d8:1f:9e:08:ea:ba:16:92:
6c:8a:8e:aa:99:78:98:e3:ab:81:fa:76:e5:f1:30:
26:cc:49:3a:0d:e4:a3:9a:57:39:16:00:06:a5:c0:
a6:6f:3a:a4:e0:1c:1d:be:f3:a0:f7:22:ab:c7:dc:
7a:cd:4d:f1:2b:8f:e4:2a:40:8e:49:f6:78:9b:7c:
45:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:39:79:29:83:55:C8:DB:E6:A4:F9:3F:3E:EB:6F:15:85:8B:1E:F8
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hzl5KYNVyNvmpPk_PutvFYWLHvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
62:6f:9a:1b:f1:9b:09:73:fe:9c:e1:f7:f3:26:09:2c:83:a3:
ba:c6:7a:81:87:89:78:32:7a:13:e1:3b:86:e1:c9:85:8c:4c:
54:3b:85:50:0f:74:2d:3c:39:f2:f7:b1:24:be:ca:b3:f3:ca:
10:8f:74:0f:95:e9:68:15:70:26:d2:7b:af:c9:2c:42:13:cb:
e6:57:47:81:81:84:22:4f:28:1f:b0:5d:0a:b8:69:59:71:5e:
dc:53:12:6c:80:44:bd:2e:28:5b:16:e2:2a:06:5f:39:c4:9e:
89:3b:f9:02:89:40:30:95:06:0d:32:a8:91:ad:67:d5:82:14:
50:78:76:55:a7:07:c5:ca:0d:6a:01:cd:d6:9e:b7:6c:09:e1:
d4:33:ef:8f:a8:d4:a5:53:a9:37:65:fc:90:95:45:9c:2e:15:
ea:ec:0f:9f:e2:c1:72:b7:61:4e:17:66:88:4c:6c:09:71:c1:
b5:18:b9:a3:17:60:4e:79:85:4c:0d:aa:4d:47:5d:84:74:21:
ad:fa:6e:62:25:fb:ed:0e:ac:63:2e:08:ca:0f:77:08:f7:0a:
b2:8c:b0:37:c4:0b:1b:34:1c:bb:e4:e4:b5:21:f9:49:4c:89:
a0:22:0a:c8:52:bd:44:17:ae:f0:d4:f2:4f:d1:6c:8b:cf:08:
60:6d:fd:da
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZZgaHYopB5n8IssvIRccxNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE2MDkxNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzM5NzkyOTgzNTVjOGRiZTZhNGY5M2YzZWViNmYxNTg1OGIxZWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaVLPPoQSzZvnD9+MWll7v9GX3uv
ro1yBKD64svvs0xlCRr8dAFLtphVYi/SrdQmRIyzEHzVVKq9l6ncvSYSTaRm0VBO
XPCNniGAdPGsbQH5Tj7qBh7fEyEJUggdTzWwmQ/H+hoc2P4HwfTh9XfbWCmmGx3o
rlBLfuUMJ8S+KjJZ9Nra8ia2l/bTVzcRndEnqxPTTKnKRHjUPXvpaB+QUbVUyOsg
O5EC1lPmVoAffCRNK/rWv/foBItK2B+eCOq6FpJsio6qmXiY46uB+nbl8TAmzEk6
DeSjmlc5FgAGpcCmbzqk4BwdvvOg9yKrx9x6zU3xK4/kKkCOSfZ4m3xFSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIc5eSmDVcjb5qT5Pz7rbxWFix74MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaHpsNUtZTlZ5TnZtcFBrX1B1dHZGWVdMSHZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGJvmhvxmwlz/pzh9/Mm
CSyDo7rGeoGHiXgyehPhO4bhyYWMTFQ7hVAPdC08OfL3sSS+yrPzyhCPdA+V6WgV
cCbSe6/JLEITy+ZXR4GBhCJPKB+wXQq4aVlxXtxTEmyARL0uKFsW4ioGXznEnok7
+QKJQDCVBg0yqJGtZ9WCFFB4dlWnB8XKDWoBzdaet2wJ4dQz74+o1KVTqTdl/JCV
RZwuFersD5/iwXK3YU4XZohMbAlxwbUYuaMXYE55hUwNqk1HXYR0Ia36bmIl++0O
rGMuCMoPdwj3CrKMsDfECxs0HLvk5LUh+UlMiaAiCshSvUQXrvDU8k/RbIvPCGBt
/do=
-----END CERTIFICATE-----
Generated at Fri May 2 20:31:09 2025 by rpki-client