Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/imHunCtjAxduYy8V5Nm2gOCCTZs.roa
File: imHunCtjAxduYy8V5Nm2gOCCTZs.roa (raw, json)
Hash identifier: tjoZLdT8Ux+3o6twm61JQYSYRpFsILsAel5Pr2aiLdU=
Subject key identifier: 8A:61:EE:9C:2B:63:03:17:6E:63:2F:15:E4:D9:B6:80:E0:82:4D:9B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185DF2F4EAF2BF25F79F79A4A22E753419F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/imHunCtjAxduYy8V5Nm2gOCCTZs.roa
Signing time: Mon 23 Jan 2023 15:11:37 +0000
ROA not before: Mon 23 Jan 2023 15:11:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:df:2f:4e:af:2b:f2:5f:79:f7:9a:4a:22:e7:53:41:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 23 15:11:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a61ee9c2b6303176e632f15e4d9b680e0824d9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:f5:30:88:7c:d9:c5:f6:58:a2:ac:f0:4b:1d:
9d:63:a9:c2:2c:e9:df:24:57:94:bb:af:b0:29:cb:
40:53:cf:0e:d7:f2:95:11:68:37:b2:de:30:36:85:
42:b8:97:51:cd:96:ad:b0:c1:fb:97:d5:17:7b:4d:
e1:ee:68:87:fe:4e:04:96:5a:94:f9:46:0b:37:66:
8a:19:43:f8:fc:e0:d6:b5:9f:af:60:6e:78:82:00:
f7:9a:83:8b:63:27:ca:d0:1a:d7:61:fe:28:44:a0:
9c:48:eb:39:f3:17:a4:37:89:9f:91:5c:5e:c4:9a:
c2:c2:1d:0b:35:fd:87:06:a4:a0:cd:2e:f1:09:26:
a0:d1:db:c0:4b:ca:e6:01:e9:99:f6:63:44:e2:8a:
74:b1:76:41:f9:2c:58:95:c8:60:75:18:ae:8b:53:
1f:9a:51:e1:06:4d:aa:58:43:8b:6d:2b:0f:28:e9:
2b:b2:2e:5e:4b:cb:17:72:37:37:57:29:89:f3:3d:
93:87:86:2b:73:4f:d4:4c:93:00:5a:19:e4:48:ca:
4f:e8:0f:4a:9b:c6:15:e6:ad:07:65:31:ba:b6:99:
cc:bd:34:aa:93:b5:74:37:2b:45:25:09:0a:50:92:
97:a4:b1:59:6e:14:59:52:6b:15:95:84:93:c5:b6:
15:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:61:EE:9C:2B:63:03:17:6E:63:2F:15:E4:D9:B6:80:E0:82:4D:9B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/imHunCtjAxduYy8V5Nm2gOCCTZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:73:fd:7e:cd:78:53:f9:0b:17:7e:df:5e:d4:19:b7:cd:fc:
85:c3:83:80:b3:df:ac:c6:f5:6d:21:82:31:9f:5e:f4:7f:ac:
9d:70:66:2c:0a:4d:44:21:f9:83:f0:39:fa:a6:b7:7a:0a:bc:
90:74:e1:9a:1e:c4:ce:fe:51:96:26:73:b6:52:a4:d6:c7:26:
4a:9c:2e:30:a5:78:8f:34:b1:bb:b1:c3:c9:d0:9f:28:73:77:
71:c5:c6:ee:3a:55:c7:a7:dc:78:b9:57:4e:76:b3:e7:f8:67:
88:6d:4e:cc:4e:4c:fc:ea:76:d9:a1:e1:3b:03:5c:e1:2d:7f:
0a:ba:da:ce:53:b8:6f:98:e7:b7:22:f8:fd:7b:ad:5c:e5:52:
0d:50:04:98:31:2a:f4:95:e4:84:cf:90:96:29:b6:6c:c8:ca:
19:b6:b6:05:37:8d:13:2f:e2:43:32:c3:2b:9f:8b:08:15:23:
5d:df:e8:9f:4d:89:bc:2f:f9:21:3e:a4:1d:15:10:bf:1a:fd:
05:84:3b:9f:db:4a:16:68:d8:30:c4:24:09:9f:c5:f7:60:2d:
28:c4:fd:e9:93:49:6a:d6:61:ae:50:d8:fb:bb:2c:04:c8:22:
00:6f:17:a9:7b:ad:15:16:3c:06:c0:49:fc:c1:bb:fa:e5:1b:
4b:cf:ad:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXfL06vK/JfefeaSiLnU0GfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTIzMTUxMTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTYxZWU5YzJiNjMwMzE3NmU2MzJmMTVlNGQ5YjY4MGUwODI0ZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3/UwiHzZxfZYoqzwSx2dY6nCLOnf
JFeUu6+wKctAU88O1/KVEWg3st4wNoVCuJdRzZatsMH7l9UXe03h7miH/k4EllqU
+UYLN2aKGUP4/ODWtZ+vYG54ggD3moOLYyfK0BrXYf4oRKCcSOs58xekN4mfkVxe
xJrCwh0LNf2HBqSgzS7xCSag0dvAS8rmAemZ9mNE4op0sXZB+SxYlchgdRiui1Mf
mlHhBk2qWEOLbSsPKOkrsi5eS8sXcjc3VymJ8z2Th4Yrc0/UTJMAWhnkSMpP6A9K
m8YV5q0HZTG6tpnMvTSqk7V0NytFJQkKUJKXpLFZbhRZUmsVlYSTxbYVDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIph7pwrYwMXbmMvFeTZtoDggk2bMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaW1IdW5DdGpBeGR1WXk4VjVObTJnT0NDVFpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHNz/X7NeFP5Cxd+317U
GbfN/IXDg4Cz36zG9W0hgjGfXvR/rJ1wZiwKTUQh+YPwOfqmt3oKvJB04ZoexM7+
UZYmc7ZSpNbHJkqcLjCleI80sbuxw8nQnyhzd3HFxu46Vcen3Hi5V052s+f4Z4ht
TsxOTPzqdtmh4TsDXOEtfwq62s5TuG+Y57ci+P17rVzlUg1QBJgxKvSV5ITPkJYp
tmzIyhm2tgU3jRMv4kMywyufiwgVI13f6J9Nibwv+SE+pB0VEL8a/QWEO5/bShZo
2DDEJAmfxfdgLSjE/emTSWrWYa5Q2Pu7LATIIgBvF6l7rRUWPAbASfzBu/rlG0vP
rXg=
-----END CERTIFICATE-----
Generated at Thu May 1 01:48:21 2025 by rpki-client