Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jHZr5yKhSiIiCYo4VPB7XXG5CY4.roa
File: jHZr5yKhSiIiCYo4VPB7XXG5CY4.roa (raw, json)
Hash identifier: q7MxarLW8tddO6hJ6p/PW0JXxIOrc+vqAGa139LwaiQ=
Subject key identifier: 8C:76:6B:E7:22:A1:4A:22:22:09:8A:38:54:F0:7B:5D:71:B9:09:8E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184D552DDA6C35EFE2F0EE8E1636AF29CE4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jHZr5yKhSiIiCYo4VPB7XXG5CY4.roa
Signing time: Sat 03 Dec 2022 00:11:28 +0000
ROA not before: Sat 03 Dec 2022 00:11:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d5:52:dd:a6:c3:5e:fe:2f:0e:e8:e1:63:6a:f2:9c:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 3 00:11:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8c766be722a14a2222098a3854f07b5d71b9098e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:82:7c:20:4a:d3:f8:80:af:dd:d6:99:6a:b5:
74:85:6a:b9:c7:d0:53:99:e0:f5:0b:30:61:22:53:
0c:ca:68:6b:0e:25:f3:4f:fc:b2:50:87:63:b1:59:
20:c2:31:f3:cc:6c:14:72:f9:f3:76:8e:bb:35:6f:
02:c2:00:62:c0:84:68:e2:a3:29:39:91:c9:e4:32:
0b:9b:36:fe:2f:83:3f:42:8c:9a:6c:0c:d7:20:84:
bc:b4:3b:af:89:db:33:a8:cc:ff:e5:17:c3:7d:c9:
7b:43:1e:ef:d6:d1:bf:f8:e2:5a:ed:fb:b1:db:3a:
65:52:85:d0:3d:d6:e6:d6:55:28:28:3c:24:68:eb:
b7:d0:78:64:59:15:41:2d:c9:f8:44:91:a5:52:76:
ac:02:21:19:68:cd:8f:27:d6:f3:3f:0c:fa:0f:d8:
65:12:99:41:3b:bb:4d:b1:94:f3:db:3c:7f:e0:ab:
9f:36:88:7c:74:91:40:93:f6:23:03:03:c7:b8:43:
66:a2:5e:a2:73:b7:50:c7:4f:c3:31:91:e2:c4:b5:
16:e4:a1:e6:66:8d:0f:6e:74:9a:90:23:11:b3:b4:
c1:c5:68:41:ac:89:ce:11:36:33:15:d7:aa:28:ef:
bc:99:e8:7b:33:1b:86:07:43:3f:1e:9e:57:ff:b5:
60:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:76:6B:E7:22:A1:4A:22:22:09:8A:38:54:F0:7B:5D:71:B9:09:8E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/jHZr5yKhSiIiCYo4VPB7XXG5CY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
59:97:95:40:4e:ce:1f:94:17:70:99:cd:76:08:f3:d9:48:f7:
bf:cc:47:c4:7b:b5:03:62:13:03:e9:9a:bb:97:a2:5c:e2:ca:
26:28:66:bb:c5:71:e9:52:95:95:39:d0:e0:4b:d6:91:2c:ee:
ef:5e:3c:1a:1f:b0:ed:13:71:4e:44:3a:05:cb:19:fb:7f:4a:
f2:51:ff:db:3b:71:19:a9:76:1a:82:9d:d0:99:e1:aa:40:49:
ed:44:82:82:76:29:c3:81:3e:3d:33:fa:c9:4d:af:9f:a0:df:
ac:2e:77:73:2c:d5:0f:f9:56:9a:be:06:e7:ba:46:45:89:b6:
09:a9:84:77:32:58:29:83:a8:9e:27:7b:b6:15:1f:fa:bf:51:
19:79:78:4b:b3:d1:40:61:57:e6:0b:90:0e:b0:0a:dc:d8:73:
69:cf:a3:be:d8:b7:e6:ca:87:3f:e2:cd:17:1c:e7:c6:cb:1b:
06:96:00:7f:a6:cf:01:5e:79:d2:fc:b4:7b:97:67:d8:4e:31:
4e:ca:b5:f6:ec:5e:db:56:12:8b:da:e3:75:0e:0d:04:5c:3b:
41:42:86:ef:2d:1f:e6:a4:50:51:4b:d9:79:f3:41:db:7d:fb:
5a:24:eb:e9:91:e8:17:06:91:c7:17:42:2c:77:9e:7f:fc:b4:
74:f4:47:e6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTVUt2mw17+Lw7o4WNq8pzkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjAzMDAxMTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yzc2NmJlNzIyYTE0YTIyMjIwOThhMzg1NGYwN2I1ZDcxYjkwOThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA64J8IErT+ICv3daZarV0hWq5x9BT
meD1CzBhIlMMymhrDiXzT/yyUIdjsVkgwjHzzGwUcvnzdo67NW8CwgBiwIRo4qMp
OZHJ5DILmzb+L4M/QoyabAzXIIS8tDuvidszqMz/5RfDfcl7Qx7v1tG/+OJa7fux
2zplUoXQPdbm1lUoKDwkaOu30HhkWRVBLcn4RJGlUnasAiEZaM2PJ9bzPwz6D9hl
EplBO7tNsZTz2zx/4KufNoh8dJFAk/YjAwPHuENmol6ic7dQx0/DMZHixLUW5KHm
Zo0PbnSakCMRs7TBxWhBrInOETYzFdeqKO+8meh7MxuGB0M/Hp5X/7VgFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIx2a+cioUoiIgmKOFTwe11xuQmOMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvakhacjV5S2hTaUlpQ1lvNFZQQjdYWEc1Q1k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFmXlUBOzh+UF3CZzXYI
89lI97/MR8R7tQNiEwPpmruXolziyiYoZrvFcelSlZU50OBL1pEs7u9ePBofsO0T
cU5EOgXLGft/SvJR/9s7cRmpdhqCndCZ4apASe1EgoJ2KcOBPj0z+slNr5+g36wu
d3Ms1Q/5Vpq+Bue6RkWJtgmphHcyWCmDqJ4ne7YVH/q/URl5eEuz0UBhV+YLkA6w
CtzYc2nPo77Yt+bKhz/izRcc58bLGwaWAH+mzwFeedL8tHuXZ9hOMU7KtfbsXttW
Eova43UODQRcO0FChu8tH+akUFFL2XnzQdt9+1ok6+mR6BcGkccXQix3nn/8tHT0
R+Y=
-----END CERTIFICATE-----
Generated at Thu May 1 22:59:17 2025 by rpki-client