Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nh6c2ss5xCh47Qw1-OmCFvhMnTE.roa
File: nh6c2ss5xCh47Qw1-OmCFvhMnTE.roa (raw, json)
Hash identifier: dS0ahlRnkqS88a2BLbHDrYjtzPAWEJgaeg5JFMTZL8c=
Subject key identifier: 9E:1E:9C:DA:CB:39:C4:28:78:ED:0C:35:F8:E9:82:16:F8:4C:9D:31
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189E89667B7A8E9C6A4F5FBEBC8E5EF2E65
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nh6c2ss5xCh47Qw1-OmCFvhMnTE.roa
Signing time: Sat 12 Aug 2023 07:11:58 +0000
ROA not before: Sat 12 Aug 2023 07:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e8:96:67:b7:a8:e9:c6:a4:f5:fb:eb:c8:e5:ef:2e:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 12 07:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e1e9cdacb39c42878ed0c35f8e98216f84c9d31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e4:c1:4f:65:1e:50:ba:48:84:eb:ed:b3:b1:
37:4d:f8:45:61:99:57:33:6a:64:6e:27:94:5a:8c:
ce:ca:f9:6d:ab:f7:aa:5a:61:fc:7e:f8:0d:96:8a:
9a:d7:62:21:f1:3d:d0:bb:7f:6f:c1:8f:65:66:06:
5f:bf:15:95:40:33:d1:22:4b:83:c3:c5:c7:65:b0:
28:6e:64:4d:c5:22:52:94:21:ff:de:a9:e5:a8:7e:
19:27:d7:a6:dd:d9:5f:37:0c:da:57:75:21:bc:e6:
9b:63:e2:a4:27:03:6d:57:3c:4a:ae:2d:67:23:8a:
6b:3b:77:16:e5:5d:18:b0:46:9c:1d:f1:87:58:99:
e8:5a:b7:ad:f2:30:15:bc:0c:b9:0a:fd:b6:dc:42:
f8:a6:74:6c:bd:c9:5a:d3:56:0d:67:a8:57:7d:08:
43:2b:78:cf:da:ed:44:bc:1d:4e:5a:b0:12:bc:5d:
58:f3:fc:4d:2c:f0:89:48:03:70:f8:68:00:f6:fa:
60:16:a9:35:63:16:42:3a:47:cf:75:ee:ca:d4:ec:
80:bf:66:ae:ef:6b:8f:31:94:f7:d2:16:0a:22:1e:
3e:ab:e0:be:7d:34:c9:6f:2d:c9:df:bd:59:df:69:
a8:20:8d:b1:08:0f:09:a3:9b:69:42:19:70:e8:09:
43:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:1E:9C:DA:CB:39:C4:28:78:ED:0C:35:F8:E9:82:16:F8:4C:9D:31
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/nh6c2ss5xCh47Qw1-OmCFvhMnTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6a:43:38:aa:82:73:0d:f5:ff:49:2a:93:4e:34:96:af:45:b5:
f0:43:29:c5:2f:58:8c:88:ae:12:7e:b3:ef:07:d0:8a:41:6d:
13:95:de:64:6f:dc:3a:f1:65:cf:db:bf:90:3e:2b:4e:0c:22:
6a:cd:03:26:0d:0a:e0:70:56:3b:5f:54:5d:88:30:ef:7c:a2:
ec:03:8d:72:d4:b3:bb:1f:0c:c2:cd:0b:d5:af:ce:d8:3c:e9:
9f:70:a6:3b:24:5d:a7:56:f0:ef:f1:f1:64:14:80:2c:88:41:
8c:56:1c:7e:67:f5:54:89:e6:7a:48:61:0c:3e:7e:5a:b1:6b:
b0:f1:50:7a:c8:2c:b9:1c:8e:a5:ed:01:dd:5e:e7:d5:4c:cb:
9a:18:27:90:4d:3f:45:d3:7a:ea:86:7a:ce:33:e8:34:09:8a:
db:93:ce:05:14:13:d4:07:f9:86:fa:d5:8a:ce:b1:7b:97:a5:
c5:fe:7a:d1:2f:b2:59:68:7f:04:47:5e:7e:04:7e:ae:6f:4a:
d9:f8:6c:4d:8f:2b:2c:09:64:7a:20:8b:a2:9e:ca:3b:c7:c4:
b4:9e:bb:67:ae:1f:ef:29:e4:ad:76:33:7b:03:ca:67:a3:b2:
3f:a6:4e:ed:1c:ae:f2:e6:7c:01:5c:4c:0a:3e:7b:c1:be:ff:
98:8b:7d:a2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnolme3qOnGpPX768jl7y5lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODEyMDcxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTFlOWNkYWNiMzljNDI4NzhlZDBjMzVmOGU5ODIxNmY4NGM5ZDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+TBT2UeULpIhOvts7E3TfhFYZlX
M2pkbieUWozOyvltq/eqWmH8fvgNloqa12Ih8T3Qu39vwY9lZgZfvxWVQDPRIkuD
w8XHZbAobmRNxSJSlCH/3qnlqH4ZJ9em3dlfNwzaV3UhvOabY+KkJwNtVzxKri1n
I4prO3cW5V0YsEacHfGHWJnoWret8jAVvAy5Cv223EL4pnRsvcla01YNZ6hXfQhD
K3jP2u1EvB1OWrASvF1Y8/xNLPCJSANw+GgA9vpgFqk1YxZCOkfPde7K1OyAv2au
72uPMZT30hYKIh4+q+C+fTTJby3J371Z32moII2xCA8Jo5tpQhlw6AlDcwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ4enNrLOcQoeO0MNfjpghb4TJ0xMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbmg2YzJzczV4Q2g0N1F3MS1PbUNGdmhNblRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGpDOKqCcw31/0kqk040
lq9FtfBDKcUvWIyIrhJ+s+8H0IpBbROV3mRv3DrxZc/bv5A+K04MImrNAyYNCuBw
VjtfVF2IMO98ouwDjXLUs7sfDMLNC9Wvztg86Z9wpjskXadW8O/x8WQUgCyIQYxW
HH5n9VSJ5npIYQw+flqxa7DxUHrILLkcjqXtAd1e59VMy5oYJ5BNP0XTeuqGes4z
6DQJituTzgUUE9QH+Yb61YrOsXuXpcX+etEvsllofwRHXn4Efq5vStn4bE2PKywJ
ZHogi6KeyjvHxLSeu2euH+8p5K12M3sDymejsj+mTu0crvLmfAFcTAo+e8G+/5iL
faI=
-----END CERTIFICATE-----
Generated at Thu May 1 02:11:10 2025 by rpki-client