Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7HGnsWNzys3L20ctW_4yCNDei9E.roa
File: 7HGnsWNzys3L20ctW_4yCNDei9E.roa (raw, json)
Hash identifier: kdXFBu+rp3aSNyBbF6F/IxXwrSRCaWDb29NIfue6pko=
Subject key identifier: EC:71:A7:B1:63:73:CA:CD:CB:DB:47:2D:5B:FE:32:08:D0:DE:8B:D1
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A2666AE1EAAD518289B83166F567AC15E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7HGnsWNzys3L20ctW_4yCNDei9E.roa
Signing time: Thu 24 Aug 2023 07:16:18 +0000
ROA not before: Thu 24 Aug 2023 07:16:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:26:66:ae:1e:aa:d5:18:28:9b:83:16:6f:56:7a:c1:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 24 07:16:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec71a7b16373cacdcbdb472d5bfe3208d0de8bd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:48:83:fc:f9:86:f3:1d:16:c3:c8:ef:c6:f2:
75:97:4d:b7:b7:38:a8:eb:a1:27:d5:e1:35:2b:ae:
20:ad:cb:83:e1:cd:00:56:61:14:a9:70:24:f5:3c:
e3:25:85:36:ad:0f:1c:59:da:63:6a:52:8b:81:7b:
5d:05:a5:3e:ee:13:73:81:a1:b5:a1:f3:b2:80:8f:
49:b8:c2:ec:f5:ea:86:b4:cb:a0:c0:d7:9a:e0:1c:
3e:be:ed:1e:3b:0e:f4:c1:78:ed:fc:72:69:85:59:
3d:09:42:7e:38:17:43:c6:ce:78:e7:01:e5:4f:a7:
ea:79:99:6d:6a:fb:44:70:00:2a:28:6c:0e:22:e9:
95:bb:a9:db:d8:c8:4d:75:80:6f:ab:4a:32:3a:9d:
43:0d:e8:90:98:a0:16:50:7b:98:d0:e6:64:0f:4d:
f5:0e:51:3d:af:58:d5:bf:8b:e6:1d:af:c8:01:9e:
de:73:ab:bb:cb:01:3e:f2:96:63:59:6b:24:76:f1:
9d:21:26:8b:fc:26:bb:f6:99:fa:de:1e:80:2b:0c:
d0:e7:e4:a9:5d:d3:b5:4f:32:9f:89:47:3a:7e:2a:
ec:d4:b7:c0:31:b9:e6:f0:30:80:f1:03:27:b4:f2:
de:10:35:00:f1:a2:98:88:b9:1c:b1:47:53:ba:6f:
1b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:71:A7:B1:63:73:CA:CD:CB:DB:47:2D:5B:FE:32:08:D0:DE:8B:D1
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/7HGnsWNzys3L20ctW_4yCNDei9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
50:ba:c8:c0:c1:cf:08:16:cd:1a:b8:54:48:2d:68:13:8e:ac:
48:f4:46:98:4f:03:e1:7c:02:e6:df:be:4e:a1:b4:2f:55:9b:
3a:2d:c5:4c:d4:c1:9d:34:44:18:c7:da:f4:9b:4c:94:67:48:
20:1b:19:55:be:ee:e8:c9:c2:c0:57:ca:3d:c2:5a:6e:55:5b:
99:84:85:a2:7d:a9:d6:96:74:ff:5f:20:a4:03:9e:a2:02:80:
69:51:d7:59:f8:97:75:f1:85:16:f6:aa:16:b4:7c:5e:68:fa:
d7:55:72:65:a6:5e:95:05:82:24:89:81:bd:aa:6e:6a:44:d1:
dc:c1:43:b3:c4:02:fc:63:1c:a4:c9:d0:9f:98:55:4a:f2:80:
6e:0d:e9:68:20:d5:94:b4:96:4a:6d:04:d7:fd:36:26:c8:d1:
44:f0:e0:73:c5:60:2c:d1:86:a0:0c:cd:4f:e8:55:13:8e:5f:
6d:39:a1:1f:80:4c:60:d8:fa:46:6a:21:b8:ef:74:b9:f2:8d:
f9:dc:1f:c7:2c:28:79:0b:c4:24:9d:c8:7d:14:86:08:8d:58:
d6:c4:37:36:52:d3:84:cc:95:52:d0:89:e3:3c:10:dc:6b:87:
08:ca:92:05:d2:e4:cb:4f:b0:97:e4:9b:cc:2f:97:d1:e6:e6:
ea:11:74:85
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYomZq4eqtUYKJuDFm9WesFeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI0MDcxNjE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzcxYTdiMTYzNzNjYWNkY2JkYjQ3MmQ1YmZlMzIwOGQwZGU4YmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUiD/PmG8x0Ww8jvxvJ1l023tzio
66En1eE1K64grcuD4c0AVmEUqXAk9TzjJYU2rQ8cWdpjalKLgXtdBaU+7hNzgaG1
ofOygI9JuMLs9eqGtMugwNea4Bw+vu0eOw70wXjt/HJphVk9CUJ+OBdDxs545wHl
T6fqeZltavtEcAAqKGwOIumVu6nb2MhNdYBvq0oyOp1DDeiQmKAWUHuY0OZkD031
DlE9r1jVv4vmHa/IAZ7ec6u7ywE+8pZjWWskdvGdISaL/Ca79pn63h6AKwzQ5+Sp
XdO1TzKfiUc6firs1LfAMbnm8DCA8QMntPLeEDUA8aKYiLkcsUdTum8b3wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOxxp7Fjc8rNy9tHLVv+MgjQ3ovRMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvN0hHbnNXTnp5czNMMjBjdFdfNHlDTkRlaTlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFC6yMDBzwgWzRq4VEgt
aBOOrEj0RphPA+F8Aubfvk6htC9VmzotxUzUwZ00RBjH2vSbTJRnSCAbGVW+7ujJ
wsBXyj3CWm5VW5mEhaJ9qdaWdP9fIKQDnqICgGlR11n4l3XxhRb2qha0fF5o+tdV
cmWmXpUFgiSJgb2qbmpE0dzBQ7PEAvxjHKTJ0J+YVUrygG4N6Wgg1ZS0lkptBNf9
NibI0UTw4HPFYCzRhqAMzU/oVROOX205oR+ATGDY+kZqIbjvdLnyjfncH8csKHkL
xCSdyH0UhgiNWNbENzZS04TMlVLQieM8ENxrhwjKkgXS5MtPsJfkm8wvl9Hm5uoR
dIU=
-----END CERTIFICATE-----
Generated at Mon Jun 9 16:10:57 2025 by rpki-client