Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/FHoLg328SlbIrftBM3ZAodaueFc.roa
File: FHoLg328SlbIrftBM3ZAodaueFc.roa (raw, json)
Hash identifier: pqRyOw0jN1l2YxZcYPvAoelQh7Xbz7OgFriYJJi+15M=
Subject key identifier: 14:7A:0B:83:7D:BC:4A:56:C8:AD:FB:41:33:76:40:A1:D6:AE:78:57
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0182271FFA3CF8246E582660C6210F4CB138
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/FHoLg328SlbIrftBM3ZAodaueFc.roa
Signing time: Fri 22 Jul 2022 18:16:23 +0000
ROA not before: Fri 22 Jul 2022 18:16:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:27:1f:fa:3c:f8:24:6e:58:26:60:c6:21:0f:4c:b1:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 22 18:16:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=147a0b837dbc4a56c8adfb41337640a1d6ae7857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:eb:67:79:ab:ab:40:81:04:f5:9f:67:a8:7b:
58:4a:9c:91:1c:09:df:31:ce:7d:de:cb:35:3c:ff:
a9:0b:a6:b3:04:c7:38:23:67:97:f6:0a:b1:24:6e:
14:e8:43:7a:32:77:71:83:3e:9c:f9:7c:de:09:a8:
15:2e:8e:54:e9:df:4f:72:f4:ee:c6:11:2f:39:b9:
b6:f6:cc:df:13:bd:98:ff:f8:51:02:0c:75:1c:d7:
dd:52:82:26:9b:46:61:93:41:93:f7:60:28:ff:0d:
1b:d5:13:d9:ba:a1:c8:21:02:17:0e:02:12:50:4e:
af:8d:c5:71:04:8c:e0:15:39:48:34:b5:6c:1f:08:
f4:a3:1d:d0:43:eb:f6:f6:40:b5:43:6e:36:fe:c7:
c6:23:bd:f5:98:c4:78:9f:75:dc:18:57:a3:38:2f:
d5:d8:f6:b0:c5:c4:1a:35:b2:1e:19:a5:aa:ef:a7:
c9:86:07:79:9c:38:a6:16:a0:a9:15:f4:56:3e:df:
ff:c0:83:fb:10:a5:8a:38:d6:42:24:ba:36:20:54:
8b:77:a3:0d:09:05:b7:0a:a7:90:ff:60:e0:04:a4:
02:54:a5:8c:62:58:0b:3a:a7:6f:4f:4b:8f:2a:b6:
45:7c:4d:c5:e8:ec:f6:0d:0c:9d:7d:09:bd:e6:d0:
ae:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:7A:0B:83:7D:BC:4A:56:C8:AD:FB:41:33:76:40:A1:D6:AE:78:57
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/FHoLg328SlbIrftBM3ZAodaueFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
47:c3:5a:1e:a8:b9:18:c7:0d:30:69:2f:4e:b1:73:0b:d7:46:
32:a2:cd:4d:58:3a:1c:fe:6f:3d:a3:81:5f:c0:b2:44:09:b5:
81:de:0f:00:98:2b:f0:2c:3b:ae:3c:25:60:39:81:d1:82:91:
99:a1:d1:c3:a5:ba:ee:19:38:1f:87:7e:9b:8b:21:8e:0d:9b:
bc:4e:b0:86:5b:68:9d:b8:4c:52:31:86:90:01:7f:d9:66:6b:
3d:38:5c:95:3f:3b:af:c4:c2:91:32:46:e7:1a:18:db:cc:c5:
a1:7c:07:c3:ea:25:83:b5:88:1e:4d:f5:54:12:d4:50:8c:cd:
bd:d5:e4:d2:74:41:55:05:2d:60:4b:b6:6f:73:26:03:7c:95:
d6:6b:ab:b4:bf:1a:f8:97:c9:51:66:db:1c:05:9c:a6:4d:73:
80:29:f6:79:bc:23:16:30:e1:dd:c4:e9:27:7e:b5:ef:9a:f6:
13:d1:37:b5:1e:3d:78:84:5b:6f:47:e1:13:d3:91:f4:8d:39:
37:74:02:34:e5:43:36:80:ff:64:8d:67:21:a6:1a:17:44:f1:
6e:ab:31:9d:23:33:99:79:b0:2e:e0:7d:08:84:62:7f:0e:b4:
b7:3a:c6:3b:c5:59:0e:68:3d:9d:6a:83:47:2c:92:22:b4:86:
05:1a:c6:ae
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYInH/o8+CRuWCZgxiEPTLE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwNzIyMTgxNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDdhMGI4MzdkYmM0YTU2YzhhZGZiNDEzMzc2NDBhMWQ2YWU3ODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOtneaurQIEE9Z9nqHtYSpyRHAnf
Mc593ss1PP+pC6azBMc4I2eX9gqxJG4U6EN6Mndxgz6c+XzeCagVLo5U6d9PcvTu
xhEvObm29szfE72Y//hRAgx1HNfdUoImm0Zhk0GT92Ao/w0b1RPZuqHIIQIXDgIS
UE6vjcVxBIzgFTlINLVsHwj0ox3QQ+v29kC1Q242/sfGI731mMR4n3XcGFejOC/V
2PawxcQaNbIeGaWq76fJhgd5nDimFqCpFfRWPt//wIP7EKWKONZCJLo2IFSLd6MN
CQW3CqeQ/2DgBKQCVKWMYlgLOqdvT0uPKrZFfE3F6Oz2DQydfQm95tCuEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBR6C4N9vEpWyK37QTN2QKHWrnhXMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRkhvTGczMjhTbGJJcmZ0Qk0zWkFvZGF1ZUZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEfDWh6ouRjHDTBpL06x
cwvXRjKizU1YOhz+bz2jgV/AskQJtYHeDwCYK/AsO648JWA5gdGCkZmh0cOluu4Z
OB+HfpuLIY4Nm7xOsIZbaJ24TFIxhpABf9lmaz04XJU/O6/EwpEyRucaGNvMxaF8
B8PqJYO1iB5N9VQS1FCMzb3V5NJ0QVUFLWBLtm9zJgN8ldZrq7S/GviXyVFm2xwF
nKZNc4Ap9nm8IxYw4d3E6Sd+te+a9hPRN7UePXiEW29H4RPTkfSNOTd0AjTlQzaA
/2SNZyGmGhdE8W6rMZ0jM5l5sC7gfQiEYn8OtLc6xjvFWQ5oPZ1qg0cskiK0hgUa
xq4=
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:08:23 2025 by rpki-client