Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HIZEOakR4GcerNU0QZ7YT4Lbui4.roa
File: HIZEOakR4GcerNU0QZ7YT4Lbui4.roa (raw, json)
Hash identifier: maB/FKQVeGFv1WjVDssIk4qWMPgSszoROqv6TNYBtAY=
Subject key identifier: 1C:86:44:39:A9:11:E0:67:1E:AC:D5:34:41:9E:D8:4F:82:DB:BA:2E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01856AA8C1975DF24444EBD56B48D5F4763C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HIZEOakR4GcerNU0QZ7YT4Lbui4.roa
Signing time: Sun 01 Jan 2023 00:08:42 +0000
ROA not before: Sun 01 Jan 2023 00:08:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6a:a8:c1:97:5d:f2:44:44:eb:d5:6b:48:d5:f4:76:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 1 00:08:42 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c864439a911e0671eacd534419ed84f82dbba2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:48:5f:d5:e0:44:53:32:1f:b4:5c:75:62:b7:
0c:ce:e9:22:89:c7:2b:85:3b:57:a4:f7:bd:3c:46:
77:e8:7a:f0:28:84:ff:73:5e:2e:34:07:34:7e:c9:
c6:7c:e4:79:f2:77:81:11:69:29:62:1b:3b:15:60:
56:8e:ed:ec:09:57:5d:87:99:fc:cf:88:02:48:6b:
8a:50:e3:3d:78:d6:03:8b:16:70:e0:2b:f7:31:45:
a4:58:40:12:2e:b2:38:ef:a6:9c:8f:05:5a:ca:a3:
ee:31:a5:60:75:a6:06:5f:16:52:df:cd:25:f7:c8:
6f:98:cc:fb:9e:a5:89:ec:a1:c7:30:4c:af:ac:7f:
bc:97:bf:e8:cb:b4:8a:ae:a2:36:c2:7f:b5:c9:d7:
fe:5c:c5:2b:03:ee:d8:53:fa:47:ea:a1:37:3b:a1:
c6:ea:3b:f8:7b:ae:a2:76:48:77:58:93:1c:35:f7:
f7:b4:f9:83:02:09:3e:09:02:8b:bf:f6:c2:48:5d:
de:65:4f:20:63:27:15:15:4c:6c:5f:82:06:08:55:
03:04:5b:4d:c6:9d:46:1b:b3:41:86:dd:00:62:c7:
be:b6:05:2b:d8:84:37:0d:db:57:81:e2:46:4c:de:
78:f4:08:00:1b:ba:2b:0c:59:56:0c:48:d9:5e:8f:
79:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:86:44:39:A9:11:E0:67:1E:AC:D5:34:41:9E:D8:4F:82:DB:BA:2E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HIZEOakR4GcerNU0QZ7YT4Lbui4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:b6:e8:dd:91:cc:d7:3a:0b:b0:74:41:f9:3b:e3:fe:b6:a0:
32:44:d1:c9:66:bd:3e:2e:38:eb:9a:ad:61:01:17:1d:ba:64:
6d:aa:3b:64:19:de:c6:63:3b:c3:57:fd:16:09:05:15:3a:df:
da:b2:b1:e6:2b:24:14:09:9f:07:0b:af:4e:97:77:22:a7:67:
25:c2:61:78:43:8f:b5:c1:48:f2:87:e4:e6:cc:80:ee:b8:27:
28:7d:4d:79:ec:33:6e:8b:de:8c:2d:b1:a9:17:50:a4:79:df:
71:79:93:3f:9d:ff:26:1a:90:d8:15:df:99:e2:b5:e4:7e:e1:
24:24:73:0a:23:f2:6a:67:be:32:bb:0d:89:ab:c5:81:f1:22:
cd:ef:79:d0:6a:9e:e3:dd:7f:37:c2:62:f6:17:2c:b2:96:fc:
37:c4:b4:73:05:ec:96:df:26:74:f9:8b:d0:59:22:24:67:bf:
2a:21:9c:aa:80:c3:83:9a:ea:ee:98:f0:b0:43:70:76:c7:42:
32:be:ee:26:2e:ea:e6:24:83:df:5c:59:ff:1e:9d:e4:0b:8e:
15:de:ba:b3:00:08:bc:6f:48:95:1f:fd:57:29:f6:a3:bb:84:
e9:f9:56:41:94:d6:20:b6:3c:3a:79:fa:f8:a8:44:34:e7:05:
48:83:7b:d3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVqqMGXXfJEROvVa0jV9HY8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTAxMDAwODQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzg2NDQzOWE5MTFlMDY3MWVhY2Q1MzQ0MTllZDg0ZjgyZGJiYTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0hf1eBEUzIftFx1YrcMzukiiccr
hTtXpPe9PEZ36HrwKIT/c14uNAc0fsnGfOR58neBEWkpYhs7FWBWju3sCVddh5n8
z4gCSGuKUOM9eNYDixZw4Cv3MUWkWEASLrI476acjwVayqPuMaVgdaYGXxZS380l
98hvmMz7nqWJ7KHHMEyvrH+8l7/oy7SKrqI2wn+1ydf+XMUrA+7YU/pH6qE3O6HG
6jv4e66idkh3WJMcNff3tPmDAgk+CQKLv/bCSF3eZU8gYycVFUxsX4IGCFUDBFtN
xp1GG7NBht0AYse+tgUr2IQ3DdtXgeJGTN549AgAG7orDFlWDEjZXo95fwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFByGRDmpEeBnHqzVNEGe2E+C27ouMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSElaRU9ha1I0R2Nlck5VMFFaN1lUNExidWk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABi26N2RzNc6C7B0Qfk7
4/62oDJE0clmvT4uOOuarWEBFx26ZG2qO2QZ3sZjO8NX/RYJBRU639qyseYrJBQJ
nwcLr06XdyKnZyXCYXhDj7XBSPKH5ObMgO64Jyh9TXnsM26L3owtsakXUKR533F5
kz+d/yYakNgV35niteR+4SQkcwoj8mpnvjK7DYmrxYHxIs3vedBqnuPdfzfCYvYX
LLKW/DfEtHMF7JbfJnT5i9BZIiRnvyohnKqAw4Oa6u6Y8LBDcHbHQjK+7iYu6uYk
g99cWf8eneQLjhXeurMACLxvSJUf/Vcp9qO7hOn5VkGU1iC2PDp5+vioRDTnBUiD
e9M=
-----END CERTIFICATE-----
Generated at Wed Jun 11 02:49:23 2025 by rpki-client