Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HRfrdgEojC1zi6gu5RVkpo1GkNI.roa
File: HRfrdgEojC1zi6gu5RVkpo1GkNI.roa (raw, json)
Hash identifier: 9WAGGts9YOQa5fefwRIXAK7VrZN/zjVv8veY3QWxfYc=
Subject key identifier: 1D:17:EB:76:01:28:8C:2D:73:8B:A8:2E:E5:15:64:A6:8D:46:90:D2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187BA728B11A42F15F30E34A2DC00BD2BE6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HRfrdgEojC1zi6gu5RVkpo1GkNI.roa
Signing time: Tue 25 Apr 2023 22:04:41 +0000
ROA not before: Tue 25 Apr 2023 22:04:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:187:ba72:4565/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ba:72:8b:11:a4:2f:15:f3:0e:34:a2:dc:00:bd:2b:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 25 22:04:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d17eb7601288c2d738ba82ee51564a68d4690d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d9:0a:ee:b5:7a:56:73:a3:0b:3b:1c:da:73:
c6:2a:60:89:b0:64:f2:2b:c6:aa:16:83:cf:08:1c:
1b:18:23:d9:1b:22:48:b2:c2:c5:37:f1:2c:db:0a:
d0:7e:0a:da:f7:71:39:4e:41:fa:22:80:8c:ab:6c:
15:4b:bf:d9:96:57:1c:ed:c2:4f:b7:ee:4b:e8:04:
fa:9a:7e:a6:50:0d:16:aa:94:5e:91:5d:97:24:13:
a3:42:7c:cc:9c:0b:89:9b:7a:8f:19:17:ae:9d:7b:
1e:31:66:91:42:a5:5a:2f:14:bf:98:f9:4e:88:6a:
e8:ee:1e:ca:39:43:6a:f0:ae:fa:4f:a9:68:06:be:
f6:d3:dc:24:63:06:bf:68:c9:16:c2:b3:bc:6a:88:
fc:05:06:b3:ec:04:b9:7f:be:ea:d5:25:05:b1:24:
1b:1f:e3:34:98:b0:aa:a9:53:ca:1a:10:9f:1d:ad:
ba:79:8f:6d:18:a5:99:9b:f5:43:99:51:86:82:08:
48:74:5f:fd:51:03:97:66:5f:e2:50:6f:5c:ba:5c:
ab:05:d7:ee:08:97:4a:5b:e8:66:fd:b8:7d:1d:db:
9f:3f:ee:58:ac:13:85:e8:db:79:e7:c3:e0:d4:5a:
91:f0:60:35:1b:56:ba:03:1d:bc:53:9d:39:cc:16:
27:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:17:EB:76:01:28:8C:2D:73:8B:A8:2E:E5:15:64:A6:8D:46:90:D2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HRfrdgEojC1zi6gu5RVkpo1GkNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
90:28:73:da:7c:52:71:04:65:ba:a5:6f:d0:b4:99:03:ed:30:
9a:45:f5:0e:03:c0:71:1a:b0:ec:fb:22:0b:e2:00:81:84:3d:
48:ed:df:46:ac:8f:60:50:f1:83:15:81:3a:14:14:fa:b5:01:
98:7b:a4:86:cc:7d:74:66:d6:a2:97:83:78:b9:96:e0:57:e7:
e1:fb:fb:d7:bb:bd:86:62:f0:39:66:d9:41:75:f7:80:5e:51:
9f:13:3a:54:27:7c:35:8e:60:14:0c:8c:76:2e:72:3e:c3:3c:
15:ee:5a:02:12:85:e0:7b:05:96:a0:15:99:7f:64:c1:9d:89:
43:49:a1:1f:9a:f3:b0:81:3d:23:e2:db:85:4a:59:97:f7:12:
75:eb:10:0b:da:92:10:05:d0:d8:a4:9b:8f:bf:fe:08:e1:24:
b0:66:24:91:6f:f7:e3:b5:eb:ac:ae:75:66:72:0b:15:c6:f3:
55:a4:4c:05:8b:35:02:c9:74:2a:c7:b1:05:c3:88:88:15:aa:
00:c1:2f:0a:9e:6e:96:f0:5a:3c:f8:ee:b4:87:86:32:18:2a:
98:b9:da:28:62:84:66:25:5b:e6:88:35:1c:7e:d5:3f:88:43:
0b:34:d7:ca:bb:28:8d:cd:ae:32:50:50:e5:fa:9f:04:8a:fe:
07:bb:82:c9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYe6cosRpC8V8w40otwAvSvmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDI1MjIwNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDE3ZWI3NjAxMjg4YzJkNzM4YmE4MmVlNTE1NjRhNjhkNDY5MGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdkK7rV6VnOjCzsc2nPGKmCJsGTy
K8aqFoPPCBwbGCPZGyJIssLFN/Es2wrQfgra93E5TkH6IoCMq2wVS7/Zllcc7cJP
t+5L6AT6mn6mUA0WqpRekV2XJBOjQnzMnAuJm3qPGReunXseMWaRQqVaLxS/mPlO
iGro7h7KOUNq8K76T6loBr7209wkYwa/aMkWwrO8aoj8BQaz7AS5f77q1SUFsSQb
H+M0mLCqqVPKGhCfHa26eY9tGKWZm/VDmVGGgghIdF/9UQOXZl/iUG9culyrBdfu
CJdKW+hm/bh9HdufP+5YrBOF6Nt558Pg1FqR8GA1G1a6Ax28U505zBYnMQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB0X63YBKIwtc4uoLuUVZKaNRpDSMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSFJmcmRnRW9qQzF6aTZndTVSVmtwbzFHa05JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJAoc9p8UnEEZbqlb9C0
mQPtMJpF9Q4DwHEasOz7IgviAIGEPUjt30asj2BQ8YMVgToUFPq1AZh7pIbMfXRm
1qKXg3i5luBX5+H7+9e7vYZi8Dlm2UF194BeUZ8TOlQnfDWOYBQMjHYucj7DPBXu
WgISheB7BZagFZl/ZMGdiUNJoR+a87CBPSPi24VKWZf3EnXrEAvakhAF0Nikm4+/
/gjhJLBmJJFv9+O166yudWZyCxXG81WkTAWLNQLJdCrHsQXDiIgVqgDBLwqebpbw
Wjz47rSHhjIYKpi52ihihGYlW+aINRx+1T+IQws018q7KI3NrjJQUOX6nwSK/ge7
gsk=
-----END CERTIFICATE-----
Generated at Fri Jun 13 15:35:57 2025 by rpki-client