Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HYbMkardl2dEYj5igMIdUGzMJWk.roa
File: HYbMkardl2dEYj5igMIdUGzMJWk.roa (raw, json)
Hash identifier: feYsJz0WU2/uIyN3USVxIlgJ6k/pIwrn7OIsseh1KeI=
Subject key identifier: 1D:86:CC:91:AA:DD:97:67:44:62:3E:62:80:C2:1D:50:6C:CC:25:69
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189D42D81D8AA0959B2DF627AAD3CB64A3B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HYbMkardl2dEYj5igMIdUGzMJWk.roa
Signing time: Tue 08 Aug 2023 08:04:59 +0000
ROA not before: Tue 08 Aug 2023 08:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:d42c:cf90/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d4:2d:81:d8:aa:09:59:b2:df:62:7a:ad:3c:b6:4a:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 8 08:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d86cc91aadd976744623e6280c21d506ccc2569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:eb:57:51:6e:68:da:7e:af:d0:a6:fa:c4:c2:
80:34:72:a9:36:54:2e:79:2b:2c:cf:26:69:16:b4:
70:bc:df:67:28:96:ca:f6:ba:5e:85:a5:28:9d:e6:
bc:0e:c4:e2:35:bb:fa:1f:01:fa:31:79:f7:f8:80:
18:73:6f:41:08:ac:33:e4:45:c6:36:4f:44:78:50:
e7:3d:18:9d:73:d4:f2:85:e2:ca:0a:ea:3b:a3:b3:
3f:6b:47:41:16:2d:3e:e2:57:55:c6:f1:0d:e4:45:
48:86:86:be:32:a0:cf:f9:a8:de:65:83:7c:30:dc:
82:bc:e0:09:88:e2:5d:0e:93:46:57:a1:9b:bd:b8:
6d:8e:ce:df:bc:63:ba:8b:62:dc:54:b1:93:d8:49:
af:bd:64:24:29:a1:51:0a:41:b6:c6:8a:c1:d2:cd:
9c:8e:fa:c9:f2:2c:12:26:2a:8c:50:2e:0f:e9:72:
77:25:e6:4a:27:69:e5:08:9a:5b:fa:94:4c:31:b9:
0b:f4:83:31:a0:92:48:73:fc:0f:bf:9e:c9:cc:d5:
c3:d4:5e:79:18:bc:a1:6b:c5:ec:96:94:1c:ce:6c:
cb:c8:ea:85:d9:a6:ea:d1:8e:b2:60:f7:52:0d:29:
10:e2:5c:50:73:75:f8:1e:46:05:17:d0:f2:d1:b5:
42:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:86:CC:91:AA:DD:97:67:44:62:3E:62:80:C2:1D:50:6C:CC:25:69
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/HYbMkardl2dEYj5igMIdUGzMJWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
91:08:c4:55:25:4f:2b:d6:a1:af:06:f1:11:40:9b:c8:82:a9:
60:8d:53:c4:d3:c4:11:04:97:a0:09:f0:4b:86:97:70:be:69:
00:a4:75:56:71:80:2c:59:9d:ce:d9:2a:f8:52:01:69:04:05:
9b:80:71:e2:c2:ce:c1:f0:63:7a:f2:3c:38:cf:44:ce:a2:21:
62:f5:47:6a:43:9d:99:4c:e3:38:c2:06:ac:ff:c7:78:9a:57:
4a:a7:ed:83:23:bc:19:21:69:70:c0:cd:4e:08:c2:40:67:f2:
12:50:52:7a:42:b9:3a:7c:0f:d2:9d:59:41:c0:4e:39:66:32:
58:b9:0b:8c:8b:53:f7:29:8d:83:e9:3f:56:85:57:1c:cd:37:
c5:62:ab:ac:dc:16:d2:c7:8c:b0:6d:50:c6:98:7e:58:79:f8:
e7:a6:9f:f3:b7:7c:22:ee:56:8a:90:41:12:15:b0:34:6f:b0:
14:8a:1a:1f:3d:9c:9a:97:10:03:fc:74:fb:3d:33:c7:a8:74:
97:7e:68:b5:e1:e4:13:53:0e:69:3a:3c:0c:e8:fc:76:16:a7:
23:bc:cf:1a:96:e5:66:f6:23:d7:6e:d6:f6:3c:1c:86:11:72:
57:52:3a:95:ca:51:bc:8a:23:85:08:92:04:4c:0f:55:a7:99:
f6:b5:e4:c1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnULYHYqglZst9ieq08tko7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA4MDgwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDg2Y2M5MWFhZGQ5NzY3NDQ2MjNlNjI4MGMyMWQ1MDZjY2MyNTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+tXUW5o2n6v0Kb6xMKANHKpNlQu
eSsszyZpFrRwvN9nKJbK9rpehaUonea8DsTiNbv6HwH6MXn3+IAYc29BCKwz5EXG
Nk9EeFDnPRidc9TyheLKCuo7o7M/a0dBFi0+4ldVxvEN5EVIhoa+MqDP+ajeZYN8
MNyCvOAJiOJdDpNGV6Gbvbhtjs7fvGO6i2LcVLGT2EmvvWQkKaFRCkG2xorB0s2c
jvrJ8iwSJiqMUC4P6XJ3JeZKJ2nlCJpb+pRMMbkL9IMxoJJIc/wPv57JzNXD1F55
GLyha8XslpQczmzLyOqF2abq0Y6yYPdSDSkQ4lxQc3X4HkYFF9Dy0bVCRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB2GzJGq3ZdnRGI+YoDCHVBszCVpMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSFliTWthcmRsMmRFWWo1aWdNSWRVR3pNSldrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJEIxFUlTyvWoa8G8RFA
m8iCqWCNU8TTxBEEl6AJ8EuGl3C+aQCkdVZxgCxZnc7ZKvhSAWkEBZuAceLCzsHw
Y3ryPDjPRM6iIWL1R2pDnZlM4zjCBqz/x3iaV0qn7YMjvBkhaXDAzU4IwkBn8hJQ
UnpCuTp8D9KdWUHATjlmMli5C4yLU/cpjYPpP1aFVxzNN8Viq6zcFtLHjLBtUMaY
flh5+Oemn/O3fCLuVoqQQRIVsDRvsBSKGh89nJqXEAP8dPs9M8eodJd+aLXh5BNT
Dmk6PAzo/HYWpyO8zxqW5Wb2I9du1vY8HIYRcldSOpXKUbyKI4UIkgRMD1Wnmfa1
5ME=
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:21:43 2025 by rpki-client