Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/h8rS_k6gvUxsFxIbiitqduqFnqI.roa
File: h8rS_k6gvUxsFxIbiitqduqFnqI.roa (raw, json)
Hash identifier: ygxxe36rLxmUzyt265q1SGMCyayI44zy7za5xdC7QOw=
Subject key identifier: 87:CA:D2:FE:4E:A0:BD:4C:6C:17:12:1B:8A:2B:6A:76:EA:85:9E:A2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 8AB856C4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/h8rS_k6gvUxsFxIbiitqduqFnqI.roa
Signing time: Tue 07 Jun 2022 14:10:02 +0000
ROA not before: Tue 07 Jun 2022 14:10:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:181:22f:7a99/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2327336644 (0x8ab856c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 7 14:10:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87cad2fe4ea0bd4c6c17121b8a2b6a76ea859ea2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8d:39:10:aa:d9:73:9e:53:80:9f:fa:38:6d:
bd:46:3c:09:1e:86:2e:15:a7:f5:05:b0:73:aa:84:
79:94:af:b9:47:d5:26:9e:97:50:02:47:a1:41:ba:
57:fd:b8:5b:2d:3e:b6:d3:a2:f2:00:69:68:7c:5d:
5b:63:98:f4:1b:d1:0c:22:1f:49:69:3f:83:81:f9:
8f:3f:45:d1:fb:8e:a5:a8:3b:3a:da:da:93:ad:67:
06:be:29:2f:9b:40:3c:50:2a:b0:b1:31:ec:1e:cc:
fa:e0:c6:7a:bf:af:23:0a:d6:39:81:eb:c7:3f:6c:
e1:ee:d7:16:b3:af:93:58:3b:a0:11:a4:9a:d4:42:
c9:25:19:e6:76:c3:1b:82:a6:d0:6c:7b:bd:76:25:
b7:0b:8d:06:24:7b:3f:27:6b:d6:8b:f2:fc:90:5f:
41:27:b6:f8:26:b3:c3:46:6f:1a:ee:91:af:cb:d0:
bf:7a:f0:28:80:e1:e8:21:ab:44:95:64:dd:6f:c5:
73:db:e0:41:f3:e1:7e:7c:56:e4:21:cc:73:5b:84:
1a:97:97:96:70:dd:03:75:7d:14:3d:87:ca:cc:4c:
78:b0:d1:0c:9d:db:92:02:75:c5:5a:94:a0:74:ec:
75:25:c7:ed:fe:a2:e1:c7:b8:88:19:ae:57:f9:9c:
e3:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:CA:D2:FE:4E:A0:BD:4C:6C:17:12:1B:8A:2B:6A:76:EA:85:9E:A2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/h8rS_k6gvUxsFxIbiitqduqFnqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
24:17:d3:50:0b:d7:3a:00:d2:a5:30:56:7e:28:7c:22:79:59:
6c:08:72:96:5a:88:22:99:16:36:88:6b:98:dd:9f:8c:48:cd:
39:38:a3:a6:7d:d6:88:22:f4:98:79:ff:a1:d6:de:10:24:aa:
1b:18:bf:dd:22:1c:d1:20:07:19:81:07:bd:db:68:a7:f0:39:
ec:a9:fb:6d:bc:32:7a:9d:9f:3c:be:c1:12:ee:4c:3c:5b:2d:
95:f9:9b:f3:b5:01:90:66:9c:7b:3c:bc:24:e4:b7:02:84:fd:
c3:05:f9:d5:e3:0c:88:e6:34:d8:66:cc:68:7d:89:ed:38:cc:
32:b3:36:81:5f:00:ad:3e:d9:e9:bd:c6:3c:87:5f:0a:81:3f:
c8:05:9a:5b:c0:7f:2d:d1:72:e0:bc:2c:7d:da:8b:26:60:03:
96:67:6e:a9:c0:ad:56:b2:62:63:e3:8b:d4:04:1a:58:7c:54:
67:29:9c:b2:76:90:94:7f:bb:19:c1:f0:1d:12:48:49:5e:20:
19:66:1b:67:50:bd:6c:de:32:6d:61:0d:eb:13:d1:5f:66:0e:
15:fc:e2:6b:af:da:4b:b5:2e:7b:9d:f6:85:7f:f4:6d:3e:a0:
5b:6b:31:c2:89:36:3e:44:03:13:da:f2:27:b9:f5:17:83:e1:
42:01:8a:5c
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIq4VsQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA2
MDcxNDEwMDJaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDg3Y2FkMmZlNGVh
MGJkNGM2YzE3MTIxYjhhMmI2YTc2ZWE4NTllYTIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC8jTkQqtlznlOAn/o4bb1GPAkehi4Vp/UFsHOqhHmUr7lH
1Sael1ACR6FBulf9uFstPrbTovIAaWh8XVtjmPQb0QwiH0lpP4OB+Y8/RdH7jqWo
Ozra2pOtZwa+KS+bQDxQKrCxMewezPrgxnq/ryMK1jmB68c/bOHu1xazr5NYO6AR
pJrUQsklGeZ2wxuCptBse712JbcLjQYkez8na9aL8vyQX0Entvgms8NGbxruka/L
0L968CiA4eghq0SVZN1vxXPb4EHz4X58VuQhzHNbhBqXl5Zw3QN1fRQ9h8rMTHiw
0Qyd25ICdcValKB07HUlx+3+ouHHuIgZrlf5nONnAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUh8rS/k6gvUxsFxIbiitqduqFnqIwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9oOHJTX2s2Z3ZVeHNGeEliaWl0cWR1cUZucUkucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAJBfTUAvXOgDSpTBWfih8InlZbAhyllqIIpkW
NohrmN2fjEjNOTijpn3WiCL0mHn/odbeECSqGxi/3SIc0SAHGYEHvdtop/A57Kn7
bbwyep2fPL7BEu5MPFstlfmb87UBkGacezy8JOS3AoT9wwX51eMMiOY02GbMaH2J
7TjMMrM2gV8ArT7Z6b3GPIdfCoE/yAWaW8B/LdFy4LwsfdqLJmADlmduqcCtVrJi
Y+OL1AQaWHxUZymcsnaQlH+7GcHwHRJISV4gGWYbZ1C9bN4ybWEN6xPRX2YOFfzi
a6/aS7Uue532hX/0bT6gW2sxwok2PkQDE9ryJ7n1F4PhQgGKXA==
-----END CERTIFICATE-----
Generated at Mon Jun 9 06:14:21 2025 by rpki-client