Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hSxr7unb4mvmxXMpldL5ekzkmFk.roa
File: hSxr7unb4mvmxXMpldL5ekzkmFk.roa (raw, json)
Hash identifier: ej8bP3WaRJufAyrqG0yDb47C2KGWv7h17qCPJffWtX8=
Subject key identifier: 85:2C:6B:EE:E9:DB:E2:6B:E6:C5:73:29:95:D2:F9:7A:4C:E4:98:59
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185820F0B12C56043DA60FCDC3896CF7845
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hSxr7unb4mvmxXMpldL5ekzkmFk.roa
Signing time: Thu 05 Jan 2023 13:11:42 +0000
ROA not before: Thu 05 Jan 2023 13:11:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:82:0f:0b:12:c5:60:43:da:60:fc:dc:38:96:cf:78:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 5 13:11:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=852c6beee9dbe26be6c5732995d2f97a4ce49859
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f7:c8:be:76:20:bb:87:97:ab:0c:5c:cf:92:
03:b8:65:d6:9b:6c:cc:0f:9c:26:ed:c7:2b:62:38:
e7:09:48:34:42:3c:69:a3:65:e0:65:49:8c:d6:e3:
14:b9:88:42:f0:72:bb:88:98:a4:c7:e8:89:fc:1b:
36:32:4b:79:ab:0f:ad:2a:78:7e:69:43:9a:1b:6d:
d3:10:b9:fb:4b:68:fc:15:58:bc:b6:f6:6e:78:10:
ab:73:ca:8f:91:ca:a7:2b:b2:1e:c4:cc:f9:20:e0:
69:51:78:e6:d6:03:53:3f:23:8e:1a:c1:c2:7e:e0:
2a:ca:69:49:e9:79:0e:ae:7b:9c:6a:73:1a:b0:94:
19:1a:d3:30:62:9d:90:02:0b:de:5c:eb:71:32:5a:
03:be:18:47:a1:d0:b9:88:79:9a:33:ee:72:f7:0a:
d7:97:7a:b5:65:43:d3:8f:0d:4d:b4:77:d2:34:1f:
56:82:07:3b:61:f1:9a:8e:75:e9:da:9b:f9:36:76:
c4:02:ed:91:e8:ea:88:6d:b0:42:14:66:b3:bc:e1:
e8:45:87:99:17:5f:e7:69:fb:42:d3:2b:ba:96:6a:
7f:f7:f2:df:96:bb:a1:cd:1f:36:98:db:7a:14:39:
c8:18:6a:43:01:8d:97:05:47:6b:78:c7:ef:b1:70:
29:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:2C:6B:EE:E9:DB:E2:6B:E6:C5:73:29:95:D2:F9:7A:4C:E4:98:59
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hSxr7unb4mvmxXMpldL5ekzkmFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:29:16:4b:a7:52:58:50:99:ab:6f:48:56:67:64:9d:cf:f0:
74:ce:1a:1a:1a:c3:a8:34:6c:41:d4:07:ff:11:9b:05:69:a6:
73:ae:0f:8f:63:09:e2:82:44:9f:1e:66:b1:42:04:8d:77:3d:
58:90:d3:8e:03:a1:d6:67:db:e7:20:35:38:2a:e4:df:4e:07:
15:7f:a3:b9:3c:b5:21:88:37:ce:4f:09:8e:b3:b3:ae:f1:5f:
0c:d1:f2:d7:db:33:52:0e:2a:ae:81:fb:e7:a7:44:84:ff:07:
de:22:5b:f6:58:6f:10:a3:30:da:07:28:93:93:b3:24:b9:36:
cc:ae:84:5d:cb:01:41:c8:3b:0d:e9:16:1f:a4:db:16:f1:7f:
c0:05:64:22:24:9c:58:ed:6a:fa:8f:0e:2d:0e:43:81:df:41:
7c:3e:46:32:b7:6c:19:6a:ca:11:3b:c5:e5:76:73:e3:a5:4e:
d4:21:28:82:08:9a:55:39:61:24:e8:ab:6e:e0:0d:6f:ae:0a:
be:25:90:46:d5:0f:bf:a7:08:13:f4:4f:21:7c:6f:05:eb:65:
a5:77:ae:ea:dd:ed:f1:50:3f:d2:6d:d6:f2:9b:c2:63:5e:6f:
cc:0e:c8:d6:79:a7:39:43:f4:93:35:8d:f7:a3:ea:5c:c5:e7:
2e:33:cb:05
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWCDwsSxWBD2mD83DiWz3hFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA1MTMxMTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTJjNmJlZWU5ZGJlMjZiZTZjNTczMjk5NWQyZjk3YTRjZTQ5ODU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/fIvnYgu4eXqwxcz5IDuGXWm2zM
D5wm7ccrYjjnCUg0Qjxpo2XgZUmM1uMUuYhC8HK7iJikx+iJ/Bs2Mkt5qw+tKnh+
aUOaG23TELn7S2j8FVi8tvZueBCrc8qPkcqnK7IexMz5IOBpUXjm1gNTPyOOGsHC
fuAqymlJ6XkOrnucanMasJQZGtMwYp2QAgveXOtxMloDvhhHodC5iHmaM+5y9wrX
l3q1ZUPTjw1NtHfSNB9Wggc7YfGajnXp2pv5NnbEAu2R6OqIbbBCFGazvOHoRYeZ
F1/naftC0yu6lmp/9/LflruhzR82mNt6FDnIGGpDAY2XBUdreMfvsXApkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIUsa+7p2+Jr5sVzKZXS+XpM5JhZMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaFN4cjd1bmI0bXZteFhNcGxkTDVla3prbUZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEQpFkunUlhQmatvSFZn
ZJ3P8HTOGhoaw6g0bEHUB/8RmwVppnOuD49jCeKCRJ8eZrFCBI13PViQ044DodZn
2+cgNTgq5N9OBxV/o7k8tSGIN85PCY6zs67xXwzR8tfbM1IOKq6B++enRIT/B94i
W/ZYbxCjMNoHKJOTsyS5NsyuhF3LAUHIOw3pFh+k2xbxf8AFZCIknFjtavqPDi0O
Q4HfQXw+RjK3bBlqyhE7xeV2c+OlTtQhKIIImlU5YSToq27gDW+uCr4lkEbVD7+n
CBP0TyF8bwXrZaV3rurd7fFQP9Jt1vKbwmNeb8wOyNZ5pzlD9JM1jfej6lzF5y4z
ywU=
-----END CERTIFICATE-----
Generated at Mon Jun 9 03:05:18 2025 by rpki-client