Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hw3BntT9gbt5IFlPMKYXXIDLAiQ.roa
File: hw3BntT9gbt5IFlPMKYXXIDLAiQ.roa (raw, json)
Hash identifier: THDSmY3v67Ad9+1DpRaVqAN4lKXCctBA6WjctYw2sNA=
Subject key identifier: 87:0D:C1:9E:D4:FD:81:BB:79:20:59:4F:30:A6:17:5C:80:CB:02:24
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 75FBF381
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hw3BntT9gbt5IFlPMKYXXIDLAiQ.roa
Signing time: Sat 26 Mar 2022 23:10:15 +0000
ROA not before: Sat 26 Mar 2022 23:10:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64:ffff:0:17f:20ac:a2bd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:17f:87e3:2531/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1979446145 (0x75fbf381)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 26 23:10:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=870dc19ed4fd81bb7920594f30a6175c80cb0224
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b1:c8:fb:43:32:2d:2c:d1:34:da:24:d0:85:
3a:84:ce:18:23:75:54:bf:3e:98:20:48:46:80:2e:
b8:20:4b:63:14:06:aa:ea:01:fd:98:4d:df:63:8d:
75:fd:2c:86:ee:8b:91:de:e5:5d:e0:e3:b3:a8:9c:
c3:eb:3a:78:e7:b1:db:6c:dd:cc:ff:b5:af:bf:08:
9b:f2:19:89:55:51:9c:63:19:f8:cf:f4:51:b3:e2:
a5:7c:5c:e1:40:e5:da:6b:cb:d6:81:73:23:3d:65:
93:fa:41:d7:ca:05:08:ff:0e:7e:e9:52:5d:13:57:
e3:f1:ff:9f:d1:5b:17:e1:05:75:e7:f1:eb:42:c2:
ac:04:27:6a:d1:ba:e2:88:98:ba:c5:4d:80:e0:1b:
92:d2:e6:5e:4d:ab:96:5a:be:c0:6f:ee:2c:02:7a:
03:b2:e4:47:b2:7c:9a:3d:b9:b5:71:be:47:b0:3a:
30:50:8e:e7:0e:b0:2e:8c:a6:f9:ff:19:e0:14:28:
e8:e2:16:17:8b:a2:ba:d1:7f:9b:b6:e3:aa:ef:e2:
1e:36:05:97:07:db:a2:12:fa:8d:8e:bd:5b:ca:6c:
a6:62:a2:42:93:6a:dc:28:ca:c7:90:05:b7:52:df:
29:b0:7b:ed:64:a4:27:ea:59:8a:8e:2f:25:e5:85:
f8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:0D:C1:9E:D4:FD:81:BB:79:20:59:4F:30:A6:17:5C:80:CB:02:24
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/hw3BntT9gbt5IFlPMKYXXIDLAiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
53:d0:2f:d2:0f:2c:76:ad:30:69:78:6f:59:3e:f5:59:73:c2:
7b:f1:a6:2e:1d:7c:82:6f:c7:40:d1:ae:2e:e7:99:cf:b1:fa:
b3:5a:13:05:71:9c:85:c4:e3:9f:ca:79:e0:12:0a:f9:03:eb:
83:f6:09:71:7d:41:60:fb:ca:30:c4:9f:c7:a4:84:e3:a2:e3:
df:3d:e0:ba:d6:81:bb:59:28:de:32:4b:e3:fa:6e:fd:47:1a:
c4:72:82:d4:28:a8:ae:dc:34:90:3a:71:09:58:4a:32:15:7e:
f4:5a:ec:04:f8:b1:9f:40:23:cc:6c:2c:9a:e4:c4:cd:bb:3b:
67:22:39:84:66:e4:f0:9a:4f:10:ae:da:f7:f9:b8:fa:4e:2c:
2f:76:fb:f6:d3:53:65:d8:dc:84:43:9a:60:33:63:5f:63:a8:
f2:53:03:4c:7b:27:2e:2e:2f:a6:d7:a2:40:32:35:8e:d4:e3:
d0:b4:c4:cc:94:62:fb:3f:7e:40:6a:da:2e:ec:7d:6b:7c:6d:
2c:ff:99:99:b5:f5:fa:59:27:f6:be:e7:51:8d:07:cb:a4:e6:
7b:25:53:f9:eb:cb:82:bc:ad:4e:40:93:2f:03:e0:82:a3:d8:
e7:3f:5a:67:2e:66:89:33:53:d0:dd:aa:4b:c2:6b:bb:bd:b5:
cd:a5:23:85
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEdfvzgTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDMy
NjIzMTAxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODcwZGMxOWVkNGZk
ODFiYjc5MjA1OTRmMzBhNjE3NWM4MGNiMDIyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK+xyPtDMi0s0TTaJNCFOoTOGCN1VL8+mCBIRoAuuCBLYxQG
quoB/ZhN32ONdf0shu6Lkd7lXeDjs6icw+s6eOex22zdzP+1r78Im/IZiVVRnGMZ
+M/0UbPipXxc4UDl2mvL1oFzIz1lk/pB18oFCP8OfulSXRNX4/H/n9FbF+EFdefx
60LCrAQnatG64oiYusVNgOAbktLmXk2rllq+wG/uLAJ6A7LkR7J8mj25tXG+R7A6
MFCO5w6wLoym+f8Z4BQo6OIWF4uiutF/m7bjqu/iHjYFlwfbohL6jY69W8pspmKi
QpNq3CjKx5AFt1LfKbB77WSkJ+pZio4vJeWF+CkCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSHDcGe1P2Bu3kgWU8wphdcgMsCJDAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L2h3M0JudFQ5Z2J0NUlGbFBNS1lYWElETEFpUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQBT0C/SDyx2rTBpeG9ZPvVZc8J78aYuHXyCb8dA
0a4u55nPsfqzWhMFcZyFxOOfynngEgr5A+uD9glxfUFg+8owxJ/HpITjouPfPeC6
1oG7WSjeMkvj+m79RxrEcoLUKKiu3DSQOnEJWEoyFX70WuwE+LGfQCPMbCya5MTN
uztnIjmEZuTwmk8Qrtr3+bj6Tiwvdvv201Nl2NyEQ5pgM2NfY6jyUwNMeycuLi+m
16JAMjWO1OPQtMTMlGL7P35Aatou7H1rfG0s/5mZtfX6WSf2vudRjQfLpOZ7JVP5
68uCvK1OQJMvA+CCo9jnP1pnLmaJM1PQ3apLwmu7vbXNpSOF
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:20:32 2025 by rpki-client