Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/p_HA3LUGOdVBWDitPiOrF-xB7_o.roa
File: p_HA3LUGOdVBWDitPiOrF-xB7_o.roa (raw, json)
Hash identifier: QotIXTfsNDjh9wfGCh5xQ21VHqicRJlm9gY2s120JKY=
Subject key identifier: A7:F1:C0:DC:B5:06:39:D5:41:58:38:AD:3E:23:AB:17:EC:41:EF:FA
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0188AE6FF30FA4878D1885CCFBEDB1286663
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/p_HA3LUGOdVBWDitPiOrF-xB7_o.roa
Signing time: Mon 12 Jun 2023 07:09:12 +0000
ROA not before: Mon 12 Jun 2023 07:09:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ae:6f:f3:0f:a4:87:8d:18:85:cc:fb:ed:b1:28:66:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 12 07:09:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7f1c0dcb50639d5415838ad3e23ab17ec41effa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:35:44:14:6a:50:e5:cb:c0:50:2e:27:dd:1b:
e0:ac:8e:8d:51:38:f4:81:dc:9a:c8:a8:7a:58:cc:
86:ec:58:5e:e5:f5:4a:27:12:ab:23:7d:2c:ed:33:
67:ac:1f:da:3a:d8:27:13:31:fa:3e:2d:9b:32:e2:
68:3c:81:02:43:cf:d9:a9:4f:b6:72:0c:a0:0d:88:
58:cb:26:a6:db:1d:d5:8d:fd:c7:99:ec:06:d1:f3:
3d:1f:91:98:2c:b8:06:c2:f7:e0:33:4a:7b:8c:37:
93:0d:4e:70:6a:c2:d7:cf:43:46:ed:06:75:60:0b:
6b:98:7d:3a:22:75:aa:25:01:d7:89:81:d5:ae:23:
47:6f:55:ed:7a:f9:b8:43:3f:8a:ff:52:29:cb:d9:
18:d8:29:88:bc:22:91:68:02:c5:54:27:b0:78:63:
be:c7:6d:83:cf:e2:a6:99:e9:3f:a6:62:31:00:4e:
8b:d3:e2:73:fb:f5:b1:30:15:a2:c0:b0:77:b4:43:
f6:b5:aa:4e:d9:23:6f:7b:42:aa:59:41:cd:42:37:
ed:f6:b0:34:46:b6:9b:9f:12:b7:08:b7:7a:9d:28:
7d:aa:fb:e9:24:c9:ef:e7:e5:ba:ab:e0:88:ca:6b:
79:e8:5c:d3:24:59:08:e4:7a:2f:c4:79:b9:82:00:
5a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:F1:C0:DC:B5:06:39:D5:41:58:38:AD:3E:23:AB:17:EC:41:EF:FA
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/p_HA3LUGOdVBWDitPiOrF-xB7_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
35:f9:0c:24:6b:e0:e1:e2:2a:d6:7a:ec:31:9d:c8:b8:f9:8d:
2d:46:38:b6:4f:8d:7a:40:a4:30:78:f5:b6:8a:9f:42:1d:b8:
e2:8a:65:28:f7:4d:9c:50:88:90:67:3f:07:37:06:ca:ed:24:
64:c6:1e:67:95:df:dd:17:8d:96:c8:b1:fd:a2:3b:2f:14:1a:
0a:0e:ca:0b:25:cd:13:e6:6a:f7:03:3a:c1:97:e1:8d:7e:e3:
5d:89:a1:47:13:52:f8:e0:fb:0e:70:b8:4a:b7:51:00:01:f4:
ec:1d:f1:c1:30:36:97:3b:08:20:85:39:fc:6b:ba:ef:c9:95:
5d:41:47:cf:31:81:bc:71:ef:41:e9:79:60:a5:5d:36:61:f4:
a4:39:8b:cc:7c:10:1d:cb:48:fa:c5:db:97:b3:8f:6e:28:27:
46:c2:a5:54:b6:76:0f:a8:13:7e:85:81:97:e1:95:c5:2d:1c:
f8:71:ed:30:22:6a:ab:b0:63:45:0c:19:93:c2:d6:7f:c1:49:
5d:18:12:a1:31:29:31:a8:96:a8:1a:43:49:ca:e5:52:ef:f9:
4c:6d:03:36:b5:f7:ac:77:da:2a:05:10:99:ed:1e:c6:52:91:
55:61:b1:89:cd:e8:95:82:f1:53:42:fa:3a:e2:1a:2f:49:ab:
7d:44:ad:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYiub/MPpIeNGIXM++2xKGZjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjEyMDcwOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2YxYzBkY2I1MDYzOWQ1NDE1ODM4YWQzZTIzYWIxN2VjNDFlZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzVEFGpQ5cvAUC4n3RvgrI6NUTj0
gdyayKh6WMyG7Fhe5fVKJxKrI30s7TNnrB/aOtgnEzH6Pi2bMuJoPIECQ8/ZqU+2
cgygDYhYyyam2x3Vjf3HmewG0fM9H5GYLLgGwvfgM0p7jDeTDU5wasLXz0NG7QZ1
YAtrmH06InWqJQHXiYHVriNHb1Xtevm4Qz+K/1Ipy9kY2CmIvCKRaALFVCeweGO+
x22Dz+Kmmek/pmIxAE6L0+Jz+/WxMBWiwLB3tEP2tapO2SNve0KqWUHNQjft9rA0
RrabnxK3CLd6nSh9qvvpJMnv5+W6q+CIymt56FzTJFkI5HovxHm5ggBaswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKfxwNy1BjnVQVg4rT4jqxfsQe/6MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcF9IQTNMVUdPZFZCV0RpdFBpT3JGLXhCN19vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADX5DCRr4OHiKtZ67DGd
yLj5jS1GOLZPjXpApDB49baKn0IduOKKZSj3TZxQiJBnPwc3BsrtJGTGHmeV390X
jZbIsf2iOy8UGgoOygslzRPmavcDOsGX4Y1+412JoUcTUvjg+w5wuEq3UQAB9Owd
8cEwNpc7CCCFOfxruu/JlV1BR88xgbxx70HpeWClXTZh9KQ5i8x8EB3LSPrF25ez
j24oJ0bCpVS2dg+oE36FgZfhlcUtHPhx7TAiaquwY0UMGZPC1n/BSV0YEqExKTGo
lqgaQ0nK5VLv+UxtAza196x32ioFEJntHsZSkVVhsYnN6JWC8VNC+jriGi9Jq31E
rQE=
-----END CERTIFICATE-----
Generated at Sun Jun 8 22:12:42 2025 by rpki-client