Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/s9-hhG0mvg-NAHR_dT3i-2DfFMc.roa
File: s9-hhG0mvg-NAHR_dT3i-2DfFMc.roa (raw, json)
Hash identifier: XH4XSBotZx4q9c+nDkvgQY62SkANPXByZhyoOAjvSN0=
Subject key identifier: B3:DF:A1:84:6D:26:BE:0F:8D:00:74:7F:75:3D:E2:FB:60:DF:14:C7
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186191E6E62F83BC111FEC89D22EFA0F63D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/s9-hhG0mvg-NAHR_dT3i-2DfFMc.roa
Signing time: Fri 03 Feb 2023 21:11:09 +0000
ROA not before: Fri 03 Feb 2023 21:11:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:19:1e:6e:62:f8:3b:c1:11:fe:c8:9d:22:ef:a0:f6:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 3 21:11:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3dfa1846d26be0f8d00747f753de2fb60df14c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:6f:0d:52:fe:aa:9d:0b:fc:51:60:9b:51:da:
31:d1:d8:8f:4f:fb:28:40:e0:6f:c7:4b:db:a6:80:
25:2f:80:98:83:f2:43:04:3b:6d:cd:0d:08:54:ef:
b9:a8:4b:cb:44:a9:7b:6b:71:7a:47:5b:b6:cc:74:
51:f4:1c:07:17:30:c6:0c:c5:91:82:e1:d8:68:41:
fc:24:04:85:15:99:80:bc:d5:f2:be:ab:d6:eb:4a:
32:29:8f:37:6b:9d:11:5e:91:2d:2b:93:ea:61:4e:
69:70:57:9a:42:95:48:87:71:fb:f2:70:89:d0:76:
42:a5:04:44:d6:74:ac:94:fa:39:bb:c6:50:01:39:
d3:80:66:87:3a:f6:6b:bf:89:34:fc:a4:1d:a0:bc:
b6:26:e1:b8:f9:72:7c:8e:03:96:5a:f6:19:cf:0f:
60:1c:ae:87:92:b8:ea:dc:ae:97:36:3f:a1:87:eb:
c3:39:26:60:ab:2b:64:be:8f:dc:c8:a3:c7:94:88:
68:7a:6a:1c:2e:05:89:da:b8:30:36:71:2f:c0:b3:
13:d3:2a:b8:bc:d1:35:5e:5b:7a:e1:da:c0:2f:e7:
ef:fc:60:40:20:61:43:42:21:e9:57:f7:07:6b:17:
5b:f9:f8:d5:ca:a0:66:b0:3b:dd:4b:3d:3f:0e:f8:
bc:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:DF:A1:84:6D:26:BE:0F:8D:00:74:7F:75:3D:E2:FB:60:DF:14:C7
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/s9-hhG0mvg-NAHR_dT3i-2DfFMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:b9:64:89:75:91:55:b4:1c:e6:36:22:56:43:40:4e:06:8d:
8b:a8:8a:1e:9e:c3:99:54:1a:25:7f:dd:4a:18:c7:a2:59:27:
ef:fa:27:9d:cf:0c:cc:19:0b:b5:3b:da:db:bb:e5:2e:48:27:
94:3b:11:c1:bd:cd:45:eb:0c:45:3c:71:0d:e9:28:5b:99:a2:
32:af:58:59:e8:8e:01:53:bb:2e:31:1e:e9:e1:2e:fe:36:b5:
83:5c:cf:f2:ef:ac:78:2d:bd:3f:cc:61:9c:38:7d:25:ad:1d:
29:51:0c:32:dd:33:ae:6e:fa:bf:14:1f:8c:ed:06:5b:53:01:
e1:4d:91:0f:05:6e:cf:04:ea:0f:bd:9d:3f:68:b3:dd:56:c8:
1e:2d:fd:40:73:bd:57:d3:61:4a:b6:47:a0:80:fa:a6:73:0d:
ca:e2:e1:e2:ba:34:87:c9:a6:0f:69:e9:f2:18:8f:e0:39:9b:
f4:38:d8:d1:7b:6d:8a:cf:b8:54:4b:31:1f:99:1f:b3:91:ea:
10:f1:22:2a:01:7c:6c:c9:fe:ce:4d:b0:40:d9:a1:5c:ab:8c:
3b:c8:3a:5a:5c:88:1d:91:ca:f2:43:57:c6:42:86:4f:5b:d2:
45:74:ea:fa:27:c5:f0:82:53:1d:78:fd:1f:84:81:35:eb:a1:
ca:f6:5e:f4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYZHm5i+DvBEf7InSLvoPY9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjAzMjExMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2RmYTE4NDZkMjZiZTBmOGQwMDc0N2Y3NTNkZTJmYjYwZGYxNGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj28NUv6qnQv8UWCbUdox0diPT/so
QOBvx0vbpoAlL4CYg/JDBDttzQ0IVO+5qEvLRKl7a3F6R1u2zHRR9BwHFzDGDMWR
guHYaEH8JASFFZmAvNXyvqvW60oyKY83a50RXpEtK5PqYU5pcFeaQpVIh3H78nCJ
0HZCpQRE1nSslPo5u8ZQATnTgGaHOvZrv4k0/KQdoLy2JuG4+XJ8jgOWWvYZzw9g
HK6Hkrjq3K6XNj+hh+vDOSZgqytkvo/cyKPHlIhoemocLgWJ2rgwNnEvwLMT0yq4
vNE1Xlt64drAL+fv/GBAIGFDQiHpV/cHaxdb+fjVyqBmsDvdSz0/Dvi8hQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLPfoYRtJr4PjQB0f3U94vtg3xTHMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvczktaGhHMG12Zy1OQUhSX2RUM2ktMkRmRk1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHK5ZIl1kVW0HOY2IlZD
QE4GjYuoih6ew5lUGiV/3UoYx6JZJ+/6J53PDMwZC7U72tu75S5IJ5Q7EcG9zUXr
DEU8cQ3pKFuZojKvWFnojgFTuy4xHunhLv42tYNcz/LvrHgtvT/MYZw4fSWtHSlR
DDLdM65u+r8UH4ztBltTAeFNkQ8Fbs8E6g+9nT9os91WyB4t/UBzvVfTYUq2R6CA
+qZzDcri4eK6NIfJpg9p6fIYj+A5m/Q42NF7bYrPuFRLMR+ZH7OR6hDxIioBfGzJ
/s5NsEDZoVyrjDvIOlpciB2RyvJDV8ZChk9b0kV06vonxfCCUx14/R+EgTXrocr2
XvQ=
-----END CERTIFICATE-----
Generated at Mon Jun 9 11:59:33 2025 by rpki-client