Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h6AAnf_4RcZ2VKAllDF7hbXKfu8.roa
File: h6AAnf_4RcZ2VKAllDF7hbXKfu8.roa (raw, json)
Hash identifier: sU3V24HFRVFifRTyRod4IVBwdopeN7n9SnCaNQCkwyE=
Subject key identifier: 87:A0:00:9D:FF:F8:45:C6:76:54:A0:25:94:31:7B:85:B5:CA:7E:EF
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AE9D70E83EF1A2507E3FED31E1D105C7F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h6AAnf_4RcZ2VKAllDF7hbXKfu8.roa
Signing time: Sun 01 Oct 2023 06:04:59 +0000
ROA not before: Sun 01 Oct 2023 06:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:e9d6:bead/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e9:d7:0e:83:ef:1a:25:07:e3:fe:d3:1e:1d:10:5c:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 1 06:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87a0009dfff845c67654a02594317b85b5ca7eef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e0:d1:45:5a:7e:16:c5:0d:f6:2b:12:66:7f:
17:14:eb:08:ed:fa:b4:f7:92:35:c2:4f:cc:55:df:
8d:06:fd:4b:de:8d:2a:6f:35:10:e3:d9:d1:9a:40:
2f:ec:59:f4:fb:b3:ab:d6:fb:83:57:86:1d:86:af:
23:2b:93:7e:88:04:11:a6:7b:52:3e:8d:bb:87:bf:
1d:89:2f:93:c3:52:7f:10:ad:7f:a5:0f:17:46:ed:
c3:67:ab:fb:00:92:e6:65:d0:0c:4e:09:8a:82:d1:
96:75:31:95:89:23:4b:dc:ed:08:a3:a8:d6:07:f7:
85:dc:5e:6b:ce:5e:82:42:ed:6f:50:0d:d6:dd:fa:
4c:35:7b:f5:84:66:32:75:b8:33:66:12:04:97:7e:
c5:c0:d7:c2:07:19:14:49:37:80:a6:e2:75:a1:da:
64:fd:f7:85:2c:26:4c:1a:ac:5d:e3:f6:c6:72:26:
80:c8:72:ce:ec:12:f7:cc:a7:b5:55:37:29:cb:72:
f5:38:02:3f:a4:47:85:c2:20:5f:e4:ed:16:67:e3:
99:ed:41:61:62:27:96:95:1b:22:ad:28:ec:39:33:
40:45:45:36:1f:9b:df:64:17:23:9a:de:66:09:c2:
49:27:b8:80:43:94:20:15:af:c0:da:ec:ff:12:22:
22:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:A0:00:9D:FF:F8:45:C6:76:54:A0:25:94:31:7B:85:B5:CA:7E:EF
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h6AAnf_4RcZ2VKAllDF7hbXKfu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a6:a3:68:82:80:c1:99:df:ad:c7:86:cd:86:ad:1c:d5:c7:b7:
60:7f:1f:61:77:e4:92:ff:9b:22:3a:9a:d6:8e:b1:3e:bd:db:
55:9a:bb:2d:fc:b6:51:76:3e:3d:ce:b6:0a:0b:5b:b6:c5:67:
94:c4:af:80:8e:ad:d4:8d:9b:b3:22:d3:9f:d2:16:b2:31:92:
49:7f:06:0d:5a:6d:a1:7b:5d:f7:78:ef:b7:91:73:3d:a9:d6:
4b:9f:81:0a:cc:df:1e:8d:ea:f4:6e:cd:af:86:5f:86:c4:b4:
5b:3c:2f:18:68:4b:e8:60:16:58:5c:d4:82:ba:eb:f7:b9:61:
6f:7f:49:c7:db:30:91:3e:08:ed:ac:a9:5d:b3:76:f9:fa:04:
a4:de:a0:5f:64:8c:d2:f1:67:cd:84:e7:8e:61:65:0d:5c:6d:
5a:7c:2c:c5:d1:71:d9:5d:78:22:d7:0d:e9:71:ff:eb:ea:dc:
6b:8d:0f:42:c9:e9:c1:5d:8a:03:b6:73:14:1a:f6:63:fb:52:
32:2f:f7:16:e0:33:3f:10:a3:f6:41:50:35:89:d1:6d:c8:1a:
4d:40:50:6e:e1:24:0f:7b:f8:79:88:08:fd:f4:30:f8:7d:5e:
e0:83:5f:23:16:d1:a9:ca:8e:76:a7:62:13:2b:bc:42:dc:1e:
bc:84:b7:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrp1w6D7xolB+P+0x4dEFx/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAxMDYwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2EwMDA5ZGZmZjg0NWM2NzY1NGEwMjU5NDMxN2I4NWI1Y2E3ZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+DRRVp+FsUN9isSZn8XFOsI7fq0
95I1wk/MVd+NBv1L3o0qbzUQ49nRmkAv7Fn0+7Or1vuDV4Ydhq8jK5N+iAQRpntS
Po27h78diS+Tw1J/EK1/pQ8XRu3DZ6v7AJLmZdAMTgmKgtGWdTGViSNL3O0Io6jW
B/eF3F5rzl6CQu1vUA3W3fpMNXv1hGYydbgzZhIEl37FwNfCBxkUSTeApuJ1odpk
/feFLCZMGqxd4/bGciaAyHLO7BL3zKe1VTcpy3L1OAI/pEeFwiBf5O0WZ+OZ7UFh
YieWlRsirSjsOTNARUU2H5vfZBcjmt5mCcJJJ7iAQ5QgFa/A2uz/EiIiawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIegAJ3/+EXGdlSgJZQxe4W1yn7vMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaDZBQW5mXzRSY1oyVktBbGxERjdoYlhLZnU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKajaIKAwZnfrceGzYat
HNXHt2B/H2F35JL/myI6mtaOsT6921Wauy38tlF2Pj3OtgoLW7bFZ5TEr4COrdSN
m7Mi05/SFrIxkkl/Bg1abaF7Xfd477eRcz2p1kufgQrM3x6N6vRuza+GX4bEtFs8
LxhoS+hgFlhc1IK66/e5YW9/ScfbMJE+CO2sqV2zdvn6BKTeoF9kjNLxZ82E545h
ZQ1cbVp8LMXRcdldeCLXDelx/+vq3GuND0LJ6cFdigO2cxQa9mP7UjIv9xbgMz8Q
o/ZBUDWJ0W3IGk1AUG7hJA97+HmICP30MPh9XuCDXyMW0anKjnanYhMrvELcHryE
t4Q=
-----END CERTIFICATE-----
Generated at Mon Jul 28 22:03:02 2025 by rpki-client