Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hhy2OaJWB1ZIyPSySMFPa40k8mE.roa
File: hhy2OaJWB1ZIyPSySMFPa40k8mE.roa (raw, json)
Hash identifier: F+K4vmBp76ZFBiA5LaXBvCnnTF32FCa6pA46/pqGzY8=
Subject key identifier: 86:1C:B6:39:A2:56:07:56:48:C8:F4:B2:48:C1:4F:6B:8D:24:F2:61
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AD83E2A31597B4F5F3B7B93279138C68C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hhy2OaJWB1ZIyPSySMFPa40k8mE.roa
Signing time: Wed 27 Sep 2023 20:04:27 +0000
ROA not before: Wed 27 Sep 2023 20:04:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:d83e:d50/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d8:3e:2a:31:59:7b:4f:5f:3b:7b:93:27:91:38:c6:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 27 20:04:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=861cb639a256075648c8f4b248c14f6b8d24f261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:50:79:4b:b2:bc:fc:0f:07:78:e8:a4:08:0b:
10:37:23:40:9d:4f:c6:3f:f9:8b:1d:ff:ac:3d:db:
51:e2:80:26:50:85:5d:ec:10:e4:d3:81:33:d5:d9:
0b:34:13:7d:8c:49:7a:6d:07:eb:e5:39:b9:3b:8f:
1d:9e:5a:a1:96:d6:70:d3:ec:ac:cc:05:7b:6f:40:
49:6d:bf:79:b0:36:cb:6f:17:71:58:9d:f7:0c:fd:
2d:7e:15:bb:54:4e:74:90:31:32:13:27:97:d5:40:
46:cb:91:e7:ee:e2:e3:2b:69:a6:f5:87:07:ae:14:
db:ee:7c:5a:7c:4a:60:1d:0a:71:b4:f2:15:18:cd:
12:b3:09:a2:42:60:bf:27:11:25:c4:03:1d:35:09:
55:35:ef:68:60:a0:d1:11:dd:c7:6e:e7:bc:b0:57:
74:2b:22:86:e1:a3:6b:d2:61:14:fc:3c:c7:c9:f4:
18:60:e4:cc:04:fb:92:4d:ea:7f:01:36:8e:5f:cd:
7e:79:ea:1d:7d:a2:38:81:36:37:ae:29:b3:b4:fb:
56:c8:70:6a:ba:29:a3:74:ca:c5:71:f1:7b:46:a0:
17:0a:ec:68:21:81:c0:6f:a2:69:dd:7a:1e:2b:d5:
99:e5:59:4e:fd:33:f6:b4:99:17:b8:07:a4:f5:a4:
c3:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:1C:B6:39:A2:56:07:56:48:C8:F4:B2:48:C1:4F:6B:8D:24:F2:61
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hhy2OaJWB1ZIyPSySMFPa40k8mE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:94:38:6e:90:85:eb:71:8f:8a:23:43:43:7b:71:f0:ba:1c:
14:c2:ac:8c:47:c0:ef:de:e2:0d:c3:aa:3a:1d:32:6b:43:a5:
8e:21:48:a1:dd:d5:ef:03:a2:fb:17:42:18:c0:cc:b1:46:91:
8c:d8:d7:05:a7:01:34:fe:6c:6e:0e:92:d8:c5:eb:01:ea:7d:
c4:d4:e0:af:b2:a1:64:d8:08:53:55:86:a7:31:6c:e7:f3:60:
66:db:1b:76:58:7e:67:48:2a:5b:da:9e:d9:d6:b0:df:ff:29:
20:e9:11:76:e6:92:39:20:6b:c3:5a:a6:43:f2:ed:ac:8f:cd:
7d:c6:49:4c:0b:e5:df:42:08:c4:53:bc:14:57:aa:76:19:bd:
6e:9d:06:14:38:f1:7d:06:e6:39:88:3e:64:48:c3:4e:a5:2a:
b6:9e:e2:f5:4c:de:4d:a6:7e:3e:93:b4:42:a8:dc:46:31:20:
ce:7e:ff:fc:97:29:43:c4:4e:2f:ea:c2:e9:3b:e3:0a:d7:79:
24:db:91:91:b2:e1:3c:20:35:bb:12:82:4c:55:54:2a:1f:ae:
5e:44:a1:f4:f5:61:3c:5a:43:50:3b:c6:98:d0:2e:81:c6:3a:
0e:82:ef:85:10:25:c3:88:e8:3a:42:2b:8a:dc:72:36:66:56:
d6:77:3b:39
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrYPioxWXtPXzt7kyeROMaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI3MjAwNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjFjYjYzOWEyNTYwNzU2NDhjOGY0YjI0OGMxNGY2YjhkMjRmMjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVB5S7K8/A8HeOikCAsQNyNAnU/G
P/mLHf+sPdtR4oAmUIVd7BDk04Ez1dkLNBN9jEl6bQfr5Tm5O48dnlqhltZw0+ys
zAV7b0BJbb95sDbLbxdxWJ33DP0tfhW7VE50kDEyEyeX1UBGy5Hn7uLjK2mm9YcH
rhTb7nxafEpgHQpxtPIVGM0SswmiQmC/JxElxAMdNQlVNe9oYKDREd3Hbue8sFd0
KyKG4aNr0mEU/DzHyfQYYOTMBPuSTep/ATaOX81+eeodfaI4gTY3rimztPtWyHBq
uimjdMrFcfF7RqAXCuxoIYHAb6Jp3XoeK9WZ5VlO/TP2tJkXuAek9aTDZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIYctjmiVgdWSMj0skjBT2uNJPJhMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaGh5Mk9hSldCMVpJeVBTeVNNRlBhNDBrOG1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGaUOG6Qhetxj4ojQ0N7
cfC6HBTCrIxHwO/e4g3DqjodMmtDpY4hSKHd1e8DovsXQhjAzLFGkYzY1wWnATT+
bG4OktjF6wHqfcTU4K+yoWTYCFNVhqcxbOfzYGbbG3ZYfmdIKlvantnWsN//KSDp
EXbmkjkga8NapkPy7ayPzX3GSUwL5d9CCMRTvBRXqnYZvW6dBhQ48X0G5jmIPmRI
w06lKrae4vVM3k2mfj6TtEKo3EYxIM5+//yXKUPETi/qwuk74wrXeSTbkZGy4Twg
NbsSgkxVVCofrl5EofT1YTxaQ1A7xpjQLoHGOg6C74UQJcOI6DpCK4rccjZmVtZ3
Ozk=
-----END CERTIFICATE-----
Generated at Mon Jul 28 22:05:53 2025 by rpki-client