Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1HPk4Q-IJQLdU6cwxIHw6yyZ8eI.roa
File: 1HPk4Q-IJQLdU6cwxIHw6yyZ8eI.roa (raw, json)
Hash identifier: p6ZlHEollKOaEDE9dr4KT8HwldautDPgzsvsWXLf8nc=
Subject key identifier: D4:73:E4:E1:0F:88:25:02:DD:53:A7:30:C4:81:F0:EB:2C:99:F1:E2
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C7B20A5D31F7972FC7022570BA4788B21
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1HPk4Q-IJQLdU6cwxIHw6yyZ8eI.roa
Signing time: Mon 18 Dec 2023 04:13:06 +0000
ROA not before: Mon 18 Dec 2023 04:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7b:20:a5:d3:1f:79:72:fc:70:22:57:0b:a4:78:8b:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 18 04:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d473e4e10f882502dd53a730c481f0eb2c99f1e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:bb:fe:63:e0:1d:9a:87:47:9a:fd:e6:57:52:
e4:bc:ac:fc:1d:31:f0:29:af:1f:b0:ba:11:74:cd:
0b:4a:2b:68:48:5f:d2:47:24:20:14:75:25:c1:a1:
6e:33:c1:57:0f:fc:58:3b:f4:39:9b:3b:95:97:0f:
e6:e1:28:8c:6b:a7:7b:10:c1:29:4c:03:74:82:b9:
5e:93:72:e6:c2:05:81:21:97:9f:ec:3b:2d:21:70:
20:45:60:00:35:64:07:20:7c:dc:74:a9:55:ac:b1:
a2:4f:52:44:d7:11:5e:66:60:2c:04:8f:ee:13:3e:
80:e7:7d:fe:ea:06:22:59:9a:a3:70:f8:8f:18:73:
0b:f0:b7:e3:da:5e:9f:36:33:a5:4a:fe:a9:30:e5:
6b:f5:ed:53:64:86:ee:91:30:44:09:ba:10:be:e7:
d6:cd:0f:fa:b5:ec:ba:2f:31:5d:0e:0c:af:95:a6:
e4:c8:63:06:00:4c:f5:65:38:f0:f8:53:cd:c3:5f:
75:57:86:0e:22:61:87:cb:da:0b:77:dd:48:17:5c:
0c:16:51:14:63:24:9a:37:ba:ca:bd:19:c9:dd:96:
19:d2:32:a2:bf:d4:64:0a:1e:2e:23:68:df:52:c1:
49:92:41:69:c2:19:ad:02:32:91:25:0d:d6:f7:a6:
fb:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:73:E4:E1:0F:88:25:02:DD:53:A7:30:C4:81:F0:EB:2C:99:F1:E2
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1HPk4Q-IJQLdU6cwxIHw6yyZ8eI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
97:9d:52:cf:ce:1d:ba:3c:81:29:7f:f5:10:b6:a4:56:69:e2:
6c:56:80:9b:1b:74:5b:98:b2:3c:40:3d:f8:fd:eb:7f:15:70:
94:49:b2:ba:57:6d:38:de:98:6f:95:19:1c:de:25:28:a5:1d:
34:b2:e1:3f:39:3d:1b:76:52:b2:b7:5b:29:85:6e:14:13:87:
16:f2:dc:6c:8e:f3:e4:ba:28:d0:66:32:aa:9f:01:88:f5:19:
09:ae:f2:3b:ec:cc:0f:0b:81:e2:5c:73:98:74:5e:07:78:b1:
f4:2f:51:ca:0f:e9:61:a7:5e:b6:1e:9a:26:7a:fc:f9:8d:26:
e0:18:62:d3:59:4e:59:5f:b0:1e:95:0e:32:0f:c1:96:cb:0f:
0c:a6:ad:ec:99:2e:46:94:08:df:5a:66:9a:db:7c:71:93:c2:
02:2a:f0:fa:0b:88:21:5f:23:4e:e8:75:1c:c1:67:8e:50:fa:
4c:42:20:9a:db:b1:2a:a0:99:76:bc:f2:2e:57:2b:4b:bb:5f:
01:09:b6:28:dc:ba:da:40:ac:4b:7f:b4:3a:ed:11:c5:e7:11:
dd:ab:61:68:2a:c7:b3:f1:2c:93:1e:da:c1:64:49:96:92:bd:
e7:36:eb:5b:5d:b5:b3:bb:70:16:99:04:51:64:2f:d6:70:98:
90:63:a0:d8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx7IKXTH3ly/HAiVwukeIshMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE4MDQxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDczZTRlMTBmODgyNTAyZGQ1M2E3MzBjNDgxZjBlYjJjOTlmMWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrv+Y+AdmodHmv3mV1LkvKz8HTHw
Ka8fsLoRdM0LSitoSF/SRyQgFHUlwaFuM8FXD/xYO/Q5mzuVlw/m4SiMa6d7EMEp
TAN0grlek3LmwgWBIZef7DstIXAgRWAANWQHIHzcdKlVrLGiT1JE1xFeZmAsBI/u
Ez6A533+6gYiWZqjcPiPGHML8Lfj2l6fNjOlSv6pMOVr9e1TZIbukTBECboQvufW
zQ/6tey6LzFdDgyvlabkyGMGAEz1ZTjw+FPNw191V4YOImGHy9oLd91IF1wMFlEU
YySaN7rKvRnJ3ZYZ0jKiv9RkCh4uI2jfUsFJkkFpwhmtAjKRJQ3W96b7uQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNRz5OEPiCUC3VOnMMSB8OssmfHiMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMUhQazRRLUlKUUxkVTZjd3hJSHc2eXlaOGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJedUs/OHbo8gSl/9RC2
pFZp4mxWgJsbdFuYsjxAPfj9638VcJRJsrpXbTjemG+VGRzeJSilHTSy4T85PRt2
UrK3WymFbhQThxby3GyO8+S6KNBmMqqfAYj1GQmu8jvszA8LgeJcc5h0Xgd4sfQv
UcoP6WGnXrYemiZ6/PmNJuAYYtNZTllfsB6VDjIPwZbLDwymreyZLkaUCN9aZprb
fHGTwgIq8PoLiCFfI07odRzBZ45Q+kxCIJrbsSqgmXa88i5XK0u7XwEJtijcutpA
rEt/tDrtEcXnEd2rYWgqx7PxLJMe2sFkSZaSvec261tdtbO7cBaZBFFkL9ZwmJBj
oNg=
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:15:44 2025 by rpki-client