Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HKQ_ctZSpYgQXIpEibINKmCywn4.roa
File: HKQ_ctZSpYgQXIpEibINKmCywn4.roa (raw, json)
Hash identifier: DLEy6bctGd6B8OkDMSjTnf/oPefonsRN3Lq1i+NsWPc=
Subject key identifier: 1C:A4:3F:72:D6:52:A5:88:10:5C:8A:44:89:B2:0D:2A:60:B2:C2:7E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B22166816CB14064984C3FE2367A42E9A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HKQ_ctZSpYgQXIpEibINKmCywn4.roa
Signing time: Thu 12 Oct 2023 04:12:55 +0000
ROA not before: Thu 12 Oct 2023 04:12:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:22:16:68:16:cb:14:06:49:84:c3:fe:23:67:a4:2e:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 12 04:12:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ca43f72d652a588105c8a4489b20d2a60b2c27e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:bc:90:67:3b:3d:c1:28:04:d2:67:12:7a:f9:
21:48:d5:e2:2c:68:4b:28:9b:18:6e:dd:4d:34:48:
f9:11:93:7e:62:fa:11:22:d7:9e:7a:5a:b4:55:6e:
c6:6f:80:42:06:59:8a:d0:79:88:95:09:de:5d:1d:
85:c6:f1:d3:0c:fc:d4:9f:0f:0a:e5:b1:44:70:be:
bd:18:23:22:ec:f9:1e:bc:66:5a:a0:7d:5e:16:3b:
03:3e:ca:e5:ad:23:6c:1e:e7:9f:aa:ea:67:5d:6c:
e3:61:87:16:c7:a6:19:6b:d4:35:7d:e5:0f:86:52:
6f:50:5c:5c:ce:ce:8e:ae:e3:f9:98:9e:bb:b7:a4:
19:e1:23:e5:82:0a:46:79:9d:fc:b8:a3:a1:67:f6:
e7:48:ca:c0:22:91:b6:ec:28:00:7f:17:eb:83:57:
15:1e:e0:74:4c:1e:db:cb:16:b0:76:80:b2:77:f1:
ed:d0:6e:4f:b5:12:d8:a8:bd:1d:a2:42:0c:11:a7:
7c:e4:7c:6b:5e:f3:22:91:d3:00:a1:34:96:d9:67:
45:0c:c1:d8:23:ef:e9:c0:d9:7e:66:bd:3d:fc:96:
13:97:fc:4b:4a:78:d5:52:6e:63:b3:c1:77:5f:5d:
93:ac:48:e3:f9:b3:9b:29:d1:c4:7e:cd:33:a6:34:
06:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:A4:3F:72:D6:52:A5:88:10:5C:8A:44:89:B2:0D:2A:60:B2:C2:7E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HKQ_ctZSpYgQXIpEibINKmCywn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
84:cd:66:73:71:74:5e:61:92:a9:52:01:b8:31:7f:d6:f4:44:
77:12:76:a9:6a:8b:62:f9:33:d0:36:b0:2c:e5:9a:0c:03:b8:
4f:1a:7b:0a:a1:06:ea:83:d7:96:60:81:79:6b:76:e1:b0:d1:
e4:2b:f7:9f:0e:24:f3:db:f8:59:b1:24:83:5e:fa:cb:b6:66:
b7:ef:22:f1:57:c5:6d:6b:00:94:b8:19:43:d5:f3:ac:ac:9d:
db:b7:8f:03:c7:25:66:f7:91:52:bc:d0:db:4c:03:44:e2:e4:
16:4a:72:81:0c:ca:68:e1:cf:f4:c3:cb:02:07:e1:ee:64:4d:
d4:9f:c7:7f:8c:4c:8e:d9:55:7c:a5:5b:b8:75:14:eb:e2:04:
ca:0e:ff:86:c7:9c:25:8b:1f:aa:8c:c1:d6:9b:00:9b:17:df:
c5:77:d0:36:d9:e8:17:ee:82:23:ff:3f:42:dc:0a:1b:c7:69:
13:f1:91:3e:06:72:a6:65:7c:c8:05:07:89:7c:a7:56:1b:f6:
27:9a:d5:8f:fb:51:8c:af:84:54:2a:73:25:5d:14:be:eb:3e:
21:2b:6e:84:a8:b7:c5:fc:84:b3:8a:bf:c7:be:3b:76:9e:e1:
f9:67:8c:8e:23:6c:83:95:da:5f:14:7d:7a:2a:a0:4d:00:57:
14:83:43:35
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsiFmgWyxQGSYTD/iNnpC6aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEyMDQxMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2E0M2Y3MmQ2NTJhNTg4MTA1YzhhNDQ4OWIyMGQyYTYwYjJjMjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7yQZzs9wSgE0mcSevkhSNXiLGhL
KJsYbt1NNEj5EZN+YvoRIteeelq0VW7Gb4BCBlmK0HmIlQneXR2FxvHTDPzUnw8K
5bFEcL69GCMi7PkevGZaoH1eFjsDPsrlrSNsHuefqupnXWzjYYcWx6YZa9Q1feUP
hlJvUFxczs6OruP5mJ67t6QZ4SPlggpGeZ38uKOhZ/bnSMrAIpG27CgAfxfrg1cV
HuB0TB7byxawdoCyd/Ht0G5PtRLYqL0dokIMEad85HxrXvMikdMAoTSW2WdFDMHY
I+/pwNl+Zr09/JYTl/xLSnjVUm5js8F3X12TrEjj+bObKdHEfs0zpjQGbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBykP3LWUqWIEFyKRImyDSpgssJ+MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSEtRX2N0WlNwWWdRWElwRWliSU5LbUN5d240LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAITNZnNxdF5hkqlSAbgx
f9b0RHcSdqlqi2L5M9A2sCzlmgwDuE8aewqhBuqD15ZggXlrduGw0eQr958OJPPb
+FmxJINe+su2ZrfvIvFXxW1rAJS4GUPV86ysndu3jwPHJWb3kVK80NtMA0Ti5BZK
coEMymjhz/TDywIH4e5kTdSfx3+MTI7ZVXylW7h1FOviBMoO/4bHnCWLH6qMwdab
AJsX38V30DbZ6BfugiP/P0LcChvHaRPxkT4GcqZlfMgFB4l8p1Yb9iea1Y/7UYyv
hFQqcyVdFL7rPiErboSot8X8hLOKv8e+O3ae4flnjI4jbIOV2l8UfXoqoE0AVxSD
QzU=
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:14:54 2025 by rpki-client