Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HL9X-dG994KHtpvH3-K5VG_TdvE.roa
File: HL9X-dG994KHtpvH3-K5VG_TdvE.roa (raw, json)
Hash identifier: ZU4PWyBYQEvMJnkSGaF8Hz7mh31kSw8O9dVH7mIVuOk=
Subject key identifier: 1C:BF:57:F9:D1:BD:F7:82:87:B6:9B:C7:DF:E2:B9:54:6F:D3:76:F1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B999941BBB5892312C2A0015917BE1A31
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HL9X-dG994KHtpvH3-K5VG_TdvE.roa
Signing time: Sat 04 Nov 2023 09:10:39 +0000
ROA not before: Sat 04 Nov 2023 09:10:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:99:99:41:bb:b5:89:23:12:c2:a0:01:59:17:be:1a:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 4 09:10:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1cbf57f9d1bdf78287b69bc7dfe2b9546fd376f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:49:34:81:78:40:63:1c:d0:4b:7c:75:fb:f8:
9a:fc:02:5c:75:63:1b:33:66:03:f5:33:fd:02:d5:
67:8d:42:60:8c:41:d5:af:c4:3a:3c:90:f3:16:3e:
7d:45:32:a0:b1:b3:27:17:b5:9f:57:5a:57:cb:dc:
7b:13:e1:ec:d8:f8:e7:13:83:e6:8e:38:63:e9:c0:
c5:f0:b3:c1:5e:51:09:37:1b:4a:4c:19:2d:52:9c:
9f:34:4a:79:ba:07:8f:34:70:c4:6a:fe:8e:ad:47:
af:6f:48:cf:62:6f:ff:4a:fa:81:cc:d1:43:97:1e:
51:10:26:23:eb:fb:b6:ee:55:d3:97:21:4d:bf:11:
32:c7:e7:7a:8d:b7:5c:f0:cd:35:5c:ca:1f:5d:07:
bb:10:0d:02:3d:b7:fa:4b:01:43:db:b2:7a:05:79:
34:6f:c3:b8:db:94:79:31:2e:94:3b:73:de:51:9a:
51:85:a0:9f:b4:b0:ad:00:12:07:11:e8:b8:ac:9b:
8d:fb:0f:2b:e9:40:f5:02:e1:5e:a2:04:7e:b1:3d:
98:d8:85:11:ed:16:79:63:1d:73:14:50:18:cf:6f:
a2:3f:ca:dd:f0:c5:3d:02:51:ff:92:a3:36:95:4b:
63:19:dc:73:eb:1a:96:c1:f9:65:e8:48:fd:bd:50:
a2:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:BF:57:F9:D1:BD:F7:82:87:B6:9B:C7:DF:E2:B9:54:6F:D3:76:F1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HL9X-dG994KHtpvH3-K5VG_TdvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:d2:b8:3c:e5:ac:76:85:c5:ab:56:2f:13:d6:f5:ae:3c:86:
64:e4:0f:fd:64:61:7e:67:ba:61:dd:30:96:be:36:24:c1:38:
c5:84:41:19:a6:a4:7d:15:40:1f:9d:40:5f:58:ae:6e:1c:4b:
ec:1b:63:86:4e:1c:d3:51:7a:ed:9c:d6:44:40:f6:77:36:09:
c3:76:eb:b5:21:f5:2b:8c:af:08:00:3c:3b:a9:bc:82:3f:32:
1f:c9:86:b4:fa:b5:d1:88:70:6d:13:f6:91:7d:59:a0:39:66:
79:9a:58:99:73:d3:c2:ec:cf:cd:fa:91:56:5c:a4:d1:b9:00:
ef:d8:a0:4f:72:0a:79:69:5b:f8:a9:8e:97:e8:2c:28:4f:ab:
c6:3d:87:73:8a:81:ca:b5:00:2d:76:37:6a:d2:b6:ac:cc:67:
02:27:e1:72:46:a8:59:f6:7e:62:67:bd:54:a4:7b:71:57:6d:
e9:0a:f9:d6:ca:f5:53:1c:39:7a:1d:b2:8d:55:8d:ce:7a:4f:
63:64:83:b2:4b:2c:81:0c:27:7f:ec:54:cf:9b:33:78:9e:81:
a0:45:af:ad:88:81:17:94:bf:6f:6e:11:9b:76:0a:46:25:69:
4a:2c:a4:28:85:f4:e9:7c:5e:b5:26:cb:16:7d:ae:1c:9d:d9:
54:de:32:d1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuZmUG7tYkjEsKgAVkXvhoxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA0MDkxMDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2JmNTdmOWQxYmRmNzgyODdiNjliYzdkZmUyYjk1NDZmZDM3NmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUk0gXhAYxzQS3x1+/ia/AJcdWMb
M2YD9TP9AtVnjUJgjEHVr8Q6PJDzFj59RTKgsbMnF7WfV1pXy9x7E+Hs2PjnE4Pm
jjhj6cDF8LPBXlEJNxtKTBktUpyfNEp5ugePNHDEav6OrUevb0jPYm//SvqBzNFD
lx5RECYj6/u27lXTlyFNvxEyx+d6jbdc8M01XMofXQe7EA0CPbf6SwFD27J6BXk0
b8O425R5MS6UO3PeUZpRhaCftLCtABIHEei4rJuN+w8r6UD1AuFeogR+sT2Y2IUR
7RZ5Yx1zFFAYz2+iP8rd8MU9AlH/kqM2lUtjGdxz6xqWwfll6Ej9vVCidwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBy/V/nRvfeCh7abx9/iuVRv03bxMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSEw5WC1kRzk5NEtIdHB2SDMtSzVWR19UZHZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFjSuDzlrHaFxatWLxPW
9a48hmTkD/1kYX5numHdMJa+NiTBOMWEQRmmpH0VQB+dQF9Yrm4cS+wbY4ZOHNNR
eu2c1kRA9nc2CcN267Uh9SuMrwgAPDupvII/Mh/JhrT6tdGIcG0T9pF9WaA5Znma
WJlz08Lsz836kVZcpNG5AO/YoE9yCnlpW/ipjpfoLChPq8Y9h3OKgcq1AC12N2rS
tqzMZwIn4XJGqFn2fmJnvVSke3FXbekK+dbK9VMcOXodso1Vjc56T2Nkg7JLLIEM
J3/sVM+bM3iegaBFr62IgReUv29uEZt2CkYlaUospCiF9Ol8XrUmyxZ9rhyd2VTe
MtE=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:15:10 2025 by rpki-client