Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HLKvBLdLQQA7ROahveuHxVRoIHQ.roa
File: HLKvBLdLQQA7ROahveuHxVRoIHQ.roa (raw, json)
Hash identifier: JG9JXLLNP3L3hkxeTtG4QXOA/npr0LpwSTcv+Ecavgc=
Subject key identifier: 1C:B2:AF:04:B7:4B:41:00:3B:44:E6:A1:BD:EB:87:C5:54:68:20:74
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C7DAC80A5A6601E252ED538E268A7145E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HLKvBLdLQQA7ROahveuHxVRoIHQ.roa
Signing time: Mon 18 Dec 2023 16:05:06 +0000
ROA not before: Mon 18 Dec 2023 16:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18c:7dab:bf5a/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7d:ac:80:a5:a6:60:1e:25:2e:d5:38:e2:68:a7:14:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 18 16:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1cb2af04b74b41003b44e6a1bdeb87c554682074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:18:3d:24:a4:41:fd:7f:89:f2:6f:47:b3:f6:
59:ec:9d:67:06:30:2c:a7:3e:e9:2f:3a:f9:90:89:
21:23:b7:67:c1:ab:be:24:83:4d:b2:07:14:cb:c4:
80:93:cd:f9:8f:58:0f:bd:fc:81:de:d6:0f:bc:aa:
b0:5c:8a:f5:c7:e2:00:22:f9:0e:6f:7f:42:1a:4d:
f3:83:08:1d:24:43:3a:71:c4:49:71:01:f9:de:9b:
d3:05:12:e9:cc:92:ea:ba:22:98:0d:66:35:d4:0e:
fb:33:d2:19:39:69:6b:85:51:1d:8a:5e:93:97:13:
4d:8a:7c:60:6b:a5:8f:a7:eb:7f:1e:d4:42:67:9a:
9c:98:da:ce:b4:d2:3f:14:e2:c4:fe:b1:0e:47:bc:
d5:49:5f:eb:1a:14:37:2d:5b:38:f2:9c:18:22:2d:
39:0d:67:67:19:40:2a:c7:1d:89:b2:55:b7:2b:ff:
52:6e:a6:39:6d:06:e7:2a:cf:cc:d4:95:f3:ed:34:
88:c0:f0:f7:8e:3f:59:57:c5:36:44:d8:ad:ab:fd:
45:d6:f5:45:dc:f8:8c:18:b0:bf:a8:c2:d4:5c:56:
de:fc:bf:c6:da:d7:45:8a:6f:41:46:cc:a4:d7:14:
71:d7:3c:25:58:96:a2:47:05:39:d9:0c:c1:0d:6f:
7c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:B2:AF:04:B7:4B:41:00:3B:44:E6:A1:BD:EB:87:C5:54:68:20:74
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HLKvBLdLQQA7ROahveuHxVRoIHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
23:5f:da:15:d5:03:77:09:cc:db:b1:e4:bf:df:74:1c:54:94:
7f:2e:5a:dd:54:29:e6:6d:39:cb:d8:ff:d2:62:a7:88:99:ca:
9a:7d:c3:10:a0:ce:78:f3:25:b7:21:79:1b:e2:5d:48:63:31:
43:ca:19:03:f8:b2:6b:48:f8:ac:df:19:88:a2:2e:64:18:b2:
8e:a4:19:4c:6b:eb:0c:0e:58:96:5b:39:88:03:bf:21:07:ce:
fc:96:2e:ce:e8:4e:3c:d3:b8:e7:62:d7:4c:62:c7:2c:6f:c4:
b0:f3:89:32:30:fc:70:36:c8:6e:4b:14:6e:bd:d8:b1:a9:58:
a0:ad:ab:27:5d:e8:a5:06:c7:9b:85:4e:82:14:15:23:58:65:
4b:8a:96:bd:e8:0e:dd:34:d7:e0:d3:17:df:4a:b1:04:c4:70:
a0:55:42:c0:3b:09:e1:0c:25:34:52:a8:f9:19:33:21:cd:ce:
15:fc:89:15:71:6f:b8:13:9f:fb:ed:a7:49:b9:f2:29:87:20:
e2:78:4f:a3:ba:09:b3:3e:01:78:f5:06:1f:78:60:99:39:81:
8e:e4:33:13:80:87:41:a2:ef:dc:37:c9:f5:4b:75:cf:30:21:
f6:f7:e4:72:0e:ee:d5:57:13:cd:4b:20:9c:1d:23:89:d9:90:
7f:8f:20:a5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx9rIClpmAeJS7VOOJopxReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE4MTYwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2IyYWYwNGI3NGI0MTAwM2I0NGU2YTFiZGViODdjNTU0NjgyMDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixg9JKRB/X+J8m9Hs/ZZ7J1nBjAs
pz7pLzr5kIkhI7dnwau+JINNsgcUy8SAk835j1gPvfyB3tYPvKqwXIr1x+IAIvkO
b39CGk3zgwgdJEM6ccRJcQH53pvTBRLpzJLquiKYDWY11A77M9IZOWlrhVEdil6T
lxNNinxga6WPp+t/HtRCZ5qcmNrOtNI/FOLE/rEOR7zVSV/rGhQ3LVs48pwYIi05
DWdnGUAqxx2JslW3K/9SbqY5bQbnKs/M1JXz7TSIwPD3jj9ZV8U2RNitq/1F1vVF
3PiMGLC/qMLUXFbe/L/G2tdFim9BRsyk1xRx1zwlWJaiRwU52QzBDW98cwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFByyrwS3S0EAO0Tmob3rh8VUaCB0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSExLdkJMZExRUUE3Uk9haHZldUh4VlJvSUhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACNf2hXVA3cJzNux5L/f
dBxUlH8uWt1UKeZtOcvY/9Jip4iZypp9wxCgznjzJbcheRviXUhjMUPKGQP4smtI
+KzfGYiiLmQYso6kGUxr6wwOWJZbOYgDvyEHzvyWLs7oTjzTuOdi10xixyxvxLDz
iTIw/HA2yG5LFG692LGpWKCtqydd6KUGx5uFToIUFSNYZUuKlr3oDt001+DTF99K
sQTEcKBVQsA7CeEMJTRSqPkZMyHNzhX8iRVxb7gTn/vtp0m58imHIOJ4T6O6CbM+
AXj1Bh94YJk5gY7kMxOAh0Gi79w3yfVLdc8wIfb35HIO7tVXE81LIJwdI4nZkH+P
IKU=
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:13:01 2025 by rpki-client