Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HNwwUI0Chlj1slFMkk2L4vsF-7g.roa
File: HNwwUI0Chlj1slFMkk2L4vsF-7g.roa (raw, json)
Hash identifier: IFJPDLDT2/yDd+EnG3VPwtDbpbtNKnycdADo0wURThY=
Subject key identifier: 1C:DC:30:50:8D:02:86:58:F5:B2:51:4C:92:4D:8B:E2:FB:05:FB:B8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C72C2504506DE74FEF321EDAC7E682B1B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HNwwUI0Chlj1slFMkk2L4vsF-7g.roa
Signing time: Sat 16 Dec 2023 13:13:06 +0000
ROA not before: Sat 16 Dec 2023 13:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:72:c2:50:45:06:de:74:fe:f3:21:ed:ac:7e:68:2b:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 16 13:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1cdc30508d028658f5b2514c924d8be2fb05fbb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fa:c3:67:d3:bc:89:a2:69:9b:1c:db:e3:0d:
ba:e3:b4:c9:35:c4:a8:bd:ba:c1:09:0b:67:3c:96:
7f:6f:a2:cc:17:58:2a:ac:e3:86:78:86:f2:d1:d1:
f0:db:94:8b:2a:8b:a3:e0:a1:e6:4c:e3:7e:44:f3:
c4:19:d1:9b:d7:4d:80:f4:97:82:7d:d0:34:20:b6:
f2:80:59:44:6a:0c:3c:82:0d:01:cc:11:28:98:d8:
75:1a:75:38:22:f3:e6:38:03:2c:fd:e7:b3:60:d7:
f0:f7:b9:ad:e4:08:f9:a0:4d:1b:58:09:74:5f:c4:
b5:3e:ad:e7:4c:7b:5e:09:d2:77:6c:05:87:41:f6:
2a:b2:1c:3a:3d:c0:37:36:c6:88:92:dc:d4:76:56:
71:c6:16:0f:be:e2:13:a9:18:29:ad:46:64:c0:ef:
40:4c:3d:de:1e:36:f0:28:89:2a:d9:f5:12:bc:c2:
cc:34:dc:f4:ca:b3:94:8d:0c:18:04:aa:93:f9:b9:
b6:6a:e4:59:b0:a7:a7:96:75:3f:5f:c2:ce:17:ea:
7b:95:63:df:8e:5e:4c:47:02:62:9d:83:e8:be:96:
21:5c:a2:e6:86:d7:64:14:b4:53:06:cf:16:6b:00:
70:38:0d:c0:32:ee:a2:18:62:40:ed:82:eb:4b:65:
1e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:DC:30:50:8D:02:86:58:F5:B2:51:4C:92:4D:8B:E2:FB:05:FB:B8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HNwwUI0Chlj1slFMkk2L4vsF-7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
09:85:f3:c5:a9:24:6c:a3:20:bd:05:ec:fb:5a:0c:29:6d:bd:
59:09:04:8d:15:64:42:82:d5:dc:af:0f:44:e1:01:58:a4:a0:
60:c7:f5:d2:78:1c:96:5c:87:25:c2:f6:cf:e9:f6:a8:94:15:
e4:4a:79:f9:fb:92:62:48:fc:9c:c3:e9:70:42:0d:e6:dd:bb:
5b:ad:f8:25:03:ba:f3:f1:42:d7:28:34:47:c1:b2:67:f6:90:
cc:5f:93:6b:c4:f9:e0:e6:fc:97:60:52:de:fb:c3:d4:8f:f2:
be:79:ca:1c:37:48:49:39:de:8e:20:2b:88:92:60:96:01:d1:
6c:a1:dd:15:41:b7:48:06:7d:76:8f:f4:41:48:fd:e3:a2:dc:
40:b5:44:9a:8b:ff:e1:2b:e8:85:77:dc:f0:c4:9a:24:f8:f0:
4d:37:7b:5d:e7:2c:95:a8:24:c0:02:99:ad:d4:2f:9e:a2:78:
10:5d:28:5f:3d:b2:11:ac:e8:c7:56:f7:e4:ab:59:86:bb:5c:
97:52:a5:07:81:34:b5:21:fc:36:58:76:a7:b0:07:50:c8:22:
bc:15:6e:04:4d:70:89:6e:fc:e2:1f:d1:b7:f4:e1:df:30:e2:
fc:c4:eb:0a:c5:03:20:9e:1a:15:d6:cb:ee:eb:99:6f:3c:9d:
a8:28:60:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxywlBFBt50/vMh7ax+aCsbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE2MTMxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2RjMzA1MDhkMDI4NjU4ZjViMjUxNGM5MjRkOGJlMmZiMDVmYmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPrDZ9O8iaJpmxzb4w2647TJNcSo
vbrBCQtnPJZ/b6LMF1gqrOOGeIby0dHw25SLKouj4KHmTON+RPPEGdGb102A9JeC
fdA0ILbygFlEagw8gg0BzBEomNh1GnU4IvPmOAMs/eezYNfw97mt5Aj5oE0bWAl0
X8S1Pq3nTHteCdJ3bAWHQfYqshw6PcA3NsaIktzUdlZxxhYPvuITqRgprUZkwO9A
TD3eHjbwKIkq2fUSvMLMNNz0yrOUjQwYBKqT+bm2auRZsKenlnU/X8LOF+p7lWPf
jl5MRwJinYPovpYhXKLmhtdkFLRTBs8WawBwOA3AMu6iGGJA7YLrS2UeZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBzcMFCNAoZY9bJRTJJNi+L7Bfu4MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSE53d1VJMENobGoxc2xGTWtrMkw0dnNGLTdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAmF88WpJGyjIL0F7Pta
DCltvVkJBI0VZEKC1dyvD0ThAVikoGDH9dJ4HJZchyXC9s/p9qiUFeRKefn7kmJI
/JzD6XBCDebdu1ut+CUDuvPxQtcoNEfBsmf2kMxfk2vE+eDm/JdgUt77w9SP8r55
yhw3SEk53o4gK4iSYJYB0Wyh3RVBt0gGfXaP9EFI/eOi3EC1RJqL/+Er6IV33PDE
miT48E03e13nLJWoJMACma3UL56ieBBdKF89shGs6MdW9+SrWYa7XJdSpQeBNLUh
/DZYdqewB1DIIrwVbgRNcIlu/OIf0bf04d8w4vzE6wrFAyCeGhXWy+7rmW88nago
YAA=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:10:23 2025 by rpki-client