Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HXDI9_Cl1JWK448ZVNEDmFVuGgA.roa
File: HXDI9_Cl1JWK448ZVNEDmFVuGgA.roa (raw, json)
Hash identifier: 8U002Hs4OOl7pAe+KtCvrXPjoA6n3PZnM9kSfk4C3+M=
Subject key identifier: 1D:70:C8:F7:F0:A5:D4:95:8A:E3:8F:19:54:D1:03:98:55:6E:1A:00
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B4B8604322D5685C5A35AED78944E984E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HXDI9_Cl1JWK448ZVNEDmFVuGgA.roa
Signing time: Fri 20 Oct 2023 05:19:15 +0000
ROA not before: Fri 20 Oct 2023 05:19:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4b:86:04:32:2d:56:85:c5:a3:5a:ed:78:94:4e:98:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 20 05:19:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d70c8f7f0a5d4958ae38f1954d10398556e1a00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c6:a1:46:4c:dc:27:15:2b:16:8c:97:a7:bc:
06:2e:de:df:6f:7d:1a:2f:e4:20:43:06:06:67:79:
4c:cd:e8:73:fd:c8:23:ef:b7:00:0d:44:25:97:05:
b5:34:5d:fc:e2:50:d9:e3:72:cf:61:68:9c:29:88:
85:59:7d:88:6b:c7:93:38:fe:7b:5d:b0:cf:0b:bb:
fb:9e:f8:8d:03:d2:7a:96:06:31:4d:c5:61:e1:85:
74:e4:55:04:01:01:d5:08:9a:af:2c:6f:44:3a:e5:
bb:7c:ef:40:3d:b8:18:a4:ff:76:1e:7b:19:84:a4:
39:68:fe:bc:f2:69:d1:24:e2:f1:9d:81:54:86:82:
2c:14:3a:2f:9a:14:aa:92:e6:3e:23:c8:3d:fc:cd:
a7:34:6e:22:c6:e1:5c:1c:f9:9c:9a:e9:51:e2:18:
a4:56:a6:ac:1c:b6:2b:0f:95:b8:45:72:75:25:87:
1f:ee:00:27:7b:6c:8a:5d:d6:db:6e:f3:75:42:04:
0d:31:d4:9e:ac:24:59:a0:1d:bb:39:a1:91:cd:96:
ea:51:7e:33:de:9d:6a:b7:cc:19:ad:39:a0:c1:a2:
1f:6b:47:49:93:03:2b:09:87:b9:cf:e1:8a:8f:1f:
02:27:73:05:37:bf:ca:ad:cf:a5:3b:e6:a0:e5:8c:
5f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:70:C8:F7:F0:A5:D4:95:8A:E3:8F:19:54:D1:03:98:55:6E:1A:00
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HXDI9_Cl1JWK448ZVNEDmFVuGgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6d:86:cc:02:14:d9:2b:c9:e1:2c:1d:56:64:63:c4:0d:4e:99:
1c:ac:8d:4a:c3:0b:64:6c:96:84:88:11:fe:20:1f:66:91:c3:
62:61:60:43:2e:51:13:95:82:a1:80:16:fb:a5:b5:12:b6:d3:
51:5d:37:5f:9f:d5:c0:6d:eb:f2:3c:0c:54:ad:98:db:5c:e8:
01:cd:a0:62:ac:95:c6:b4:87:aa:69:40:5f:cb:b4:3b:0c:2a:
ce:a3:f6:19:3f:8b:56:75:ce:84:05:26:72:f5:7a:57:66:a2:
24:a9:84:32:cd:6c:4a:c7:e3:00:4c:29:d9:9e:82:30:10:6e:
53:6d:e5:2b:cf:82:07:ba:97:05:32:77:99:43:c7:c0:21:e6:
fe:5d:5d:a0:81:bb:b9:2a:15:8f:5e:3c:25:48:7b:c6:df:cd:
e6:6b:93:8d:3e:10:0e:91:1e:c5:3c:78:d1:0e:ef:34:3e:e3:
5a:fd:80:2e:78:82:59:4d:a1:ce:89:d8:bc:29:66:98:0d:17:
da:26:18:fc:e8:6b:7a:b8:5a:82:a3:0d:35:c1:2a:61:7e:c8:
bd:d9:32:b9:03:cf:18:fe:b9:0d:61:eb:05:a1:79:e7:be:b4:
2b:04:35:99:6d:38:b2:22:ef:38:ee:14:2a:28:fd:cf:c3:ea:
8e:d7:31:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtLhgQyLVaFxaNa7XiUTphOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIwMDUxOTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDcwYzhmN2YwYTVkNDk1OGFlMzhmMTk1NGQxMDM5ODU1NmUxYTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMahRkzcJxUrFoyXp7wGLt7fb30a
L+QgQwYGZ3lMzehz/cgj77cADUQllwW1NF384lDZ43LPYWicKYiFWX2Ia8eTOP57
XbDPC7v7nviNA9J6lgYxTcVh4YV05FUEAQHVCJqvLG9EOuW7fO9APbgYpP92HnsZ
hKQ5aP688mnRJOLxnYFUhoIsFDovmhSqkuY+I8g9/M2nNG4ixuFcHPmcmulR4hik
VqasHLYrD5W4RXJ1JYcf7gAne2yKXdbbbvN1QgQNMdSerCRZoB27OaGRzZbqUX4z
3p1qt8wZrTmgwaIfa0dJkwMrCYe5z+GKjx8CJ3MFN7/Krc+lO+ag5YxfUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB1wyPfwpdSViuOPGVTRA5hVbhoAMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSFhESTlfQ2wxSldLNDQ4WlZORURtRlZ1R2dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG2GzAIU2SvJ4SwdVmRj
xA1OmRysjUrDC2RsloSIEf4gH2aRw2JhYEMuUROVgqGAFvultRK201FdN1+f1cBt
6/I8DFStmNtc6AHNoGKslca0h6ppQF/LtDsMKs6j9hk/i1Z1zoQFJnL1eldmoiSp
hDLNbErH4wBMKdmegjAQblNt5SvPgge6lwUyd5lDx8Ah5v5dXaCBu7kqFY9ePCVI
e8bfzeZrk40+EA6RHsU8eNEO7zQ+41r9gC54gllNoc6J2LwpZpgNF9omGPzoa3q4
WoKjDTXBKmF+yL3ZMrkDzxj+uQ1h6wWheee+tCsENZltOLIi7zjuFCoo/c/D6o7X
MUY=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:32:36 2025 by rpki-client