Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HazGr6u5j9_HagsvMiQbDTZSPxw.roa
File: HazGr6u5j9_HagsvMiQbDTZSPxw.roa (raw, json)
Hash identifier: tzmtZrbr9jcmfwidP8NPPyAJ107z/zAcy5xIa93F/Do=
Subject key identifier: 1D:AC:C6:AF:AB:B9:8F:DF:C7:6A:0B:2F:32:24:1B:0D:36:52:3F:1C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AB0963AE60DDC46CE5D2B16DB52C3C20B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HazGr6u5j9_HagsvMiQbDTZSPxw.roa
Signing time: Wed 20 Sep 2023 03:15:50 +0000
ROA not before: Wed 20 Sep 2023 03:15:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b0:96:3a:e6:0d:dc:46:ce:5d:2b:16:db:52:c3:c2:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 20 03:15:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1dacc6afabb98fdfc76a0b2f32241b0d36523f1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8c:59:73:ff:11:71:9b:c2:dd:74:ac:ff:40:
b3:31:cf:fa:2f:2e:44:1a:c0:b1:a1:2d:f6:95:23:
77:94:62:67:33:2b:40:e7:b8:34:f1:d3:c5:04:11:
4f:44:4f:37:50:ea:25:91:c1:7f:56:9a:ca:7a:fc:
25:be:e3:51:0c:80:01:c3:f6:c5:35:08:a9:18:b2:
2c:6a:99:63:de:be:0a:d4:1a:2e:20:f5:6f:b3:c7:
31:d5:a6:49:05:f5:62:19:ab:c0:33:17:d0:72:cb:
61:40:cb:95:59:74:86:8f:b6:9d:a5:d9:65:ca:21:
46:27:92:9f:e2:61:04:d0:c4:ed:f3:89:33:5a:b2:
32:47:95:97:fa:80:0c:b6:58:18:ad:53:0a:d2:78:
b7:63:35:4f:33:7d:40:0d:07:19:de:79:8c:4f:7e:
23:77:6d:dc:ee:24:a2:8d:c4:6e:a7:0e:fe:1b:16:
af:23:ea:a7:c5:41:b9:72:23:1d:16:d9:27:74:9c:
1a:76:96:52:05:65:c0:dc:a9:7c:af:70:a7:08:bb:
48:4a:7d:ae:bb:a8:fe:d4:ab:0d:e9:2e:f3:a4:77:
75:5d:90:60:97:44:60:12:72:b3:a2:ea:0f:20:54:
30:c8:cc:2e:46:ae:4a:77:52:9c:83:65:6d:76:ff:
b3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:AC:C6:AF:AB:B9:8F:DF:C7:6A:0B:2F:32:24:1B:0D:36:52:3F:1C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HazGr6u5j9_HagsvMiQbDTZSPxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6a:f7:8a:29:f3:32:9a:5c:4e:a3:9f:47:88:ef:de:e0:42:b2:
38:a0:79:57:82:57:71:84:6a:30:74:fe:78:62:00:7d:91:a4:
5d:ca:61:ed:3f:88:0f:2c:92:0e:3f:8d:f9:51:f8:50:b0:12:
8b:9d:d8:52:1c:bf:46:8f:94:35:58:ab:d6:26:48:5b:86:43:
41:87:1f:e4:fb:ab:28:bc:ed:15:1e:8e:bb:87:bc:23:63:ee:
31:07:83:d3:7f:8f:b9:7c:9b:e4:b5:35:b8:72:03:94:9e:ae:
49:65:46:38:5b:ca:06:53:d2:e2:ca:04:c4:9c:75:65:51:d8:
3c:9d:c0:5f:82:79:fc:9d:72:b3:49:47:78:73:11:67:b1:0f:
1e:cd:38:dc:7e:1a:19:66:1d:69:f4:cb:68:00:ff:cd:01:bd:
95:09:4d:ec:23:84:e9:ed:e1:f7:89:15:c2:28:ee:a5:a3:c1:
d5:fd:7a:29:7b:52:44:83:ac:22:e9:fe:57:5a:30:7b:07:02:
48:fc:d5:6a:ea:44:7c:c9:9f:03:5c:32:ff:85:68:c9:92:00:
04:72:bd:5f:94:c2:bf:95:7a:80:3a:b2:3a:b2:dc:f7:62:f8:
54:2c:08:fd:fd:0d:da:12:0f:47:47:fc:98:91:4c:ea:9a:bf:
b3:c4:41:66
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqwljrmDdxGzl0rFttSw8ILMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIwMDMxNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGFjYzZhZmFiYjk4ZmRmYzc2YTBiMmYzMjI0MWIwZDM2NTIzZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIxZc/8RcZvC3XSs/0CzMc/6Ly5E
GsCxoS32lSN3lGJnMytA57g08dPFBBFPRE83UOolkcF/VprKevwlvuNRDIABw/bF
NQipGLIsaplj3r4K1BouIPVvs8cx1aZJBfViGavAMxfQcsthQMuVWXSGj7adpdll
yiFGJ5Kf4mEE0MTt84kzWrIyR5WX+oAMtlgYrVMK0ni3YzVPM31ADQcZ3nmMT34j
d23c7iSijcRupw7+GxavI+qnxUG5ciMdFtkndJwadpZSBWXA3Kl8r3CnCLtISn2u
u6j+1KsN6S7zpHd1XZBgl0RgEnKzouoPIFQwyMwuRq5Kd1Kcg2Vtdv+zWwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB2sxq+ruY/fx2oLLzIkGw02Uj8cMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSGF6R3I2dTVqOV9IYWdzdk1pUWJEVFpTUHh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGr3iinzMppcTqOfR4jv
3uBCsjigeVeCV3GEajB0/nhiAH2RpF3KYe0/iA8skg4/jflR+FCwEoud2FIcv0aP
lDVYq9YmSFuGQ0GHH+T7qyi87RUejruHvCNj7jEHg9N/j7l8m+S1NbhyA5Serkll
RjhbygZT0uLKBMScdWVR2DydwF+CefydcrNJR3hzEWexDx7NONx+GhlmHWn0y2gA
/80BvZUJTewjhOnt4feJFcIo7qWjwdX9eil7UkSDrCLp/ldaMHsHAkj81WrqRHzJ
nwNcMv+FaMmSAARyvV+Uwr+VeoA6sjqy3Pdi+FQsCP39DdoSD0dH/JiRTOqav7PE
QWY=
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:41:03 2025 by rpki-client