Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Hkd7tIpuGCsBMtMhCKyX4VVq-nU.roa
File: Hkd7tIpuGCsBMtMhCKyX4VVq-nU.roa (raw, json)
Hash identifier: /6J8eUYnlgLScrz2bGombgvIUE2aSGJXaUQ3pA51LeA=
Subject key identifier: 1E:47:7B:B4:8A:6E:18:2B:01:32:D3:21:08:AC:97:E1:55:6A:FA:75
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ABF5A3EE4BF02E47AB0AB87BFC12ED275
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Hkd7tIpuGCsBMtMhCKyX4VVq-nU.roa
Signing time: Sat 23 Sep 2023 00:04:37 +0000
ROA not before: Sat 23 Sep 2023 00:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:bf5a:29e9/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bf:5a:3e:e4:bf:02:e4:7a:b0:ab:87:bf:c1:2e:d2:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 23 00:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e477bb48a6e182b0132d32108ac97e1556afa75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:64:e1:33:8d:28:4c:1e:08:81:77:66:48:74:
97:b6:ed:6d:4c:30:6c:3b:f3:7b:d7:c2:30:5f:7c:
44:f3:55:77:70:58:5f:11:53:c2:be:fc:4b:26:e6:
c0:ac:78:ad:8c:9f:50:02:be:9d:dc:90:84:90:15:
16:92:51:83:6a:0b:7a:8e:27:de:a7:63:d2:90:92:
e7:2d:34:24:2e:22:da:c4:2d:0c:a2:fc:5c:1f:af:
e0:fc:b5:57:95:b2:23:6d:ae:bf:d3:3b:59:cb:5e:
be:fe:70:1e:e0:93:fc:45:45:35:4a:da:b0:f1:d9:
51:fc:5b:9c:fe:71:2c:3f:6b:a2:ea:ec:b7:6d:41:
2c:64:fb:b0:a7:53:b8:47:3f:35:e7:e6:d7:39:ad:
fd:6e:86:06:28:86:fb:fb:c7:9f:85:8a:25:ca:ec:
46:d5:c0:86:31:c7:54:0f:5c:da:ca:52:c5:03:c2:
2d:5b:6a:a2:7c:ce:ed:d3:a6:23:66:42:8c:55:e7:
23:0b:76:a9:d2:f8:aa:e0:d6:e8:e9:90:b6:28:49:
c2:f7:d0:ef:8f:74:cd:a5:a4:9b:15:1e:7c:b3:5b:
4c:d0:45:1d:32:17:44:38:c5:31:d3:1d:51:3d:8e:
da:62:92:6d:8e:d2:bc:14:97:40:a6:b9:ef:94:ea:
af:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:47:7B:B4:8A:6E:18:2B:01:32:D3:21:08:AC:97:E1:55:6A:FA:75
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Hkd7tIpuGCsBMtMhCKyX4VVq-nU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ca:8a:c4:3b:02:d8:42:65:14:1e:72:3e:ec:0d:fc:5b:65:0a:
28:5c:43:63:e8:52:9c:33:ac:e3:18:bf:c0:ec:d0:b9:ae:1a:
a0:b5:9d:1f:eb:29:e3:62:4c:30:b7:78:fa:29:52:cd:24:7b:
3e:c5:86:df:cf:7a:85:da:79:e8:ee:85:1a:be:44:7a:c9:8a:
63:bb:40:f2:1d:72:fc:9c:4e:6c:3d:7c:c2:e1:91:cf:9c:da:
10:28:ba:fc:9d:49:ed:44:cd:b7:4e:90:35:31:63:f0:e0:ed:
28:31:d6:48:ac:b5:41:19:c8:18:c6:8a:c6:5a:c4:b2:83:a4:
86:de:4d:f4:10:e0:65:bc:d1:d6:d0:0b:01:d2:b7:2e:29:1d:
8c:c2:35:49:0a:b2:b5:89:d1:b6:a8:2b:f8:8c:7e:1f:6c:ba:
8e:61:72:fd:2a:8f:f3:1b:a6:6a:9b:9d:ba:4b:91:ad:e8:5b:
31:2d:6b:5c:bf:ca:49:f1:cc:a9:c0:4d:ba:de:a4:2b:a5:ff:
c3:8c:7c:0e:4d:00:87:b8:0c:8b:78:3a:95:c2:95:67:24:73:
1c:6f:02:22:f1:f8:9d:2d:e8:5e:ac:60:e7:6d:c5:03:8a:ec:
2a:ce:a1:71:51:ff:ea:9e:2c:f1:a7:94:c9:c2:4e:03:d2:10:
36:f0:06:07
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq/Wj7kvwLkerCrh7/BLtJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIzMDAwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTQ3N2JiNDhhNmUxODJiMDEzMmQzMjEwOGFjOTdlMTU1NmFmYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmThM40oTB4IgXdmSHSXtu1tTDBs
O/N718IwX3xE81V3cFhfEVPCvvxLJubArHitjJ9QAr6d3JCEkBUWklGDagt6jife
p2PSkJLnLTQkLiLaxC0MovxcH6/g/LVXlbIjba6/0ztZy16+/nAe4JP8RUU1Stqw
8dlR/Fuc/nEsP2ui6uy3bUEsZPuwp1O4Rz815+bXOa39boYGKIb7+8efhYolyuxG
1cCGMcdUD1zaylLFA8ItW2qifM7t06YjZkKMVecjC3ap0viq4Nbo6ZC2KEnC99Dv
j3TNpaSbFR58s1tM0EUdMhdEOMUx0x1RPY7aYpJtjtK8FJdAprnvlOqvXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB5He7SKbhgrATLTIQisl+FVavp1MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSGtkN3RJcHVHQ3NCTXRNaENLeVg0VlZxLW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMqKxDsC2EJlFB5yPuwN
/FtlCihcQ2PoUpwzrOMYv8Ds0LmuGqC1nR/rKeNiTDC3ePopUs0kez7Fht/PeoXa
eejuhRq+RHrJimO7QPIdcvycTmw9fMLhkc+c2hAouvydSe1EzbdOkDUxY/Dg7Sgx
1kistUEZyBjGisZaxLKDpIbeTfQQ4GW80dbQCwHSty4pHYzCNUkKsrWJ0baoK/iM
fh9suo5hcv0qj/MbpmqbnbpLka3oWzEta1y/yknxzKnATbrepCul/8OMfA5NAIe4
DIt4OpXClWckcxxvAiLx+J0t6F6sYOdtxQOK7CrOoXFR/+qeLPGnlMnCTgPSEDbw
Bgc=
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:32:18 2025 by rpki-client