Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Hl0NTAVB5avlxdkQpnmX7hjU2Is.roa
File: Hl0NTAVB5avlxdkQpnmX7hjU2Is.roa (raw, json)
Hash identifier: Hilr33WIisvHQfHjihUWsCOedJEGnGTnVgjcIZp/xUI=
Subject key identifier: 1E:5D:0D:4C:05:41:E5:AB:E5:C5:D9:10:A6:79:97:EE:18:D4:D8:8B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C43203B1E2DB39FEE4B062D2EA97E6EA3
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Hl0NTAVB5avlxdkQpnmX7hjU2Is.roa
Signing time: Thu 07 Dec 2023 07:13:54 +0000
ROA not before: Thu 07 Dec 2023 07:13:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:43:20:3b:1e:2d:b3:9f:ee:4b:06:2d:2e:a9:7e:6e:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 7 07:13:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e5d0d4c0541e5abe5c5d910a67997ee18d4d88b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:07:5d:7a:11:f7:d2:fc:c9:99:38:ad:44:66:
dd:82:15:50:21:02:c0:6f:cd:e5:c3:ba:fb:87:96:
8e:b3:13:2f:e5:e9:22:57:58:28:15:0b:bf:ec:8d:
98:27:91:d7:f6:78:71:50:e5:1c:43:56:92:70:15:
51:7f:38:fb:e0:ce:e7:be:ac:0c:23:e1:d5:6b:5f:
c4:22:2d:89:80:8e:d6:4f:73:12:cd:2c:d2:99:63:
10:63:80:2f:4f:30:b1:e3:b9:cd:d1:4c:30:d3:2d:
4a:03:ff:fa:5b:dd:55:04:d3:1c:77:3b:c2:9f:d8:
31:2e:d5:de:4a:dc:f9:2c:70:cb:54:1b:e7:6c:2d:
ef:36:b7:97:12:a4:ef:ce:bf:2e:45:a1:4e:76:16:
28:36:07:25:f0:1a:47:1f:5e:ed:33:89:9b:93:b3:
3e:21:c4:f6:34:10:95:e8:7e:0e:83:aa:16:c8:c7:
51:1d:48:bb:0f:ac:bf:10:c5:06:a3:a3:95:7c:21:
17:3b:ca:22:76:e9:5c:be:ba:a7:61:ab:48:f1:34:
03:36:94:ea:91:33:72:ce:6b:5d:e3:79:0d:40:29:
8d:f6:39:07:19:92:ae:54:b6:e7:6e:d0:48:ef:88:
ab:5c:a7:b8:28:56:d5:19:93:eb:24:ca:fa:d0:d3:
f5:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:5D:0D:4C:05:41:E5:AB:E5:C5:D9:10:A6:79:97:EE:18:D4:D8:8B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Hl0NTAVB5avlxdkQpnmX7hjU2Is.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
01:b9:49:21:6e:4f:43:ab:bc:a8:83:38:26:80:6d:6f:c5:d9:
14:99:6f:77:a8:a5:7a:f9:6c:3c:b6:6f:56:fa:7e:e4:3d:f7:
30:f1:75:15:31:72:84:f0:d4:68:c3:ef:88:3a:42:5b:52:6d:
85:f9:d3:54:49:4f:52:78:ea:aa:0a:f2:3b:4c:02:57:9e:ae:
8e:2f:64:27:60:5d:0c:09:78:2b:21:3b:8e:3a:16:5e:1c:6d:
ba:29:41:d4:e9:d9:cb:da:b7:4e:0f:bc:85:46:32:52:c6:e9:
12:22:5d:51:d6:a6:db:ea:58:2a:8b:3f:82:7b:be:20:16:c9:
5b:b0:67:52:dd:5c:12:a2:c3:a0:c1:3e:79:ba:eb:da:c0:01:
86:cb:e4:30:d9:4c:b4:be:c7:58:69:71:bf:af:db:c9:2e:41:
d4:56:5b:b2:48:95:9c:7e:e4:ca:e9:d3:6f:d1:5c:7e:ef:27:
0f:70:a0:99:4d:45:fc:66:17:77:8a:28:64:83:ca:10:5d:4f:
b6:0e:4f:28:47:d2:da:11:3e:70:29:41:96:cf:c6:2d:1e:c3:
21:0c:fb:36:fe:8b:86:0b:41:00:60:09:8a:92:44:e5:cf:bd:
cc:f5:b3:a4:c6:a0:75:c5:b7:40:12:a5:20:ea:af:d8:29:93:
30:c1:63:79
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxDIDseLbOf7ksGLS6pfm6jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA3MDcxMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTVkMGQ0YzA1NDFlNWFiZTVjNWQ5MTBhNjc5OTdlZTE4ZDRkODhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAddehH30vzJmTitRGbdghVQIQLA
b83lw7r7h5aOsxMv5ekiV1goFQu/7I2YJ5HX9nhxUOUcQ1aScBVRfzj74M7nvqwM
I+HVa1/EIi2JgI7WT3MSzSzSmWMQY4AvTzCx47nN0Uww0y1KA//6W91VBNMcdzvC
n9gxLtXeStz5LHDLVBvnbC3vNreXEqTvzr8uRaFOdhYoNgcl8BpHH17tM4mbk7M+
IcT2NBCV6H4Og6oWyMdRHUi7D6y/EMUGo6OVfCEXO8oidulcvrqnYatI8TQDNpTq
kTNyzmtd43kNQCmN9jkHGZKuVLbnbtBI74irXKe4KFbVGZPrJMr60NP16QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB5dDUwFQeWr5cXZEKZ5l+4Y1NiLMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSGwwTlRBVkI1YXZseGRrUXBubVg3aGpVMklzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAG5SSFuT0OrvKiDOCaA
bW/F2RSZb3eopXr5bDy2b1b6fuQ99zDxdRUxcoTw1GjD74g6QltSbYX501RJT1J4
6qoK8jtMAleero4vZCdgXQwJeCshO446Fl4cbbopQdTp2cvat04PvIVGMlLG6RIi
XVHWptvqWCqLP4J7viAWyVuwZ1LdXBKiw6DBPnm669rAAYbL5DDZTLS+x1hpcb+v
28kuQdRWW7JIlZx+5Mrp02/RXH7vJw9woJlNRfxmF3eKKGSDyhBdT7YOTyhH0toR
PnApQZbPxi0ewyEM+zb+i4YLQQBgCYqSROXPvcz1s6TGoHXFt0ASpSDqr9gpkzDB
Y3k=
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:13:03 2025 by rpki-client