Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HzJp6xrH03BXxN8lcW8Urj73iqw.roa
File: HzJp6xrH03BXxN8lcW8Urj73iqw.roa (raw, json)
Hash identifier: 2SrQN7Mgg7UH6xwDvugdSTZgmycpjyEFenI6zzvfodE=
Subject key identifier: 1F:32:69:EB:1A:C7:D3:70:57:C4:DF:25:71:6F:14:AE:3E:F7:8A:AC
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BE10D3694CC09BDFB0F3115F2A1909C86
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HzJp6xrH03BXxN8lcW8Urj73iqw.roa
Signing time: Sat 18 Nov 2023 06:10:21 +0000
ROA not before: Sat 18 Nov 2023 06:10:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e1:0d:36:94:cc:09:bd:fb:0f:31:15:f2:a1:90:9c:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 18 06:10:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f3269eb1ac7d37057c4df25716f14ae3ef78aac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e2:7a:ec:cd:0c:70:98:8f:10:dd:92:ba:c7:
ef:51:1b:df:0c:61:39:08:d1:1c:e3:fa:87:91:18:
9e:23:06:50:4d:65:3d:d7:2e:69:64:14:dd:ee:ad:
f4:ed:f9:bf:50:cb:61:82:cf:e6:8d:d8:88:69:95:
72:0c:97:59:bd:81:f5:de:ac:ca:9b:2f:81:ce:07:
4d:2a:60:8f:4c:c2:7c:a9:49:84:be:eb:83:82:17:
c7:e1:30:50:44:5d:1b:f7:7d:f7:ce:dd:5e:d3:12:
af:4d:3e:20:f8:b3:a3:8c:5e:ea:c1:98:35:94:7b:
9c:87:1e:f2:77:87:b7:db:a6:7c:d9:2d:7b:dd:1c:
ae:d5:34:59:e8:dc:df:24:85:0e:66:47:33:fb:db:
2a:00:68:35:16:b7:e1:36:8e:3d:e4:cf:74:b7:d4:
c9:0a:c6:24:75:2b:8c:00:cd:80:86:f0:1b:de:8b:
fc:30:e8:14:4a:d0:60:23:c9:23:1f:2d:44:41:da:
b1:da:6a:81:a0:d7:33:76:de:22:ef:b9:1a:01:73:
8f:32:ac:96:66:fd:96:d5:63:5a:fd:d7:a8:b1:6e:
0c:c1:7b:e3:dd:59:83:d8:e9:e6:ee:ae:54:a6:07:
be:f7:76:09:18:e5:12:bc:c5:57:6f:b5:a6:29:31:
c2:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:32:69:EB:1A:C7:D3:70:57:C4:DF:25:71:6F:14:AE:3E:F7:8A:AC
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HzJp6xrH03BXxN8lcW8Urj73iqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
14:c5:5d:73:8f:6e:dd:a6:ba:3b:ca:2e:ef:82:6d:cd:9c:77:
9d:47:6d:4f:1a:c2:7c:be:42:3b:64:56:de:2c:04:b8:72:bd:
3d:e3:d3:b9:32:03:58:02:cf:81:c6:3e:72:b0:76:a1:d7:dd:
8b:f5:c0:11:23:94:d9:f9:86:e3:85:4a:95:9c:5b:1f:14:96:
8b:72:cd:d6:1a:ae:7f:2f:02:8c:9d:23:cf:f9:5a:19:61:6f:
bc:f2:ee:9d:32:e1:fc:a8:60:69:f7:1d:06:92:2e:b8:c5:02:
93:8a:d4:85:33:7e:16:74:94:9b:6f:67:40:1c:fd:bd:8b:e0:
a1:a3:03:af:84:3c:cc:aa:4e:41:19:a9:cf:ee:a9:d9:7a:8b:
dd:45:6a:d9:9e:ea:11:be:e3:ec:3d:35:62:83:dd:aa:e0:ef:
9b:18:3c:8a:25:a1:aa:54:ee:e0:81:d9:90:bb:37:49:1e:26:
b2:86:66:03:43:34:03:14:90:6f:07:a5:30:e1:1b:5e:c3:7b:
64:1f:fa:3d:44:28:09:0a:9a:da:63:9c:46:1b:6a:26:c3:3e:
fe:54:35:99:81:16:c1:38:00:71:37:69:16:ec:03:ad:0b:08:
6b:91:2f:16:d2:d2:06:63:b0:6b:ee:f1:7f:37:57:1f:98:86:
d2:25:91:ba
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvhDTaUzAm9+w8xFfKhkJyGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE4MDYxMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjMyNjllYjFhYzdkMzcwNTdjNGRmMjU3MTZmMTRhZTNlZjc4YWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOJ67M0McJiPEN2SusfvURvfDGE5
CNEc4/qHkRieIwZQTWU91y5pZBTd7q307fm/UMthgs/mjdiIaZVyDJdZvYH13qzK
my+BzgdNKmCPTMJ8qUmEvuuDghfH4TBQRF0b9333zt1e0xKvTT4g+LOjjF7qwZg1
lHuchx7yd4e326Z82S173Ryu1TRZ6NzfJIUOZkcz+9sqAGg1FrfhNo495M90t9TJ
CsYkdSuMAM2AhvAb3ov8MOgUStBgI8kjHy1EQdqx2mqBoNczdt4i77kaAXOPMqyW
Zv2W1WNa/deosW4MwXvj3VmD2Onm7q5Upge+93YJGOUSvMVXb7WmKTHC6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB8yaesax9NwV8TfJXFvFK4+94qsMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSHpKcDZ4ckgwM0JYeE44bGNXOFVyajczaXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABTFXXOPbt2mujvKLu+C
bc2cd51HbU8awny+QjtkVt4sBLhyvT3j07kyA1gCz4HGPnKwdqHX3Yv1wBEjlNn5
huOFSpWcWx8UlotyzdYarn8vAoydI8/5Whlhb7zy7p0y4fyoYGn3HQaSLrjFApOK
1IUzfhZ0lJtvZ0Ac/b2L4KGjA6+EPMyqTkEZqc/uqdl6i91Fatme6hG+4+w9NWKD
3arg75sYPIoloapU7uCB2ZC7N0keJrKGZgNDNAMUkG8HpTDhG17De2Qf+j1EKAkK
mtpjnEYbaibDPv5UNZmBFsE4AHE3aRbsA60LCGuRLxbS0gZjsGvu8X83Vx+YhtIl
kbo=
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:10:23 2025 by rpki-client