Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fHbVIq0z6hguRyNVdOFTIDqhYOY.roa
File: fHbVIq0z6hguRyNVdOFTIDqhYOY.roa (raw, json)
Hash identifier: qQPUkH/UWeWGPCUNjERuI0JlmGQi5Jq0mmMTzXqVBmg=
Subject key identifier: 7C:76:D5:22:AD:33:EA:18:2E:47:23:55:74:E1:53:20:3A:A1:60:E6
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C51E60E94F1338F3C38446D5C4867FDB0
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fHbVIq0z6hguRyNVdOFTIDqhYOY.roa
Signing time: Sun 10 Dec 2023 04:04:40 +0000
ROA not before: Sun 10 Dec 2023 04:04:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18c:51e5:cd2c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:51:e6:0e:94:f1:33:8f:3c:38:44:6d:5c:48:67:fd:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 10 04:04:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c76d522ad33ea182e47235574e153203aa160e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:e2:f1:0b:01:35:c8:a9:2f:43:b1:53:a3:58:
59:bf:92:b3:92:2e:9b:36:28:b7:f7:7f:ce:54:57:
e6:66:57:81:f7:7b:fa:54:c4:0b:9b:4a:72:dc:a8:
ea:5f:77:3c:f2:3d:9c:97:88:51:db:4f:3f:f8:82:
bd:ab:6a:41:16:11:48:cd:d1:6d:23:a5:02:37:2d:
b0:f7:8a:8d:5d:22:14:be:c5:04:50:ed:ee:1d:4b:
87:88:f8:59:3c:9e:7f:42:57:9a:0b:97:64:d3:09:
60:1b:60:6e:b0:b9:c7:2d:cf:aa:3c:3b:b5:5e:fd:
c9:08:8a:46:98:af:08:a2:2a:ed:58:3a:19:80:78:
ab:03:d5:c0:8b:d8:94:cf:df:97:11:c6:f9:75:eb:
0d:6d:b3:b2:c6:34:2c:d6:44:16:a5:a4:c6:3d:7a:
bf:5d:03:4c:09:8c:6e:1f:8e:af:7c:8a:a1:60:97:
2a:28:80:a6:ca:bd:56:c6:78:6a:bf:72:3a:70:93:
70:c5:ec:d9:c6:22:c3:da:1d:2e:46:2a:20:5f:2e:
ac:71:55:bc:82:39:c6:ec:19:50:1b:1a:55:20:4f:
53:41:57:50:6b:7e:26:a6:3d:f4:a9:1d:72:3a:79:
27:75:2d:2d:2c:9f:6e:09:fe:3d:99:48:5d:67:d4:
32:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:76:D5:22:AD:33:EA:18:2E:47:23:55:74:E1:53:20:3A:A1:60:E6
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fHbVIq0z6hguRyNVdOFTIDqhYOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
20:51:9e:71:b9:6e:44:d9:9e:af:75:6a:40:f6:07:3b:fa:ed:
ab:67:c7:be:97:c6:a4:b9:04:5a:45:fd:ce:f8:6c:69:f8:39:
99:a8:ca:b0:b1:c2:17:70:e4:f4:c2:2c:94:06:35:9e:d8:53:
68:32:1d:0d:d0:cd:8f:41:52:37:6b:ba:3f:f6:b8:2d:74:6a:
3f:79:5d:69:55:98:1f:12:51:2e:7e:86:c1:4a:ce:3c:9e:e7:
a2:46:d7:1a:df:50:09:cc:5c:71:80:c1:6e:66:db:df:ed:28:
2e:ea:fb:d2:d0:39:ba:98:35:71:1e:82:7f:1b:db:48:60:be:
3f:1e:7e:5e:31:45:e2:27:45:29:82:ef:54:9c:b3:33:74:f3:
ca:6e:cf:38:1c:66:5e:3f:6a:c3:ed:85:37:96:da:05:4a:4f:
42:78:ca:36:23:8c:e6:45:60:d3:ee:26:fd:e1:a7:69:b5:84:
27:18:1b:2c:28:46:7a:c1:fe:db:45:cc:12:57:67:a5:fb:7b:
99:8f:6f:8d:6b:b7:ca:3d:a7:6c:88:1b:e8:22:d1:15:91:dc:
19:e4:bd:81:ff:33:dc:ab:02:af:01:14:ab:4f:52:21:a7:a4:
e7:98:13:80:84:29:7c:7b:52:e1:27:0b:ed:9b:04:2c:73:6f:
af:77:b3:40
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxR5g6U8TOPPDhEbVxIZ/2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEwMDQwNDQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yzc2ZDUyMmFkMzNlYTE4MmU0NzIzNTU3NGUxNTMyMDNhYTE2MGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjOLxCwE1yKkvQ7FTo1hZv5Kzki6b
Nii393/OVFfmZleB93v6VMQLm0py3KjqX3c88j2cl4hR208/+IK9q2pBFhFIzdFt
I6UCNy2w94qNXSIUvsUEUO3uHUuHiPhZPJ5/QleaC5dk0wlgG2BusLnHLc+qPDu1
Xv3JCIpGmK8IoirtWDoZgHirA9XAi9iUz9+XEcb5desNbbOyxjQs1kQWpaTGPXq/
XQNMCYxuH46vfIqhYJcqKICmyr1Wxnhqv3I6cJNwxezZxiLD2h0uRiogXy6scVW8
gjnG7BlQGxpVIE9TQVdQa34mpj30qR1yOnkndS0tLJ9uCf49mUhdZ9QyMQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHx21SKtM+oYLkcjVXThUyA6oWDmMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZkhiVklxMHo2aGd1UnlOVmRPRlRJRHFoWU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACBRnnG5bkTZnq91akD2
Bzv67atnx76XxqS5BFpF/c74bGn4OZmoyrCxwhdw5PTCLJQGNZ7YU2gyHQ3QzY9B
Ujdruj/2uC10aj95XWlVmB8SUS5+hsFKzjye56JG1xrfUAnMXHGAwW5m29/tKC7q
+9LQObqYNXEegn8b20hgvj8efl4xReInRSmC71ScszN088puzzgcZl4/asPthTeW
2gVKT0J4yjYjjOZFYNPuJv3hp2m1hCcYGywoRnrB/ttFzBJXZ6X7e5mPb41rt8o9
p2yIG+gi0RWR3BnkvYH/M9yrAq8BFKtPUiGnpOeYE4CEKXx7UuEnC+2bBCxzb693
s0A=
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:07:15 2025 by rpki-client