Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h0C3utJKOkyxovy8eAlEZ_JRDko.roa
File: h0C3utJKOkyxovy8eAlEZ_JRDko.roa (raw, json)
Hash identifier: GfatqFhJYD6Uk0ITpvst+QB317KGj/GRwI+Xq60Iyhk=
Subject key identifier: 87:40:B7:BA:D2:4A:3A:4C:B1:A2:FC:BC:78:09:44:67:F2:51:0E:4A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BFA2A0CDFA2EB2B7D3C246ECD5DDAE4B1
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h0C3utJKOkyxovy8eAlEZ_JRDko.roa
Signing time: Thu 23 Nov 2023 03:12:21 +0000
ROA not before: Thu 23 Nov 2023 03:12:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fa:2a:0c:df:a2:eb:2b:7d:3c:24:6e:cd:5d:da:e4:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 23 03:12:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8740b7bad24a3a4cb1a2fcbc78094467f2510e4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:77:97:48:c6:51:5e:e8:23:c3:0e:94:b4:8c:
c5:47:8a:a4:74:2e:99:18:de:17:b5:b3:42:25:38:
0b:74:f2:8b:51:1b:cd:ba:3a:9f:cc:7d:a8:7b:b8:
51:be:08:0b:9a:5d:70:e4:b3:84:e5:6a:a0:f1:52:
f7:cd:6c:17:9f:5b:65:75:a6:7b:c5:d9:27:a3:a2:
5c:5a:61:7f:90:e7:f8:08:7d:00:b7:84:8a:dd:05:
1a:e8:86:86:04:69:99:eb:67:73:60:b6:c0:f5:64:
99:fc:22:9a:fd:93:98:f6:1c:14:6e:d1:55:4f:1d:
1a:4f:18:c8:89:91:b3:86:96:4e:3e:9d:d8:ac:f9:
08:58:2e:0f:4a:74:b5:36:73:e4:29:b6:86:19:41:
1a:fc:d0:bf:23:f8:ad:b4:b6:96:0a:b8:8d:15:0b:
7b:9a:9a:c2:51:ff:65:20:e6:81:e4:89:30:06:d9:
f4:48:9e:1a:4c:24:4a:06:0f:e1:ac:21:a5:5b:93:
c3:1d:a8:73:36:2c:c1:0b:19:37:3e:0d:73:b8:9d:
27:e5:41:f5:c5:8b:e2:70:13:2d:e7:b8:3d:2d:58:
03:2a:3b:af:80:07:50:fe:90:94:fd:5a:fa:5d:ac:
57:9d:a5:ab:ac:88:3c:ac:40:da:67:8f:63:57:9c:
43:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:40:B7:BA:D2:4A:3A:4C:B1:A2:FC:BC:78:09:44:67:F2:51:0E:4A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h0C3utJKOkyxovy8eAlEZ_JRDko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8b:61:ff:cb:25:81:9b:6d:64:90:2d:f6:0d:d4:0d:1c:94:f3:
37:ca:b6:20:b9:83:2f:fe:f6:e7:75:91:3d:b0:62:92:73:d7:
31:b9:03:c7:12:8e:10:9e:72:6f:57:9e:68:2a:5f:6c:2d:e5:
f2:65:c0:dc:3b:1a:77:4d:10:c8:3e:21:c3:00:2a:1f:7d:5a:
96:ea:a3:bc:8d:84:de:20:3c:12:f5:f7:3d:59:bf:1f:5d:c4:
7f:69:ac:a6:8c:0d:6b:cb:a2:92:cc:1c:ec:09:5c:ec:1c:bd:
7e:03:b3:d6:38:2a:72:e3:e7:5d:2a:d2:ec:29:98:00:68:bc:
48:c0:5b:cc:8e:39:4a:59:9a:5a:1f:ec:84:38:4f:4c:3e:f1:
57:9a:b2:83:8e:4d:4e:f0:b6:e0:e8:e2:2c:7b:e7:9e:26:70:
89:7c:16:94:26:a9:51:b7:31:8c:71:41:2e:f2:b1:14:67:1d:
06:89:3c:e4:f9:a0:3e:a9:4a:33:7f:3d:d2:77:2e:d6:22:ad:
27:18:72:c8:ce:6b:fa:21:3b:f5:f8:4f:44:83:db:e2:c6:cf:
c2:42:78:89:d4:64:c5:00:c4:c5:5e:b8:19:eb:73:06:51:52:
99:81:a7:54:1e:bf:9b:9f:e5:6e:29:ed:8d:4a:25:54:1b:90:
dc:33:59:cd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYv6KgzfousrfTwkbs1d2uSxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIzMDMxMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzQwYjdiYWQyNGEzYTRjYjFhMmZjYmM3ODA5NDQ2N2YyNTEwZTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAineXSMZRXugjww6UtIzFR4qkdC6Z
GN4XtbNCJTgLdPKLURvNujqfzH2oe7hRvggLml1w5LOE5Wqg8VL3zWwXn1tldaZ7
xdkno6JcWmF/kOf4CH0At4SK3QUa6IaGBGmZ62dzYLbA9WSZ/CKa/ZOY9hwUbtFV
Tx0aTxjIiZGzhpZOPp3YrPkIWC4PSnS1NnPkKbaGGUEa/NC/I/ittLaWCriNFQt7
mprCUf9lIOaB5IkwBtn0SJ4aTCRKBg/hrCGlW5PDHahzNizBCxk3Pg1zuJ0n5UH1
xYvicBMt57g9LVgDKjuvgAdQ/pCU/Vr6XaxXnaWrrIg8rEDaZ49jV5xDRwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIdAt7rSSjpMsaL8vHgJRGfyUQ5KMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaDBDM3V0SktPa3l4b3Z5OGVBbEVaX0pSRGtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIth/8slgZttZJAt9g3U
DRyU8zfKtiC5gy/+9ud1kT2wYpJz1zG5A8cSjhCecm9XnmgqX2wt5fJlwNw7GndN
EMg+IcMAKh99Wpbqo7yNhN4gPBL19z1Zvx9dxH9prKaMDWvLopLMHOwJXOwcvX4D
s9Y4KnLj510q0uwpmABovEjAW8yOOUpZmlof7IQ4T0w+8VeasoOOTU7wtuDo4ix7
554mcIl8FpQmqVG3MYxxQS7ysRRnHQaJPOT5oD6pSjN/PdJ3LtYirScYcsjOa/oh
O/X4T0SD2+LGz8JCeInUZMUAxMVeuBnrcwZRUpmBp1Qev5uf5W4p7Y1KJVQbkNwz
Wc0=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:43:25 2025 by rpki-client