Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h3MBvxezZ6w2vKxIZSXLM5rtGCQ.roa
File: h3MBvxezZ6w2vKxIZSXLM5rtGCQ.roa (raw, json)
Hash identifier: 1swnbg9lJzLamRuovDriV0TjPZShoRY7hfqh6f3LiRU=
Subject key identifier: 87:73:01:BF:17:B3:67:AC:36:BC:AC:48:65:25:CB:33:9A:ED:18:24
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C7669FB25AD5F7B053A35CEB58C680020
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h3MBvxezZ6w2vKxIZSXLM5rtGCQ.roa
Signing time: Sun 17 Dec 2023 06:15:06 +0000
ROA not before: Sun 17 Dec 2023 06:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:76:69:fb:25:ad:5f:7b:05:3a:35:ce:b5:8c:68:00:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 17 06:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=877301bf17b367ac36bcac486525cb339aed1824
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e5:15:4f:27:24:21:70:5d:60:49:2f:e8:ab:
1a:86:b5:43:90:cf:45:dd:db:01:74:48:98:31:ff:
5c:99:31:45:5d:ee:80:fb:26:d5:52:10:d1:a0:f7:
5b:37:0d:77:51:11:92:a6:f8:03:81:cd:8a:c1:85:
92:e0:35:bd:a9:ac:06:f5:7c:f1:30:59:d8:a1:15:
60:f8:3b:05:45:5d:0c:75:49:7d:83:a1:6f:4e:bd:
f3:a6:c7:c2:e2:56:14:2b:8f:6d:a8:c1:85:05:61:
f0:ee:d7:ce:9f:1b:99:12:bb:a0:4d:a6:ec:07:2f:
ad:da:8e:78:72:42:cf:3c:44:df:72:dc:4f:34:5d:
2c:6c:b5:11:8f:09:3a:17:72:aa:60:95:5d:69:6e:
da:20:ca:8a:02:c8:16:a3:ef:90:2c:58:20:69:ae:
79:51:cd:2a:d6:c8:f2:5e:3b:19:f8:f8:ed:b9:dd:
0b:66:57:7e:99:d2:c4:4f:5d:82:be:ff:4e:8e:ed:
74:ab:b9:29:0b:d7:c2:26:26:dd:a6:d0:7c:a0:9f:
23:3a:2d:62:78:95:95:0e:4a:27:1b:63:2b:3f:26:
58:12:da:36:43:96:0d:66:77:a5:bf:ae:03:ee:f3:
ac:65:ce:bb:88:bd:ae:3e:06:54:22:a8:b2:f1:51:
df:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:73:01:BF:17:B3:67:AC:36:BC:AC:48:65:25:CB:33:9A:ED:18:24
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h3MBvxezZ6w2vKxIZSXLM5rtGCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
32:91:8a:5c:43:6f:13:02:a6:35:31:63:7b:5b:41:ac:c5:2c:
29:88:e4:7d:a6:ca:23:81:c8:1d:74:d3:e6:fd:f5:95:9a:48:
b8:36:2c:63:5e:f9:ac:2d:04:e3:3d:31:44:69:b2:70:8e:77:
65:c7:29:b4:3f:5a:05:97:5b:06:70:88:15:7c:db:be:d1:64:
1a:ba:ca:46:38:47:14:7d:00:32:57:b4:4d:84:6a:19:9f:ac:
48:fe:c0:8f:6f:2c:08:11:be:56:39:c5:a1:ad:17:a7:13:1a:
08:9b:11:23:59:8d:ed:f8:b6:ea:db:8a:6d:57:15:f6:d8:8d:
3d:ef:00:a0:92:ef:0c:d6:d2:b1:17:25:92:98:70:74:2f:82:
b6:cb:b3:fd:85:d3:01:0d:1f:2f:56:4a:4a:4e:0f:21:a2:17:
61:5d:f6:cd:5f:a0:af:4d:b5:60:35:9c:05:a8:28:dd:d9:ce:
59:ec:fc:93:4d:b1:3b:92:00:ab:8f:e1:b4:e1:2f:4b:52:9a:
2a:f0:bc:5b:5e:a6:49:ff:a1:d4:5b:0c:65:eb:03:ef:91:ff:
1a:4c:c4:d1:78:9f:81:77:79:c9:e4:f3:df:33:d0:29:22:40:
93:61:1a:ed:d1:69:3f:dd:7e:da:11:1f:b5:ef:9b:bb:6b:8f:
4e:a6:4c:aa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx2afslrV97BTo1zrWMaAAgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE3MDYxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzczMDFiZjE3YjM2N2FjMzZiY2FjNDg2NTI1Y2IzMzlhZWQxODI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuUVTyckIXBdYEkv6KsahrVDkM9F
3dsBdEiYMf9cmTFFXe6A+ybVUhDRoPdbNw13URGSpvgDgc2KwYWS4DW9qawG9Xzx
MFnYoRVg+DsFRV0MdUl9g6FvTr3zpsfC4lYUK49tqMGFBWHw7tfOnxuZErugTabs
By+t2o54ckLPPETfctxPNF0sbLURjwk6F3KqYJVdaW7aIMqKAsgWo++QLFggaa55
Uc0q1sjyXjsZ+Pjtud0LZld+mdLET12Cvv9Oju10q7kpC9fCJibdptB8oJ8jOi1i
eJWVDkonG2MrPyZYEto2Q5YNZnelv64D7vOsZc67iL2uPgZUIqiy8VHf3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIdzAb8Xs2esNrysSGUlyzOa7RgkMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaDNNQnZ4ZXpaNncydkt4SVpTWExNNXJ0R0NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADKRilxDbxMCpjUxY3tb
QazFLCmI5H2myiOByB100+b99ZWaSLg2LGNe+awtBOM9MURpsnCOd2XHKbQ/WgWX
WwZwiBV8277RZBq6ykY4RxR9ADJXtE2EahmfrEj+wI9vLAgRvlY5xaGtF6cTGgib
ESNZje34turbim1XFfbYjT3vAKCS7wzW0rEXJZKYcHQvgrbLs/2F0wENHy9WSkpO
DyGiF2Fd9s1foK9NtWA1nAWoKN3Zzlns/JNNsTuSAKuP4bThL0tSmirwvFtepkn/
odRbDGXrA++R/xpMxNF4n4F3ecnk898z0CkiQJNhGu3RaT/dftoRH7Xvm7trj06m
TKo=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:14:38 2025 by rpki-client