Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h5VsZzWNpoqS79X0YiKk79phx0w.roa
File: h5VsZzWNpoqS79X0YiKk79phx0w.roa (raw, json)
Hash identifier: +RQ1J+dHKqavuXy+JDT5sXW3RmInX/LQJcRYu+1F6nk=
Subject key identifier: 87:95:6C:67:35:8D:A6:8A:92:EF:D5:F4:62:22:A4:EF:DA:61:C7:4C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B5864FF874C53577160ACE14666FA3B0D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h5VsZzWNpoqS79X0YiKk79phx0w.roa
Signing time: Sun 22 Oct 2023 17:18:15 +0000
ROA not before: Sun 22 Oct 2023 17:18:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:58:64:ff:87:4c:53:57:71:60:ac:e1:46:66:fa:3b:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 22 17:18:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87956c67358da68a92efd5f46222a4efda61c74c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:30:b6:bd:4e:0f:ea:4a:e7:2c:93:99:90:1b:
da:10:b6:80:fd:d2:39:f7:13:40:5f:31:27:3d:29:
a3:2a:70:56:9e:77:95:84:3b:b3:84:d1:a6:7e:62:
2d:19:cf:3f:f3:18:1d:3f:7a:fc:53:6e:19:8c:32:
c3:c2:44:c3:23:b9:ae:f4:c1:6d:dd:b1:43:12:c2:
63:eb:55:86:c9:bd:04:c2:6b:8d:f9:a2:16:13:44:
15:d8:da:53:f7:b0:e2:6c:1b:d3:8c:9f:6e:3b:1f:
be:e7:94:32:07:2e:ec:e0:b3:df:fd:a6:4d:4a:d4:
d2:92:f9:4d:f9:f5:a2:e4:a0:bb:ac:56:0a:9a:31:
9c:15:9b:d6:ac:d5:a3:ee:e3:89:e2:78:55:13:6f:
08:f7:2a:b7:ce:d2:95:f4:9a:af:5b:4b:a9:13:59:
09:51:eb:1d:aa:d3:c5:a9:c6:7e:9f:51:17:c0:ce:
1d:d5:6f:72:92:90:f3:79:3c:c0:3e:9e:68:24:48:
73:d7:ae:32:7e:e7:6b:42:fc:e6:27:0e:a4:e4:23:
8e:b6:65:6c:a3:60:da:6c:e7:aa:95:41:0a:3f:30:
1f:3c:1e:31:68:24:84:3c:d4:fe:98:9b:a7:72:cd:
e9:79:71:50:fd:b5:ad:22:bc:4c:97:f9:47:e4:a2:
47:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:95:6C:67:35:8D:A6:8A:92:EF:D5:F4:62:22:A4:EF:DA:61:C7:4C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h5VsZzWNpoqS79X0YiKk79phx0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6a:27:20:45:1e:90:aa:ff:b6:a3:48:94:7c:b7:cf:2b:8c:f8:
4e:d2:a6:f1:1e:df:86:99:82:b0:95:f9:59:9b:98:76:84:dd:
08:08:74:35:c6:7c:c8:1e:01:18:98:8f:70:8e:57:82:a5:ea:
bb:ed:94:e0:7a:db:11:2e:30:0c:1e:2e:46:54:3a:0f:12:b4:
74:e3:51:54:86:a1:05:c6:fe:2b:84:c0:89:19:01:90:c1:24:
d2:db:8f:08:46:c2:db:00:51:f1:6c:59:03:f1:9b:5d:61:93:
17:bf:78:5d:c7:86:76:e8:22:6c:e0:e5:ab:1e:86:6f:66:47:
ce:97:97:d6:57:15:f4:a7:1d:6f:9e:8d:b1:f7:94:35:21:a3:
54:ca:fc:4f:a8:ce:6f:a3:a1:79:ac:ef:1f:88:50:ee:9b:8c:
57:2e:4b:97:c0:cf:b7:73:a4:98:cb:31:bd:7a:f3:0f:89:d7:
8a:16:ec:8c:89:a7:a0:2e:04:cc:5d:db:a5:84:62:fb:8f:59:
07:97:e8:ab:a3:d7:d5:f7:55:c1:13:46:79:98:f0:36:e9:01:
fe:a2:8b:9d:8b:e5:e9:4e:6b:57:db:93:23:23:54:d6:2e:02:
64:91:e9:50:16:f1:72:33:da:ec:fc:81:c7:15:6c:1c:ae:cb:
2f:bc:16:f9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtYZP+HTFNXcWCs4UZm+jsNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIyMTcxODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Nzk1NmM2NzM1OGRhNjhhOTJlZmQ1ZjQ2MjIyYTRlZmRhNjFjNzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzC2vU4P6krnLJOZkBvaELaA/dI5
9xNAXzEnPSmjKnBWnneVhDuzhNGmfmItGc8/8xgdP3r8U24ZjDLDwkTDI7mu9MFt
3bFDEsJj61WGyb0EwmuN+aIWE0QV2NpT97DibBvTjJ9uOx++55QyBy7s4LPf/aZN
StTSkvlN+fWi5KC7rFYKmjGcFZvWrNWj7uOJ4nhVE28I9yq3ztKV9JqvW0upE1kJ
UesdqtPFqcZ+n1EXwM4d1W9ykpDzeTzAPp5oJEhz164yfudrQvzmJw6k5COOtmVs
o2DabOeqlUEKPzAfPB4xaCSEPNT+mJuncs3peXFQ/bWtIrxMl/lH5KJHDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIeVbGc1jaaKku/V9GIipO/aYcdMMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaDVWc1p6V05wb3FTNzlYMFlpS2s3OXBoeDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGonIEUekKr/tqNIlHy3
zyuM+E7SpvEe34aZgrCV+VmbmHaE3QgIdDXGfMgeARiYj3COV4Kl6rvtlOB62xEu
MAweLkZUOg8StHTjUVSGoQXG/iuEwIkZAZDBJNLbjwhGwtsAUfFsWQPxm11hkxe/
eF3HhnboImzg5asehm9mR86Xl9ZXFfSnHW+ejbH3lDUho1TK/E+ozm+joXms7x+I
UO6bjFcuS5fAz7dzpJjLMb168w+J14oW7IyJp6AuBMxd26WEYvuPWQeX6Kuj19X3
VcETRnmY8DbpAf6ii52L5elOa1fbkyMjVNYuAmSR6VAW8XIz2uz8gccVbByuyy+8
Fvk=
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:53:39 2025 by rpki-client