Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hCI3j6VsKj2Js4E9y_bhuCMI5rQ.roa
File: hCI3j6VsKj2Js4E9y_bhuCMI5rQ.roa (raw, json)
Hash identifier: 7wyywpaeK8SaYAns0v3T3HiAuEsjPvAmeLtwNmInitY=
Subject key identifier: 84:22:37:8F:A5:6C:2A:3D:89:B3:81:3D:CB:F6:E1:B8:23:08:E6:B4
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BAE64669B76543AA38C85237A035FDF91
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hCI3j6VsKj2Js4E9y_bhuCMI5rQ.roa
Signing time: Wed 08 Nov 2023 10:04:57 +0000
ROA not before: Wed 08 Nov 2023 10:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:ae64:5f3d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ae:64:66:9b:76:54:3a:a3:8c:85:23:7a:03:5f:df:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 8 10:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8422378fa56c2a3d89b3813dcbf6e1b82308e6b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:cf:c2:dc:04:d6:33:5f:4b:c2:4e:eb:cf:85:
4b:76:2a:25:4c:9a:95:c0:e7:c1:1b:03:f4:6e:3f:
c1:bc:24:ff:02:b9:70:ca:0e:7b:14:e8:db:64:97:
45:39:08:0a:fd:65:97:29:5f:dd:11:d0:4b:73:e6:
15:eb:80:2b:49:9b:56:f0:25:ad:53:42:3c:a0:85:
0d:0c:1f:66:96:8b:4e:71:54:49:ed:4e:85:bb:c1:
d9:f3:76:2f:3b:81:7a:57:d6:7f:4c:75:1e:3f:5c:
7f:50:52:b4:6a:8d:d6:62:d4:f8:3c:73:77:d2:3f:
10:6c:e6:ac:38:de:6f:08:81:dd:66:80:40:7d:f1:
03:59:40:a6:48:bc:91:8b:79:1a:26:9e:63:57:ec:
97:b0:a7:c0:78:a3:28:75:8a:2d:8c:bd:18:4b:f3:
37:31:68:66:d2:4d:39:b7:27:a4:db:82:f9:9d:60:
e9:9c:96:27:8b:11:04:45:5b:a9:50:c0:e3:fe:45:
f4:85:07:c4:f0:4d:88:a8:e3:71:54:b8:fc:89:21:
ff:93:a9:5e:65:77:6b:7a:94:29:48:7a:d4:9b:95:
21:58:eb:76:1c:d1:37:f1:4e:0b:b1:70:c5:51:d7:
96:90:64:e9:cf:c9:c8:69:74:0b:2f:a1:97:f2:9c:
e5:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:22:37:8F:A5:6C:2A:3D:89:B3:81:3D:CB:F6:E1:B8:23:08:E6:B4
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hCI3j6VsKj2Js4E9y_bhuCMI5rQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b5:97:bc:66:e0:44:75:1e:79:82:1b:c9:05:b5:72:5a:6a:81:
29:ec:d4:92:98:84:21:82:78:c9:cf:6e:d6:d2:d2:09:3c:5c:
3d:5c:2b:d8:79:e0:6c:dd:a4:11:7a:21:43:3a:c8:63:aa:7a:
f7:40:ce:d3:87:02:47:f8:8e:fd:66:1e:da:43:36:d0:81:f6:
b4:5e:48:15:4f:c5:18:70:71:e7:eb:53:d2:2f:42:cd:9c:39:
05:36:53:70:d2:d4:81:5b:40:6c:c4:20:2e:d9:a8:0d:21:5f:
5c:f3:da:13:be:84:a5:d8:42:a2:7b:f5:a7:b2:a5:44:bd:bf:
4a:8b:c0:63:4a:cc:46:42:da:65:d5:be:a9:41:8b:d1:b2:ff:
8f:e9:b9:91:71:9a:eb:70:04:4a:01:41:bd:ce:ea:9a:79:a4:
96:bf:88:a7:6c:ec:7f:b5:3f:f1:fc:b9:fb:67:e4:c7:36:0a:
3b:e4:79:8a:bf:91:57:6f:d4:21:92:71:20:e7:5b:7d:9d:ec:
6b:69:ea:44:c5:d5:d3:f5:d3:1e:fa:7f:18:2d:20:47:35:f9:
44:ed:b1:53:72:ae:62:f8:b2:89:75:d1:bd:c4:73:a2:3b:2b:
6d:a8:ec:ef:91:b3:23:3e:fb:4a:7b:34:12:94:01:01:54:5e:
41:04:41:13
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuuZGabdlQ6o4yFI3oDX9+RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA4MTAwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDIyMzc4ZmE1NmMyYTNkODliMzgxM2RjYmY2ZTFiODIzMDhlNmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhc/C3ATWM19Lwk7rz4VLdiolTJqV
wOfBGwP0bj/BvCT/Arlwyg57FOjbZJdFOQgK/WWXKV/dEdBLc+YV64ArSZtW8CWt
U0I8oIUNDB9mlotOcVRJ7U6Fu8HZ83YvO4F6V9Z/THUeP1x/UFK0ao3WYtT4PHN3
0j8QbOasON5vCIHdZoBAffEDWUCmSLyRi3kaJp5jV+yXsKfAeKModYotjL0YS/M3
MWhm0k05tyek24L5nWDpnJYnixEERVupUMDj/kX0hQfE8E2IqONxVLj8iSH/k6le
ZXdrepQpSHrUm5UhWOt2HNE38U4LsXDFUdeWkGTpz8nIaXQLL6GX8pzllQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIQiN4+lbCo9ibOBPcv24bgjCOa0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaENJM2o2VnNLajJKczRFOXlfYmh1Q01JNXJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALWXvGbgRHUeeYIbyQW1
clpqgSns1JKYhCGCeMnPbtbS0gk8XD1cK9h54GzdpBF6IUM6yGOqevdAztOHAkf4
jv1mHtpDNtCB9rReSBVPxRhwcefrU9IvQs2cOQU2U3DS1IFbQGzEIC7ZqA0hX1zz
2hO+hKXYQqJ79aeypUS9v0qLwGNKzEZC2mXVvqlBi9Gy/4/puZFxmutwBEoBQb3O
6pp5pJa/iKds7H+1P/H8uftn5Mc2CjvkeYq/kVdv1CGScSDnW32d7Gtp6kTF1dP1
0x76fxgtIEc1+UTtsVNyrmL4sol10b3Ec6I7K22o7O+RsyM++0p7NBKUAQFUXkEE
QRM=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:06:37 2025 by rpki-client