Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hXshX9N3SLUHAU7zWGlV6p5BVf8.roa
File: hXshX9N3SLUHAU7zWGlV6p5BVf8.roa (raw, json)
Hash identifier: e/mVtxLOTMiI3YJ3yWmDGkoNhV5K0GX4YpwkfTumasw=
Subject key identifier: 85:7B:21:5F:D3:77:48:B5:07:01:4E:F3:58:69:55:EA:9E:41:55:FF
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C2BEBC8FC0DF5D546732C7914A68D9626
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hXshX9N3SLUHAU7zWGlV6p5BVf8.roa
Signing time: Sat 02 Dec 2023 19:05:21 +0000
ROA not before: Sat 02 Dec 2023 19:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:2bea:ef84/128 maxlen: 128
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2b:eb:c8:fc:0d:f5:d5:46:73:2c:79:14:a6:8d:96:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 2 19:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=857b215fd37748b507014ef3586955ea9e4155ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:56:f6:84:ef:ab:ce:78:72:97:6e:51:c6:e9:
77:63:e5:dd:1e:1c:94:47:d0:2a:b2:fb:e1:db:65:
77:95:12:ae:3c:aa:a7:21:f4:bf:2d:fe:0e:fc:ee:
54:3e:07:9f:40:5b:4c:57:61:d9:13:f6:8e:bf:4a:
31:92:9d:11:6d:7f:a6:e2:fa:a4:ee:1b:ce:6d:bc:
05:c7:35:a9:9d:d1:f8:46:d6:2d:49:50:78:9a:2e:
76:cd:75:ec:4d:ea:8c:71:68:b3:21:87:de:e5:54:
ec:cb:70:05:c4:5f:d9:18:bb:cb:4f:ab:14:78:3d:
d0:a3:41:96:4c:d8:2d:ba:66:1e:73:fe:cc:9b:da:
23:a9:81:28:e6:ea:e1:2b:23:91:ef:6c:5c:62:d6:
e6:71:ff:09:63:5b:b3:46:02:24:2c:22:3a:80:8d:
1b:fe:32:28:55:71:d3:25:11:bc:15:a1:86:9c:64:
d8:6c:4c:77:47:97:32:1c:1a:13:f4:10:f5:22:fb:
e5:2d:5d:f2:19:d1:38:bb:33:50:ed:c8:30:31:8e:
db:6e:d5:05:ad:9d:60:47:32:6e:4c:de:21:2f:9a:
dc:d8:50:f2:d2:dd:61:3c:18:2e:c6:99:cb:dc:be:
83:6f:cf:68:94:f2:fe:79:d7:1d:04:14:07:2c:0e:
be:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:7B:21:5F:D3:77:48:B5:07:01:4E:F3:58:69:55:EA:9E:41:55:FF
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hXshX9N3SLUHAU7zWGlV6p5BVf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c0:3a:15:2d:c1:13:b8:42:90:70:29:59:dc:40:aa:2b:1f:09:
76:51:ce:3e:10:8c:e3:f8:b7:84:cd:db:d6:1f:0e:bf:33:fb:
42:23:01:b1:7e:cb:eb:f4:37:3d:1b:2b:d2:d5:2c:61:ba:16:
f6:49:ac:d6:5f:30:b1:0b:68:95:c5:fb:39:02:db:fc:80:a7:
1f:a7:77:cc:11:6b:a8:76:f9:3f:72:f1:96:e1:6b:65:66:72:
ae:97:c1:e3:e2:c2:d3:a5:c4:cc:21:6b:36:73:55:64:38:4e:
2d:2d:53:aa:94:27:2f:cd:f7:b5:42:95:07:53:bf:ba:bf:af:
13:87:e3:e8:16:07:58:70:c8:ce:86:9d:54:86:9f:93:51:e6:
48:df:ad:bd:93:d9:53:da:22:17:2f:e7:c9:6a:3f:fb:9c:dc:
b7:af:27:a0:c3:9e:8e:98:4e:7e:5a:a2:5a:1f:6e:ae:c0:e8:
a3:7e:ee:7d:ec:95:c3:0d:a8:16:5c:24:af:82:5c:3f:7a:56:
5c:93:8b:e4:34:ba:4a:d1:06:61:2a:6b:74:48:70:ea:75:84:
9a:aa:b0:51:b5:6f:38:a4:18:9b:5d:9a:04:c7:d6:0d:9e:a2:
23:a1:39:57:97:1d:df:e7:a0:69:e8:81:f0:95:14:54:48:c7:
6e:d8:f0:fb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwr68j8DfXVRnMseRSmjZYmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAyMTkwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTdiMjE1ZmQzNzc0OGI1MDcwMTRlZjM1ODY5NTVlYTllNDE1NWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolb2hO+rznhyl25Rxul3Y+XdHhyU
R9Aqsvvh22V3lRKuPKqnIfS/Lf4O/O5UPgefQFtMV2HZE/aOv0oxkp0RbX+m4vqk
7hvObbwFxzWpndH4RtYtSVB4mi52zXXsTeqMcWizIYfe5VTsy3AFxF/ZGLvLT6sU
eD3Qo0GWTNgtumYec/7Mm9ojqYEo5urhKyOR72xcYtbmcf8JY1uzRgIkLCI6gI0b
/jIoVXHTJRG8FaGGnGTYbEx3R5cyHBoT9BD1IvvlLV3yGdE4uzNQ7cgwMY7bbtUF
rZ1gRzJuTN4hL5rc2FDy0t1hPBguxpnL3L6Db89olPL+edcdBBQHLA6+PwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIV7IV/Td0i1BwFO81hpVeqeQVX/MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaFhzaFg5TjNTTFVIQVU3eldHbFY2cDVCVmY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMA6FS3BE7hCkHApWdxA
qisfCXZRzj4QjOP4t4TN29YfDr8z+0IjAbF+y+v0Nz0bK9LVLGG6FvZJrNZfMLEL
aJXF+zkC2/yApx+nd8wRa6h2+T9y8Zbha2Vmcq6XwePiwtOlxMwhazZzVWQ4Ti0t
U6qUJy/N97VClQdTv7q/rxOH4+gWB1hwyM6GnVSGn5NR5kjfrb2T2VPaIhcv58lq
P/uc3LevJ6DDno6YTn5aolofbq7A6KN+7n3slcMNqBZcJK+CXD96VlyTi+Q0ukrR
BmEqa3RIcOp1hJqqsFG1bzikGJtdmgTH1g2eoiOhOVeXHd/noGnogfCVFFRIx27Y
8Ps=
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:41:20 2025 by rpki-client