Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/heB8IfG6eCMnZmTYgSv8dghZujc.roa
File: heB8IfG6eCMnZmTYgSv8dghZujc.roa (raw, json)
Hash identifier: GB0hqVvIpsJfrKAKj8jLA+L+9wxU+vDUAsTzfC2OIiM=
Subject key identifier: 85:E0:7C:21:F1:BA:78:23:27:66:64:D8:81:2B:FC:76:08:59:BA:37
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BA4C6D5EDD2D14EBFC45EDEEF32C44AEC
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/heB8IfG6eCMnZmTYgSv8dghZujc.roa
Signing time: Mon 06 Nov 2023 13:16:16 +0000
ROA not before: Mon 06 Nov 2023 13:16:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a4:c6:d5:ed:d2:d1:4e:bf:c4:5e:de:ef:32:c4:4a:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 6 13:16:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85e07c21f1ba7823276664d8812bfc760859ba37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:eb:a5:74:17:76:62:43:35:ab:61:9e:8b:98:
a2:af:51:98:08:0d:4e:ae:7d:6c:34:2e:c1:90:12:
a6:a9:80:d7:99:ae:ae:76:51:96:a4:83:80:1f:e2:
cb:a5:11:15:50:d8:12:a8:87:d0:59:36:74:d5:0a:
57:7c:cd:26:bd:8b:ce:27:9f:6a:d1:bf:76:16:c5:
4e:cf:f3:46:e9:08:42:1d:fe:54:a3:52:d0:ef:c8:
d6:c5:01:9f:b8:73:08:b1:38:43:cc:96:d2:29:4e:
10:df:ab:1f:e7:89:24:4a:2a:fe:14:f1:37:78:2d:
80:f1:ac:e0:55:2b:d1:d7:60:13:f1:ba:b3:81:2d:
0e:93:35:7a:4e:10:f6:10:ae:4d:b1:e7:f1:58:a1:
4c:37:7c:14:71:b0:6b:f7:fc:6c:fb:7d:ba:bf:ea:
12:a7:de:74:6d:b3:9e:53:3c:7f:72:b6:69:5b:d4:
62:1d:85:bd:70:d3:66:05:ca:bc:0f:d4:5d:68:13:
c2:fd:7b:5b:94:98:8d:64:e1:11:cb:d8:16:34:5a:
88:5b:ac:bd:43:39:69:9c:26:70:ba:5a:1e:52:8d:
41:ac:80:f2:e5:d3:66:b7:34:26:07:12:39:db:d5:
70:42:75:ab:9d:10:5d:dd:bf:39:05:1f:fc:0b:20:
db:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:E0:7C:21:F1:BA:78:23:27:66:64:D8:81:2B:FC:76:08:59:BA:37
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/heB8IfG6eCMnZmTYgSv8dghZujc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:06:05:c2:27:94:eb:be:7d:e3:20:55:ec:03:17:67:67:dc:
d1:15:23:29:99:c7:5a:ba:76:03:84:b8:57:5a:bb:70:71:29:
21:5c:af:52:51:d6:b9:87:35:87:dd:a5:ca:b4:bf:03:74:e7:
a1:af:1a:02:4d:b7:85:a3:d8:03:d5:0d:04:f3:60:7d:e8:3a:
45:b9:0f:e9:1e:d7:bc:f3:d2:52:93:9e:b5:1b:76:e8:82:87:
f9:03:1f:a1:9d:68:18:79:19:d5:df:d0:ce:18:95:96:db:9b:
b8:d8:9f:63:5c:f4:af:4c:c3:dc:13:17:d2:49:59:36:57:ef:
1c:00:74:98:83:38:6f:f3:25:34:13:2d:b2:43:96:f2:a7:5d:
1d:a8:03:34:76:8b:5d:17:60:a8:b1:0f:aa:8a:8b:f9:21:10:
87:a4:ff:b6:f5:39:f6:b9:7a:2f:0e:d8:a9:42:7b:e1:eb:7a:
08:21:9c:5e:c5:ec:3d:47:fc:43:68:db:48:f1:2e:1d:3d:33:
c4:36:e5:c1:ed:7d:e9:4a:93:70:2a:12:d2:c2:ee:32:2e:97:
37:a4:0a:bc:f1:88:65:da:f9:e1:a2:d0:d4:1c:15:59:ac:f4:
28:27:bf:21:27:84:46:d4:dd:8d:81:78:41:35:12:38:57:e2:
ee:63:a3:d7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYukxtXt0tFOv8Re3u8yxErsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA2MTMxNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWUwN2MyMWYxYmE3ODIzMjc2NjY0ZDg4MTJiZmM3NjA4NTliYTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+uldBd2YkM1q2Gei5iir1GYCA1O
rn1sNC7BkBKmqYDXma6udlGWpIOAH+LLpREVUNgSqIfQWTZ01QpXfM0mvYvOJ59q
0b92FsVOz/NG6QhCHf5Uo1LQ78jWxQGfuHMIsThDzJbSKU4Q36sf54kkSir+FPE3
eC2A8azgVSvR12AT8bqzgS0OkzV6ThD2EK5NsefxWKFMN3wUcbBr9/xs+326v+oS
p950bbOeUzx/crZpW9RiHYW9cNNmBcq8D9RdaBPC/XtblJiNZOERy9gWNFqIW6y9
QzlpnCZwuloeUo1BrIDy5dNmtzQmBxI529VwQnWrnRBd3b85BR/8CyDbawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIXgfCHxungjJ2Zk2IEr/HYIWbo3MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaGVCOElmRzZlQ01uWm1UWWdTdjhkZ2hadWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF8GBcInlOu+feMgVewD
F2dn3NEVIymZx1q6dgOEuFdau3BxKSFcr1JR1rmHNYfdpcq0vwN056GvGgJNt4Wj
2APVDQTzYH3oOkW5D+ke17zz0lKTnrUbduiCh/kDH6GdaBh5GdXf0M4YlZbbm7jY
n2Nc9K9Mw9wTF9JJWTZX7xwAdJiDOG/zJTQTLbJDlvKnXR2oAzR2i10XYKixD6qK
i/khEIek/7b1Ofa5ei8O2KlCe+HregghnF7F7D1H/ENo20jxLh09M8Q25cHtfelK
k3AqEtLC7jIulzekCrzxiGXa+eGi0NQcFVms9CgnvyEnhEbU3Y2BeEE1EjhX4u5j
o9c=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:33:47 2025 by rpki-client