Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hu-on4PwC4W4XvsPTgTvq918odY.roa
File: hu-on4PwC4W4XvsPTgTvq918odY.roa (raw, json)
Hash identifier: LSmk1GX5lNFLWf1uVBRp1PrwBLh5cRZcXEvOv4MzQas=
Subject key identifier: 86:EF:A8:9F:83:F0:0B:85:B8:5E:FB:0F:4E:04:EF:AB:DD:7C:A1:D6
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B37C653D7DA227F206739FE834BA3F937
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hu-on4PwC4W4XvsPTgTvq918odY.roa
Signing time: Mon 16 Oct 2023 09:17:06 +0000
ROA not before: Mon 16 Oct 2023 09:17:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:37:c6:53:d7:da:22:7f:20:67:39:fe:83:4b:a3:f9:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 16 09:17:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86efa89f83f00b85b85efb0f4e04efabdd7ca1d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:27:e6:a3:3a:44:25:bc:af:b9:41:5b:8f:f8:
e7:fe:39:99:3e:65:73:62:2a:cf:25:63:12:a7:36:
bd:cf:89:95:9c:3e:1f:ce:d1:eb:61:0c:58:23:ba:
11:f3:c3:2a:a3:a2:2b:1e:48:3f:8d:6f:cf:74:2a:
17:bd:44:fe:b2:c4:89:95:c7:09:8b:46:77:f1:96:
07:ce:81:cd:2f:a7:28:3e:4e:12:2b:29:fe:ea:7a:
66:88:52:46:f1:31:db:3d:56:d7:ba:a5:7d:62:ff:
a7:71:b7:52:38:fe:a9:cf:13:ff:e8:b3:c1:b3:81:
90:cb:c2:97:cb:8d:ad:ad:5c:e0:91:73:36:86:48:
6d:a5:26:a3:2f:95:3a:ed:89:94:99:c9:ef:2c:14:
a6:43:a4:97:aa:df:ea:b1:ce:f6:4f:4a:db:d4:a9:
b2:22:6f:21:90:55:4c:94:b1:15:26:a6:b9:67:84:
50:e8:4a:f2:76:ee:80:9a:83:d8:b7:97:b2:0c:31:
14:22:65:15:b2:33:5b:97:f1:49:db:6a:30:5d:ec:
e3:aa:01:58:2c:1d:10:eb:a2:c2:01:3c:ab:6f:ac:
97:d5:dd:ea:2d:33:0b:7f:62:63:f7:5e:44:1e:43:
2c:ed:47:f9:90:4a:8d:4b:83:cb:83:b0:ed:85:d0:
5e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:EF:A8:9F:83:F0:0B:85:B8:5E:FB:0F:4E:04:EF:AB:DD:7C:A1:D6
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hu-on4PwC4W4XvsPTgTvq918odY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b4:59:f1:68:f0:33:30:8c:02:97:ca:98:b6:6a:79:07:1e:7a:
80:a6:a4:44:14:28:4a:9a:98:ae:31:63:46:53:c0:6a:c8:b5:
9d:ae:ba:f9:78:02:24:fc:09:21:e6:f8:1c:91:44:0f:c7:aa:
87:a3:35:6d:2a:43:e9:8c:8a:40:ce:1e:10:93:ab:71:4b:b5:
13:26:3a:5d:c9:e9:9a:c9:26:4d:c5:0a:2c:87:c6:77:16:01:
bb:b2:ff:cc:fa:44:62:17:cb:ee:87:e5:84:9f:46:9f:8d:32:
be:9a:67:ba:d2:79:c5:0b:82:41:e2:51:1a:9d:a3:12:15:b6:
85:7b:de:bc:26:3d:94:61:35:f0:40:d2:ff:62:ef:68:50:cb:
1d:c0:53:8e:cc:c5:f9:5e:5e:65:59:c3:7d:d3:9a:2e:63:dc:
b5:da:6f:aa:cb:5f:74:64:f7:a1:95:8b:4d:89:4a:10:69:37:
c2:6d:fb:6d:64:9a:26:b0:21:d4:65:58:0d:31:a0:09:20:99:
0e:81:27:a4:5a:a5:d7:81:ee:ec:63:b4:c3:3c:81:46:8f:c6:
e0:cd:75:2c:ed:b2:d9:ba:c3:ab:a9:08:1f:25:4c:7c:13:db:
83:48:fe:2b:71:86:67:69:0b:fa:c6:42:0c:7e:03:8c:c0:87:
e5:a8:1a:37
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYs3xlPX2iJ/IGc5/oNLo/k3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE2MDkxNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmVmYTg5ZjgzZjAwYjg1Yjg1ZWZiMGY0ZTA0ZWZhYmRkN2NhMWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSfmozpEJbyvuUFbj/jn/jmZPmVz
YirPJWMSpza9z4mVnD4fztHrYQxYI7oR88Mqo6IrHkg/jW/PdCoXvUT+ssSJlccJ
i0Z38ZYHzoHNL6coPk4SKyn+6npmiFJG8THbPVbXuqV9Yv+ncbdSOP6pzxP/6LPB
s4GQy8KXy42trVzgkXM2hkhtpSajL5U67YmUmcnvLBSmQ6SXqt/qsc72T0rb1Kmy
Im8hkFVMlLEVJqa5Z4RQ6Erydu6AmoPYt5eyDDEUImUVsjNbl/FJ22owXezjqgFY
LB0Q66LCATyrb6yX1d3qLTMLf2Jj915EHkMs7Uf5kEqNS4PLg7DthdBeuQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIbvqJ+D8AuFuF77D04E76vdfKHWMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaHUtb240UHdDNFc0WHZzUFRnVHZxOTE4b2RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALRZ8WjwMzCMApfKmLZq
eQceeoCmpEQUKEqamK4xY0ZTwGrItZ2uuvl4AiT8CSHm+ByRRA/HqoejNW0qQ+mM
ikDOHhCTq3FLtRMmOl3J6ZrJJk3FCiyHxncWAbuy/8z6RGIXy+6H5YSfRp+NMr6a
Z7rSecULgkHiURqdoxIVtoV73rwmPZRhNfBA0v9i72hQyx3AU47MxfleXmVZw33T
mi5j3LXab6rLX3Rk96GVi02JShBpN8Jt+21kmiawIdRlWA0xoAkgmQ6BJ6RapdeB
7uxjtMM8gUaPxuDNdSztstm6w6upCB8lTHwT24NI/itxhmdpC/rGQgx+A4zAh+Wo
Gjc=
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:59:47 2025 by rpki-client