Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hyxCQLNVqNgjJYFAlDVfgW2lob8.roa
File: hyxCQLNVqNgjJYFAlDVfgW2lob8.roa (raw, json)
Hash identifier: Q4Lec/K9SRbjQ8vTxsQjSyHsfood5l8ewTqnRFizmNg=
Subject key identifier: 87:2C:42:40:B3:55:A8:D8:23:25:81:40:94:35:5F:81:6D:A5:A1:BF
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ADFF8335FD62067D8C98E0B6C3109B4CE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hyxCQLNVqNgjJYFAlDVfgW2lob8.roa
Signing time: Fri 29 Sep 2023 08:04:59 +0000
ROA not before: Fri 29 Sep 2023 08:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:dff7:bb17/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:df:f8:33:5f:d6:20:67:d8:c9:8e:0b:6c:31:09:b4:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 29 08:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=872c4240b355a8d82325814094355f816da5a1bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:88:33:56:28:f0:3f:c5:fb:77:17:a4:3c:0b:
6e:7a:a8:33:5b:e6:d6:b9:e4:21:d2:a4:8a:94:bd:
22:df:43:f9:44:6a:c0:b2:1b:24:0d:6f:dd:32:9a:
bf:13:6b:42:9c:fd:89:49:f8:71:bf:8f:11:a2:f8:
f8:2c:ee:d2:78:2a:87:07:2a:2b:9c:09:92:ef:4f:
c7:55:fa:65:e1:34:27:e3:ef:f5:c4:a3:07:4c:03:
d2:0e:81:b8:aa:f1:27:90:3f:43:47:14:e4:74:e0:
ec:b9:ed:61:1e:ca:8a:b8:a7:e1:bd:e8:7d:9b:16:
21:ab:ea:5a:4d:7f:ca:32:e1:6f:0c:f9:95:25:85:
55:ae:ef:9a:51:23:45:35:5b:bf:de:38:7b:eb:4f:
e2:5b:0b:76:3a:a6:9d:e3:a1:f1:d1:69:cc:15:55:
16:68:c3:5d:12:fd:aa:6f:df:fe:9c:50:f5:08:50:
f7:36:e9:88:78:d2:0f:5e:94:c1:b8:6b:60:dc:28:
13:40:c9:71:d4:e2:8a:ca:a4:be:5d:9f:62:7e:b6:
82:3e:87:c1:69:69:3a:5b:94:26:ba:ac:44:cf:e6:
6b:08:14:dd:e6:69:8e:21:03:e3:ab:be:99:b1:33:
9d:f7:1a:5b:19:96:46:6f:7f:3e:19:e8:3f:9b:d1:
fe:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:2C:42:40:B3:55:A8:D8:23:25:81:40:94:35:5F:81:6D:A5:A1:BF
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hyxCQLNVqNgjJYFAlDVfgW2lob8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6c:80:43:f7:be:88:60:db:fc:c3:af:4f:4f:2f:f3:a0:77:4f:
15:22:52:05:20:b3:5b:13:cb:3c:6d:c8:3c:04:57:50:5f:e1:
a9:93:a8:97:81:74:91:d9:07:b8:35:74:96:8e:13:4f:ac:31:
9c:d9:1c:4a:73:bb:80:af:3d:3b:26:ea:7b:58:3c:76:e4:f9:
b5:05:ad:11:fe:75:ef:fc:63:0e:e1:c3:be:61:6e:0b:78:45:
2a:76:6b:93:43:b5:fd:46:df:21:33:fb:3b:68:1c:c5:aa:71:
11:ab:22:59:a8:ff:7d:66:6c:5b:f9:2c:fd:81:c3:7b:c7:81:
61:ae:a1:fb:ee:f9:c1:c3:69:a5:cc:31:97:d2:db:5f:7e:d3:
88:9f:76:ad:0d:6e:b4:21:8a:00:52:1d:d0:db:e5:35:02:b9:
24:bd:bf:aa:c4:f1:5e:5b:53:20:5c:18:a4:1f:8d:fa:63:79:
80:f2:79:93:32:be:2e:c9:52:ca:e6:b0:c1:5c:8c:0e:79:5d:
de:7b:85:c2:d2:db:26:f4:f7:2d:7b:16:1a:60:af:be:45:34:
56:31:01:42:15:7a:34:e2:5b:a6:45:a3:99:22:48:01:bd:bc:
88:3a:8f:18:8e:89:85:35:4e:d5:01:fb:4b:d3:9c:14:fe:0b:
a1:e4:63:af
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrf+DNf1iBn2MmOC2wxCbTOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI5MDgwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzJjNDI0MGIzNTVhOGQ4MjMyNTgxNDA5NDM1NWY4MTZkYTVhMWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4gzVijwP8X7dxekPAtueqgzW+bW
ueQh0qSKlL0i30P5RGrAshskDW/dMpq/E2tCnP2JSfhxv48Rovj4LO7SeCqHByor
nAmS70/HVfpl4TQn4+/1xKMHTAPSDoG4qvEnkD9DRxTkdODsue1hHsqKuKfhveh9
mxYhq+paTX/KMuFvDPmVJYVVru+aUSNFNVu/3jh760/iWwt2Oqad46Hx0WnMFVUW
aMNdEv2qb9/+nFD1CFD3NumIeNIPXpTBuGtg3CgTQMlx1OKKyqS+XZ9ifraCPofB
aWk6W5QmuqxEz+ZrCBTd5mmOIQPjq76ZsTOd9xpbGZZGb38+Geg/m9H+YwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIcsQkCzVajYIyWBQJQ1X4FtpaG/MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaHl4Q1FMTlZxTmdqSllGQWxEVmZnVzJsb2I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGyAQ/e+iGDb/MOvT08v
86B3TxUiUgUgs1sTyzxtyDwEV1Bf4amTqJeBdJHZB7g1dJaOE0+sMZzZHEpzu4Cv
PTsm6ntYPHbk+bUFrRH+de/8Yw7hw75hbgt4RSp2a5NDtf1G3yEz+ztoHMWqcRGr
Ilmo/31mbFv5LP2Bw3vHgWGuofvu+cHDaaXMMZfS219+04ifdq0NbrQhigBSHdDb
5TUCuSS9v6rE8V5bUyBcGKQfjfpjeYDyeZMyvi7JUsrmsMFcjA55Xd57hcLS2yb0
9y17Fhpgr75FNFYxAUIVejTiW6ZFo5kiSAG9vIg6jxiOiYU1TtUB+0vTnBT+C6Hk
Y68=
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:09:56 2025 by rpki-client