Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Hw1gz_YFJBXtszoJ452H8Xp_I7w.roa
File: Hw1gz_YFJBXtszoJ452H8Xp_I7w.roa (raw, json)
Hash identifier: GBmJGVyZjmEcnbO0gZ71qIyPR0vITT0qjAmHh+0BzME=
Subject key identifier: 1F:0D:60:CF:F6:05:24:15:ED:B3:3A:09:E3:9D:87:F1:7A:7F:23:BC
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AA119FF85CCE096A7D7401156F287D7E9
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Hw1gz_YFJBXtszoJ452H8Xp_I7w.roa
Signing time: Sun 17 Sep 2023 03:05:50 +0000
ROA not before: Sun 17 Sep 2023 03:05:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:a119:38eb/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a1:19:ff:85:cc:e0:96:a7:d7:40:11:56:f2:87:d7:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 17 03:05:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f0d60cff6052415edb33a09e39d87f17a7f23bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:44:55:42:9c:44:c4:c5:de:94:47:5e:b6:06:
8c:f0:16:48:47:8a:f9:db:97:ab:0c:74:82:41:21:
d0:90:87:49:c1:b1:cf:b2:c9:23:33:27:9e:b3:6b:
c9:40:e9:5d:82:75:b4:fc:7a:fc:96:e0:f3:ac:bb:
27:19:e7:e2:c9:05:6c:7f:a0:f3:56:fd:3c:0c:26:
ab:8f:88:40:dd:4e:e5:55:2f:11:32:1f:66:08:5f:
13:8e:b4:cc:67:41:ab:96:7c:5e:d3:d4:d0:e4:08:
b8:9d:35:e5:6b:8b:4b:87:8c:79:bf:11:33:26:b1:
38:a7:f2:c0:87:e0:1f:2c:d3:0e:2a:7d:15:ba:61:
f5:25:6d:3e:39:60:8d:4c:33:46:98:39:de:bc:50:
0f:0e:8e:74:de:90:59:43:cf:6c:69:c3:44:81:e7:
ea:08:17:01:0d:31:ba:f7:55:12:63:fe:c1:59:ad:
46:7b:59:65:2c:93:bb:db:8c:e6:2f:c9:7b:91:2d:
0d:f7:18:2a:db:d0:1c:7e:db:a9:92:af:39:55:7b:
05:79:91:f9:b4:0b:1c:70:62:5c:af:f0:1b:76:fa:
a7:27:d3:d5:f2:80:2c:8c:7e:84:75:89:36:d6:dc:
8d:55:4f:44:5f:60:c2:ed:34:87:a9:31:6b:8a:8d:
42:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:0D:60:CF:F6:05:24:15:ED:B3:3A:09:E3:9D:87:F1:7A:7F:23:BC
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Hw1gz_YFJBXtszoJ452H8Xp_I7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
57:66:5a:75:4a:f7:0f:58:86:4d:2d:bb:37:d9:84:e7:d8:88:
c5:52:b2:2f:89:3d:24:f1:6f:eb:b2:65:ca:ce:4b:5f:e2:16:
99:16:92:79:18:c7:c7:bb:f7:3a:05:db:0c:50:b7:f4:b1:55:
c1:8f:66:a3:09:74:a0:da:c4:c7:99:7c:4e:d7:63:74:32:bf:
c9:39:e7:40:06:c8:f6:bb:6d:d1:48:d0:7a:6f:5b:c4:f9:e3:
6a:ab:cb:ef:71:3d:59:cc:ae:3a:07:b8:01:c5:cb:a7:2f:ee:
9f:7b:28:08:62:5c:c0:86:3d:d4:9e:cc:96:1a:fd:1e:2e:2d:
d3:06:e2:81:51:15:94:81:75:9f:d2:88:83:bb:05:72:2a:73:
04:e0:6b:90:38:0f:b5:7f:8f:c2:50:1a:6e:db:34:6f:14:41:
40:ba:f5:0a:d0:e0:bd:2f:c3:28:67:2c:03:16:93:75:c9:7c:
52:bc:1c:d3:98:13:10:02:dc:bd:e1:31:63:7a:64:d6:6f:9d:
65:9b:13:16:da:f5:28:6e:e1:f9:48:0a:15:83:68:b0:4c:22:
bd:ad:50:8a:9c:10:d8:3b:d4:89:25:8c:27:68:33:11:21:52:
79:4b:2b:a0:35:1e:ca:f3:86:60:2c:a0:46:83:13:be:1b:ef:
6b:cf:df:7c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqhGf+FzOCWp9dAEVbyh9fpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE3MDMwNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjBkNjBjZmY2MDUyNDE1ZWRiMzNhMDllMzlkODdmMTdhN2YyM2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7URVQpxExMXelEdetgaM8BZIR4r5
25erDHSCQSHQkIdJwbHPsskjMyees2vJQOldgnW0/Hr8luDzrLsnGefiyQVsf6Dz
Vv08DCarj4hA3U7lVS8RMh9mCF8TjrTMZ0Grlnxe09TQ5Ai4nTXla4tLh4x5vxEz
JrE4p/LAh+AfLNMOKn0VumH1JW0+OWCNTDNGmDnevFAPDo503pBZQ89sacNEgefq
CBcBDTG691USY/7BWa1Ge1llLJO724zmL8l7kS0N9xgq29Acftupkq85VXsFeZH5
tAsccGJcr/AbdvqnJ9PV8oAsjH6EdYk21tyNVU9EX2DC7TSHqTFrio1CHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB8NYM/2BSQV7bM6CeOdh/F6fyO8MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvSHcxZ3pfWUZKQlh0c3pvSjQ1Mkg4WHBfSTd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFdmWnVK9w9Yhk0tuzfZ
hOfYiMVSsi+JPSTxb+uyZcrOS1/iFpkWknkYx8e79zoF2wxQt/SxVcGPZqMJdKDa
xMeZfE7XY3Qyv8k550AGyPa7bdFI0HpvW8T542qry+9xPVnMrjoHuAHFy6cv7p97
KAhiXMCGPdSezJYa/R4uLdMG4oFRFZSBdZ/SiIO7BXIqcwTga5A4D7V/j8JQGm7b
NG8UQUC69QrQ4L0vwyhnLAMWk3XJfFK8HNOYExAC3L3hMWN6ZNZvnWWbExba9Shu
4flIChWDaLBMIr2tUIqcENg71IkljCdoMxEhUnlLK6A1HsrzhmAsoEaDE74b72vP
33w=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:32:25 2025 by rpki-client