Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hNEPcWNSgOjUEngreI1ExllYz2s.roa
File: hNEPcWNSgOjUEngreI1ExllYz2s.roa (raw, json)
Hash identifier: Oe+jzGdzjtoBA1zlVyNep8ve17xHygeBEIN13rjQmTQ=
Subject key identifier: 84:D1:0F:71:63:52:80:E8:D4:12:78:2B:78:8D:44:C6:59:58:CF:6B
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6E75471B75013132CA46489281F97F01
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hNEPcWNSgOjUEngreI1ExllYz2s.roa
Signing time: Thu 07 Sep 2023 07:04:54 +0000
ROA not before: Thu 07 Sep 2023 07:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:6e74:a372/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6e:75:47:1b:75:01:31:32:ca:46:48:92:81:f9:7f:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 7 07:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84d10f71635280e8d412782b788d44c65958cf6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0b:76:01:da:3e:2c:6b:eb:67:fe:49:af:7a:
cd:67:90:9e:4b:e6:3a:05:ec:86:98:41:ca:cf:74:
33:1e:ce:08:2a:5e:fb:2c:29:1d:d9:86:33:b7:95:
70:89:f7:ce:7e:be:88:3b:4c:27:a4:a3:ee:fd:8f:
d2:ec:22:e5:16:aa:dd:99:d8:b5:99:74:03:c6:39:
67:7b:69:f6:38:fe:d7:d1:3e:4d:73:78:f4:55:99:
86:d0:de:90:6a:73:1a:03:49:75:99:78:11:ed:1e:
9b:a0:ef:cc:15:ca:76:60:c5:07:b9:70:b8:66:d4:
0f:f9:90:24:79:93:5a:8e:a0:74:bc:8c:ff:eb:3c:
fc:c3:1b:53:2e:fb:25:3c:13:5a:93:0d:cd:f3:e1:
48:cc:30:dd:4c:02:53:4f:6c:10:1a:03:94:57:f4:
7b:cd:7e:40:e7:81:dc:3e:52:cd:a6:65:d5:09:c9:
26:e7:0c:f5:fa:c6:9b:f9:5e:6f:e5:60:db:58:09:
df:e4:a9:b0:0e:cb:56:2b:8f:a3:03:9d:00:5d:12:
8f:71:04:99:fc:ab:61:5a:f6:31:d7:18:17:35:19:
14:48:41:49:85:82:7a:8c:c8:4f:c3:ab:0c:bb:03:
80:ef:8b:fc:cc:ac:89:a0:58:51:ff:47:51:42:dc:
b5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:D1:0F:71:63:52:80:E8:D4:12:78:2B:78:8D:44:C6:59:58:CF:6B
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/hNEPcWNSgOjUEngreI1ExllYz2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2f:0d:e4:f6:46:92:33:19:e7:37:c9:16:69:76:e7:80:f0:cc:
2f:de:4a:8d:7b:2f:85:be:29:5f:70:3c:51:fa:cf:2d:4e:7a:
f1:85:39:71:05:35:83:ee:86:b2:b3:ac:f0:a7:e5:19:c1:f5:
a8:19:70:6c:92:9f:fe:c4:62:cc:0e:83:e1:31:73:45:64:74:
8d:09:9f:82:b0:38:ba:1f:41:5d:6b:94:b5:70:6a:8b:55:09:
14:52:1d:a8:52:5f:6f:49:ad:a9:e8:cc:84:88:56:ac:1c:74:
0d:ee:0b:32:36:7f:7e:4b:0b:76:4b:0e:27:c8:62:41:c8:99:
9f:77:51:a2:0f:6f:13:72:8c:88:b2:ac:05:93:ef:d8:47:3f:
a6:02:19:a7:47:cb:00:ed:82:91:8e:9d:4d:de:29:0d:ae:fb:
fb:10:4d:62:85:51:72:a1:91:49:d5:b0:ae:5b:87:b2:da:eb:
5c:26:b5:a8:4f:58:0f:f9:e6:59:97:ad:16:ec:40:30:fe:bb:
26:e2:3a:7e:0c:d5:c4:ca:cb:66:6c:32:2e:61:82:07:7b:71:
45:2d:c4:4f:de:ee:f4:96:d8:33:45:e4:2f:2a:b1:f0:02:02:
e8:81:b4:f9:17:04:ca:3c:5d:2a:09:5b:f8:43:eb:88:65:5a:
2e:33:af:cd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpudUcbdQExMspGSJKB+X8BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA3MDcwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGQxMGY3MTYzNTI4MGU4ZDQxMjc4MmI3ODhkNDRjNjU5NThjZjZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gt2Ado+LGvrZ/5Jr3rNZ5CeS+Y6
BeyGmEHKz3QzHs4IKl77LCkd2YYzt5VwiffOfr6IO0wnpKPu/Y/S7CLlFqrdmdi1
mXQDxjlne2n2OP7X0T5Nc3j0VZmG0N6QanMaA0l1mXgR7R6boO/MFcp2YMUHuXC4
ZtQP+ZAkeZNajqB0vIz/6zz8wxtTLvslPBNakw3N8+FIzDDdTAJTT2wQGgOUV/R7
zX5A54HcPlLNpmXVCckm5wz1+sab+V5v5WDbWAnf5KmwDstWK4+jA50AXRKPcQSZ
/KthWvYx1xgXNRkUSEFJhYJ6jMhPw6sMuwOA74v8zKyJoFhR/0dRQty1swIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFITRD3FjUoDo1BJ4K3iNRMZZWM9rMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvaE5FUGNXTlNnT2pVRW5ncmVJMUV4bGxZejJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC8N5PZGkjMZ5zfJFml2
54DwzC/eSo17L4W+KV9wPFH6zy1OevGFOXEFNYPuhrKzrPCn5RnB9agZcGySn/7E
YswOg+Exc0VkdI0Jn4KwOLofQV1rlLVwaotVCRRSHahSX29JranozISIVqwcdA3u
CzI2f35LC3ZLDifIYkHImZ93UaIPbxNyjIiyrAWT79hHP6YCGadHywDtgpGOnU3e
KQ2u+/sQTWKFUXKhkUnVsK5bh7La61wmtahPWA/55lmXrRbsQDD+uybiOn4M1cTK
y2ZsMi5hggd7cUUtxE/e7vSW2DNF5C8qsfACAuiBtPkXBMo8XSoJW/hD64hlWi4z
r80=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:24:19 2025 by rpki-client