Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HZXttQm49Ituanx4h0dAfj50Pz8.roa
File: HZXttQm49Ituanx4h0dAfj50Pz8.roa (raw, json)
Hash identifier: Nmhp8F3no963E8jx2Gi/51AREEtQZeBUIEncW+IapJc=
Subject key identifier: 1D:95:ED:B5:09:B8:F4:8B:6E:6A:7C:78:87:47:40:7E:3E:74:3F:3F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C7A06A9C2110FC745F524B11455958F89
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HZXttQm49Ituanx4h0dAfj50Pz8.roa
Signing time: Sun 17 Dec 2023 23:05:06 +0000
ROA not before: Sun 17 Dec 2023 23:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:7a06:2da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7a:06:a9:c2:11:0f:c7:45:f5:24:b1:14:55:95:8f:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 17 23:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d95edb509b8f48b6e6a7c788747407e3e743f3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d6:75:7f:5a:31:17:36:c7:d8:95:8c:7e:a8:
7d:cd:e2:e9:2c:f8:6d:29:04:f7:51:16:a3:3f:d1:
e5:55:80:ff:ae:15:ac:7a:99:c8:39:20:94:08:1b:
c7:cf:83:1d:58:0a:37:d2:43:72:9f:e4:7f:64:6c:
e2:5f:8d:23:d5:65:ca:2a:b7:30:c8:0c:fe:a0:d8:
07:a5:4d:a4:a6:7f:13:46:ff:b4:71:1e:10:5d:07:
ac:ec:b4:dd:5f:a0:00:61:4d:d4:78:d8:f3:64:97:
12:cf:0c:11:45:1a:5c:78:03:20:7b:1e:76:32:9d:
47:5b:a8:72:38:a2:cd:0f:22:2b:8d:ab:76:4d:76:
ba:85:b9:24:3f:88:af:d6:52:23:28:76:e0:e0:e6:
fb:e5:46:4a:25:35:fc:40:e3:f3:cd:9a:06:b7:07:
40:16:35:85:1e:a7:25:99:c5:0f:db:53:27:81:c0:
b3:8b:b3:c7:7e:41:d7:ee:c9:11:78:a9:8c:5c:a7:
1f:1c:97:84:bb:a8:b6:d2:d9:26:6d:36:92:1f:09:
8e:27:2b:e1:e8:21:25:aa:39:8d:65:67:14:84:1e:
10:14:07:87:67:78:d6:9a:07:47:e7:aa:0b:84:2c:
d0:d3:b3:99:48:8e:7a:72:b4:d7:97:84:9a:49:31:
fb:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:95:ED:B5:09:B8:F4:8B:6E:6A:7C:78:87:47:40:7E:3E:74:3F:3F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HZXttQm49Ituanx4h0dAfj50Pz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5b:92:ef:36:bc:93:4e:b3:41:64:8a:0d:96:45:00:c9:0f:4e:
87:3e:ed:4f:0e:6c:07:dd:33:25:cd:d7:53:aa:0a:f8:c0:15:
c9:14:11:e5:ca:42:d5:20:d1:9b:c6:08:1d:c3:f2:31:58:4e:
67:b1:34:f1:a0:a0:c1:77:2e:7f:c5:5c:77:0b:ad:18:fd:ca:
65:8c:00:ec:7f:1e:16:82:6e:7d:2d:01:6f:ae:ad:d3:15:22:
5a:2e:10:b9:d0:a2:f0:f4:95:aa:1f:ff:dd:ae:d9:46:06:13:
69:00:f3:b9:77:78:dc:92:83:41:f6:d3:62:8a:84:14:6c:7e:
11:b8:62:77:4d:61:5a:a6:30:b1:cb:8c:7c:72:ad:0f:c0:ec:
c7:47:99:42:84:a9:bf:58:5d:1b:f1:a8:cc:60:d5:8c:b6:15:
cc:4c:2a:97:b0:88:0d:c8:b0:8c:4b:48:15:2e:e1:cf:f9:31:
9d:45:79:2e:ec:9c:bb:40:32:ef:3b:58:f8:47:b0:3e:f9:ce:
ba:1d:94:ce:17:ba:4b:b9:86:c3:c7:10:09:00:e9:ba:37:67:
bd:9b:8d:dd:ed:8a:43:e8:b2:29:d7:9e:1b:90:cb:17:99:4a:
3b:18:22:a3:6e:a0:cc:c0:6f:fd:49:f6:d7:bc:23:83:b5:19:
d9:e5:ce:dd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx6BqnCEQ/HRfUksRRVlY+JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE3MjMwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDk1ZWRiNTA5YjhmNDhiNmU2YTdjNzg4NzQ3NDA3ZTNlNzQzZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9Z1f1oxFzbH2JWMfqh9zeLpLPht
KQT3URajP9HlVYD/rhWsepnIOSCUCBvHz4MdWAo30kNyn+R/ZGziX40j1WXKKrcw
yAz+oNgHpU2kpn8TRv+0cR4QXQes7LTdX6AAYU3UeNjzZJcSzwwRRRpceAMgex52
Mp1HW6hyOKLNDyIrjat2TXa6hbkkP4iv1lIjKHbg4Ob75UZKJTX8QOPzzZoGtwdA
FjWFHqclmcUP21MngcCzi7PHfkHX7skReKmMXKcfHJeEu6i20tkmbTaSHwmOJyvh
6CElqjmNZWcUhB4QFAeHZ3jWmgdH56oLhCzQ07OZSI56crTXl4SaSTH7FQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB2V7bUJuPSLbmp8eIdHQH4+dD8/MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSFpYdHRRbTQ5SXR1YW54NGgwZEFmajUwUHo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFuS7za8k06zQWSKDZZF
AMkPToc+7U8ObAfdMyXN11OqCvjAFckUEeXKQtUg0ZvGCB3D8jFYTmexNPGgoMF3
Ln/FXHcLrRj9ymWMAOx/HhaCbn0tAW+urdMVIlouELnQovD0laof/92u2UYGE2kA
87l3eNySg0H202KKhBRsfhG4YndNYVqmMLHLjHxyrQ/A7MdHmUKEqb9YXRvxqMxg
1Yy2FcxMKpewiA3IsIxLSBUu4c/5MZ1FeS7snLtAMu87WPhHsD75zrodlM4Xuku5
hsPHEAkA6bo3Z72bjd3tikPosinXnhuQyxeZSjsYIqNuoMzAb/1J9te8I4O1Gdnl
zt0=
-----END CERTIFICATE-----
Generated at Wed May 14 03:34:36 2025 by rpki-client