Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Hf3ikMlle2FBJJxACfKuL_XUOHE.roa
File: Hf3ikMlle2FBJJxACfKuL_XUOHE.roa (raw, json)
Hash identifier: e2P1UoolbwPuwjUIMxLceOiGtD2jYvhaDvU1nDeMf3I=
Subject key identifier: 1D:FD:E2:90:C9:65:7B:61:41:24:9C:40:09:F2:AE:2F:F5:D4:38:71
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BDD2F87C17D531B452AAF6F5F02A7B4DC
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Hf3ikMlle2FBJJxACfKuL_XUOHE.roa
Signing time: Fri 17 Nov 2023 12:09:21 +0000
ROA not before: Fri 17 Nov 2023 12:09:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dd:2f:87:c1:7d:53:1b:45:2a:af:6f:5f:02:a7:b4:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 17 12:09:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1dfde290c9657b6141249c4009f2ae2ff5d43871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d5:7e:be:a3:de:b4:df:6c:94:09:2c:13:a5:
10:7a:85:88:f5:fb:05:03:74:00:36:c7:b2:a5:7b:
94:b1:20:6f:b0:04:c4:43:33:16:a3:fd:56:a5:59:
b2:aa:66:96:29:80:00:ca:20:99:92:d2:92:ea:9d:
de:47:85:5c:c8:c7:e7:aa:09:31:e9:b3:58:5d:e4:
ea:68:fe:b2:4f:2f:7f:ea:fb:20:c2:65:98:16:85:
6b:3c:c0:7c:d3:ac:37:3c:88:e4:fd:b2:c1:d0:9c:
2d:a7:b2:ab:72:80:01:bd:49:68:85:cc:fc:2f:22:
02:34:e3:79:2f:b5:29:2e:cd:81:e0:98:ee:87:63:
1a:64:f0:31:5e:b9:18:8b:c3:6b:97:19:c0:07:67:
59:90:f9:26:4c:3a:f2:64:cd:eb:ad:78:c8:69:17:
02:72:f2:4f:6d:e8:93:24:5a:a2:1f:d0:30:38:4d:
3a:2e:5b:b0:2e:ee:34:00:20:82:af:d8:98:7a:dd:
09:7c:a0:34:f2:2d:14:35:f4:a3:51:83:34:18:51:
47:af:fa:02:d1:4b:f5:a7:03:57:88:74:b9:07:56:
ac:ce:b7:fb:50:5a:d6:2a:41:5f:bc:27:2a:e3:fb:
7b:a9:72:85:42:b0:65:c0:64:73:ac:d3:a9:b9:b4:
f7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:FD:E2:90:C9:65:7B:61:41:24:9C:40:09:F2:AE:2F:F5:D4:38:71
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Hf3ikMlle2FBJJxACfKuL_XUOHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c1:81:42:2c:8a:97:4a:bc:67:16:3e:e2:c1:6e:71:1c:7b:ab:
a9:49:55:c2:06:58:a5:47:42:a1:16:2a:95:be:b3:28:18:6d:
f2:e9:bb:c6:2c:ae:37:24:06:e4:d8:af:e3:cf:3b:7b:36:59:
5e:b5:75:fd:61:1a:2f:82:e5:65:53:9a:b0:d8:21:91:09:37:
99:d0:42:b3:57:44:76:ec:60:98:a6:fe:73:cb:63:21:ed:a9:
25:66:91:64:c8:3b:1f:10:be:b9:1d:0e:20:17:e3:b5:a9:5a:
ed:34:9d:72:32:a1:93:9b:84:c2:92:28:92:18:d6:57:01:ec:
ea:89:c9:4d:b8:82:18:46:56:9c:aa:9e:c6:b4:42:07:84:d9:
b1:d6:6e:10:76:9f:30:92:5b:4f:5f:67:08:bb:53:9c:4a:57:
c6:c2:27:fa:2b:54:f2:72:a5:44:95:ed:46:f7:e6:59:99:2e:
9b:da:47:81:f8:97:bb:21:d1:3c:f9:46:99:e8:c7:10:94:96:
a5:62:16:c4:7c:b6:af:1b:e7:ec:2f:f7:7c:f0:18:28:47:ce:
74:0a:ae:eb:c0:d0:6d:ed:34:61:7c:9d:ee:ac:02:1e:c6:67:
0e:fd:ff:fb:b5:a9:61:ea:7e:34:f3:f1:6b:36:8f:46:c6:63:
3e:af:a0:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvdL4fBfVMbRSqvb18Cp7TcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE3MTIwOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGZkZTI5MGM5NjU3YjYxNDEyNDljNDAwOWYyYWUyZmY1ZDQzODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNV+vqPetN9slAksE6UQeoWI9fsF
A3QANseypXuUsSBvsATEQzMWo/1WpVmyqmaWKYAAyiCZktKS6p3eR4VcyMfnqgkx
6bNYXeTqaP6yTy9/6vsgwmWYFoVrPMB806w3PIjk/bLB0Jwtp7KrcoABvUlohcz8
LyICNON5L7UpLs2B4Jjuh2MaZPAxXrkYi8NrlxnAB2dZkPkmTDryZM3rrXjIaRcC
cvJPbeiTJFqiH9AwOE06LluwLu40ACCCr9iYet0JfKA08i0UNfSjUYM0GFFHr/oC
0Uv1pwNXiHS5B1aszrf7UFrWKkFfvCcq4/t7qXKFQrBlwGRzrNOpubT34wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB394pDJZXthQSScQAnyri/11DhxMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSGYzaWtNbGxlMkZCSkp4QUNmS3VMX1hVT0hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMGBQiyKl0q8ZxY+4sFu
cRx7q6lJVcIGWKVHQqEWKpW+sygYbfLpu8YsrjckBuTYr+PPO3s2WV61df1hGi+C
5WVTmrDYIZEJN5nQQrNXRHbsYJim/nPLYyHtqSVmkWTIOx8QvrkdDiAX47WpWu00
nXIyoZObhMKSKJIY1lcB7OqJyU24ghhGVpyqnsa0QgeE2bHWbhB2nzCSW09fZwi7
U5xKV8bCJ/orVPJypUSV7Ub35lmZLpvaR4H4l7sh0Tz5RpnoxxCUlqViFsR8tq8b
5+wv93zwGChHznQKruvA0G3tNGF8ne6sAh7GZw79//u1qWHqfjTz8Ws2j0bGYz6v
oJQ=
-----END CERTIFICATE-----
Generated at Tue May 13 15:15:20 2025 by rpki-client