Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HuED1V2b7uGVMeMPl5ofRoORWoI.roa
File: HuED1V2b7uGVMeMPl5ofRoORWoI.roa (raw, json)
Hash identifier: OV3/gZv8wXl0Cgqt1PDxy4NYYoZQysfk0cyxlaVWA0g=
Subject key identifier: 1E:E1:03:D5:5D:9B:EE:E1:95:31:E3:0F:97:9A:1F:46:83:91:5A:82
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B23CEC74DAFB5CC994AAB6770FA06C167
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HuED1V2b7uGVMeMPl5ofRoORWoI.roa
Signing time: Thu 12 Oct 2023 12:13:55 +0000
ROA not before: Thu 12 Oct 2023 12:13:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:23:ce:c7:4d:af:b5:cc:99:4a:ab:67:70:fa:06:c1:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 12 12:13:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ee103d55d9beee19531e30f979a1f4683915a82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:7c:1b:ba:0a:15:b6:af:74:f2:f4:e9:44:c2:
7c:43:70:60:37:46:a4:5d:6c:ca:bb:af:32:ac:2a:
9c:c3:7c:81:98:ea:ff:6b:cc:e7:32:37:f3:b9:03:
d3:fc:21:b6:09:9a:d4:ae:72:17:54:ef:34:3b:b8:
ed:20:23:29:0c:34:2c:69:f5:4e:0d:a1:14:e8:29:
0f:03:a4:b4:d2:58:6a:f2:54:dc:24:2d:1b:b2:98:
fa:cd:31:a7:dc:0b:35:36:2b:06:2d:3c:54:1a:1d:
db:c1:3b:89:e2:88:17:8e:a2:34:1a:db:44:f3:04:
77:bb:1b:6b:5f:98:5e:35:99:6a:a4:00:45:c7:5a:
40:f5:92:c7:76:09:0c:ab:07:a0:ef:f4:89:29:1b:
8d:5d:89:35:fe:72:02:b6:d7:43:59:89:26:cd:6b:
a7:ae:ee:5e:be:48:5c:65:c0:44:c9:90:f2:41:17:
f3:a5:24:a1:13:5b:e2:2f:79:cd:ca:ac:fb:97:01:
5b:46:27:43:ef:2f:05:13:03:5f:fa:34:32:0d:9b:
f9:47:6a:62:67:ba:e5:41:c8:cb:41:cd:6b:13:bf:
e4:3b:0e:47:31:e4:49:83:1b:5d:09:b2:46:63:91:
c3:21:b9:8d:47:68:62:8d:e8:be:09:0a:f9:f7:c1:
34:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:E1:03:D5:5D:9B:EE:E1:95:31:E3:0F:97:9A:1F:46:83:91:5A:82
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HuED1V2b7uGVMeMPl5ofRoORWoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8f:72:79:1e:d0:da:0c:80:c4:1e:f9:5d:32:96:2c:ef:89:42:
d5:06:9d:5a:d7:8e:da:92:4a:97:bb:9a:bc:13:6c:ab:92:d5:
99:f7:5f:b4:83:87:b4:ca:f5:77:90:e0:90:a1:27:f1:06:32:
6c:0d:ec:6b:4e:35:6d:c6:55:4c:4b:33:74:d0:fc:42:aa:f6:
41:2d:93:da:8c:06:36:9a:c9:50:ed:bc:ed:53:3a:70:a6:ca:
20:f6:8e:01:47:34:70:9f:61:da:90:7e:b4:bf:df:ce:90:6f:
87:51:83:7e:69:6d:2d:b1:ab:b7:42:7e:f6:e5:e0:2c:9a:fc:
46:47:f2:63:ff:47:9e:a7:53:d6:31:c7:3b:45:83:21:68:a0:
3a:56:a3:3a:2e:36:1d:e3:5e:19:ab:a6:49:70:63:7c:e4:bc:
9d:df:77:00:62:4b:57:61:e6:6b:8d:74:e7:79:94:13:90:dc:
2e:f1:c8:28:50:5d:3e:e5:61:b9:59:e5:ab:01:99:16:a3:27:
29:25:aa:82:ee:10:84:85:f7:52:c1:ee:1e:ee:d3:fd:04:aa:
14:73:af:6b:90:af:78:9a:18:1f:82:21:1e:83:f2:86:b8:ff:
6b:9e:26:70:4a:19:23:2d:81:65:20:f6:6a:e5:e7:55:46:58:
33:da:36:df
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsjzsdNr7XMmUqrZ3D6BsFnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEyMTIxMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWUxMDNkNTVkOWJlZWUxOTUzMWUzMGY5NzlhMWY0NjgzOTE1YTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXwbugoVtq908vTpRMJ8Q3BgN0ak
XWzKu68yrCqcw3yBmOr/a8znMjfzuQPT/CG2CZrUrnIXVO80O7jtICMpDDQsafVO
DaEU6CkPA6S00lhq8lTcJC0bspj6zTGn3As1NisGLTxUGh3bwTuJ4ogXjqI0GttE
8wR3uxtrX5heNZlqpABFx1pA9ZLHdgkMqweg7/SJKRuNXYk1/nICttdDWYkmzWun
ru5evkhcZcBEyZDyQRfzpSShE1viL3nNyqz7lwFbRidD7y8FEwNf+jQyDZv5R2pi
Z7rlQcjLQc1rE7/kOw5HMeRJgxtdCbJGY5HDIbmNR2hijei+CQr598E04QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB7hA9Vdm+7hlTHjD5eaH0aDkVqCMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSHVFRDFWMmI3dUdWTWVNUGw1b2ZSb09SV29JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI9yeR7Q2gyAxB75XTKW
LO+JQtUGnVrXjtqSSpe7mrwTbKuS1Zn3X7SDh7TK9XeQ4JChJ/EGMmwN7GtONW3G
VUxLM3TQ/EKq9kEtk9qMBjaayVDtvO1TOnCmyiD2jgFHNHCfYdqQfrS/386Qb4dR
g35pbS2xq7dCfvbl4Cya/EZH8mP/R56nU9YxxztFgyFooDpWozouNh3jXhmrpklw
Y3zkvJ3fdwBiS1dh5muNdOd5lBOQ3C7xyChQXT7lYblZ5asBmRajJyklqoLuEISF
91LB7h7u0/0EqhRzr2uQr3iaGB+CIR6D8oa4/2ueJnBKGSMtgWUg9mrl51VGWDPa
Nt8=
-----END CERTIFICATE-----
Generated at Sat May 10 13:39:15 2025 by rpki-client