Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RHdGN1vDuFg87fTUNmN7YUD7Stg.roa
File: RHdGN1vDuFg87fTUNmN7YUD7Stg.roa (raw, json)
Hash identifier: edDvRlrNTGTxDwvFlPdF4YM0oF6tQJNSMltGK9X03cU=
Subject key identifier: 44:77:46:37:5B:C3:B8:58:3C:ED:F4:D4:36:63:7B:61:40:FB:4A:D8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AC6AFC35CA5277FABA6E45E329B856D6A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RHdGN1vDuFg87fTUNmN7YUD7Stg.roa
Signing time: Sun 24 Sep 2023 10:15:22 +0000
ROA not before: Sun 24 Sep 2023 10:15:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c6:af:c3:5c:a5:27:7f:ab:a6:e4:5e:32:9b:85:6d:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 24 10:15:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=447746375bc3b8583cedf4d436637b6140fb4ad8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:73:ff:71:3d:f3:30:a5:72:1f:29:e9:61:60:
cc:8d:9e:26:62:bd:7d:38:bc:43:94:3f:13:df:7e:
3c:23:50:27:bb:23:b8:56:6e:95:e0:f7:be:55:6b:
47:80:7d:37:39:4a:8e:ff:df:7d:e1:13:88:5d:f9:
af:06:97:65:c0:cc:b8:9c:ef:da:ea:85:fd:a8:de:
c5:ed:e6:42:aa:47:9d:b3:aa:c6:a1:99:da:68:7f:
76:f2:c8:21:16:80:33:52:d5:a4:57:84:9a:69:5e:
25:6e:35:b8:15:16:68:e4:f9:00:9c:5c:51:41:ef:
54:e3:d9:25:78:50:79:0b:2b:ab:d4:78:20:51:4a:
25:a9:19:a5:c0:3f:c3:4c:24:ab:f6:2a:f0:9a:8d:
83:57:1e:d6:f7:66:4f:13:7b:9a:e9:02:33:f5:e3:
18:28:09:96:3c:6c:3e:c8:d4:5d:b5:b5:63:c8:c1:
26:7c:48:ac:e6:2d:85:9e:dc:c1:8e:9d:5b:13:2e:
7a:d2:e0:68:08:8b:c3:a1:b9:08:8f:c6:83:e4:42:
41:d7:7e:fe:a3:36:0f:b1:f5:5a:e0:76:d0:35:70:
50:c4:af:fe:a1:bd:70:81:e3:fa:63:63:fa:31:9f:
f7:7a:ac:79:2c:fb:ae:b6:ca:01:9c:17:68:bb:ea:
21:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:77:46:37:5B:C3:B8:58:3C:ED:F4:D4:36:63:7B:61:40:FB:4A:D8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RHdGN1vDuFg87fTUNmN7YUD7Stg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
38:dc:70:00:d8:e2:c7:ad:b7:98:b3:af:fd:78:04:e4:c3:07:
02:ff:3d:db:af:5c:27:5d:ad:63:46:0b:c1:fb:fa:7c:aa:4c:
fd:aa:79:b4:d6:d0:4e:54:9e:e7:28:30:ed:7c:b9:6f:78:76:
07:30:e6:9c:6b:8c:f2:1a:f4:96:b6:0e:76:28:ea:6a:8c:fd:
fc:8b:23:4f:31:96:67:e2:a3:8a:36:40:7c:ba:e0:f0:43:98:
32:6d:31:aa:aa:cb:ab:75:29:ee:65:ca:7d:63:ab:c1:c8:8f:
47:45:3f:64:f3:07:72:f8:9b:52:a2:9e:da:f7:97:a2:05:bf:
40:f6:43:54:e6:de:1c:10:74:f9:95:86:af:44:c0:21:87:d0:
24:bd:b0:51:74:a3:d1:a6:8e:56:aa:73:f6:66:eb:c6:49:74:
0a:ba:80:7d:f2:f0:ea:60:90:90:5d:8d:d3:b3:cc:33:2c:d1:
47:ba:50:e5:f6:bb:e4:a1:2e:e1:03:87:c1:d9:43:92:65:3c:
5a:87:f9:ab:d8:7c:da:33:67:df:76:7e:c8:f1:78:22:5a:6b:
1e:05:58:ba:47:c5:8f:91:7b:1d:32:1d:8f:d7:1d:54:ec:9f:
e4:07:19:d4:39:7f:d4:89:49:ca:c1:4f:85:bf:fc:ae:9b:65:
4a:eb:79:9e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrGr8NcpSd/q6bkXjKbhW1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI0MTAxNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDc3NDYzNzViYzNiODU4M2NlZGY0ZDQzNjYzN2I2MTQwZmI0YWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXP/cT3zMKVyHynpYWDMjZ4mYr19
OLxDlD8T3348I1AnuyO4Vm6V4Pe+VWtHgH03OUqO/9994ROIXfmvBpdlwMy4nO/a
6oX9qN7F7eZCqkeds6rGoZnaaH928sghFoAzUtWkV4SaaV4lbjW4FRZo5PkAnFxR
Qe9U49kleFB5Cyur1HggUUolqRmlwD/DTCSr9irwmo2DVx7W92ZPE3ua6QIz9eMY
KAmWPGw+yNRdtbVjyMEmfEis5i2FntzBjp1bEy560uBoCIvDobkIj8aD5EJB137+
ozYPsfVa4HbQNXBQxK/+ob1wgeP6Y2P6MZ/3eqx5LPuutsoBnBdou+ohwQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFER3Rjdbw7hYPO301DZje2FA+0rYMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUkhkR04xdkR1Rmc4N2ZUVU5tTjdZVUQ3U3RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADjccADY4sett5izr/14
BOTDBwL/PduvXCddrWNGC8H7+nyqTP2qebTW0E5UnucoMO18uW94dgcw5pxrjPIa
9Ja2DnYo6mqM/fyLI08xlmfio4o2QHy64PBDmDJtMaqqy6t1Ke5lyn1jq8HIj0dF
P2TzB3L4m1Kintr3l6IFv0D2Q1Tm3hwQdPmVhq9EwCGH0CS9sFF0o9Gmjlaqc/Zm
68ZJdAq6gH3y8OpgkJBdjdOzzDMs0Ue6UOX2u+ShLuEDh8HZQ5JlPFqH+avYfNoz
Z992fsjxeCJaax4FWLpHxY+Rex0yHY/XHVTsn+QHGdQ5f9SJScrBT4W//K6bZUrr
eZ4=
-----END CERTIFICATE-----
Generated at Sat May 10 11:46:56 2025 by rpki-client