Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ght-HetB5qEXoO78nm9-abfUTTQ.roa
File: ght-HetB5qEXoO78nm9-abfUTTQ.roa (raw, json)
Hash identifier: HWJ3ltZqL4UGP78/F3ctEzusbQV1jmCL2KJTvkZreF0=
Subject key identifier: 82:1B:7E:1D:EB:41:E6:A1:17:A0:EE:FC:9E:6F:7E:69:B7:D4:4D:34
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C2BF4F06A96366F9311E54E6CFCA7848C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ght-HetB5qEXoO78nm9-abfUTTQ.roa
Signing time: Sat 02 Dec 2023 19:15:21 +0000
ROA not before: Sat 02 Dec 2023 19:15:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2b:f4:f0:6a:96:36:6f:93:11:e5:4e:6c:fc:a7:84:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 2 19:15:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=821b7e1deb41e6a117a0eefc9e6f7e69b7d44d34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:df:13:fb:c8:d7:89:cd:06:f3:a5:90:4d:c5:
01:a8:b1:2e:fd:62:17:6c:a0:7b:ce:11:a6:a7:21:
aa:fd:48:25:4f:7c:e5:10:26:d2:36:12:03:55:cd:
0f:d4:66:97:fb:45:bc:2d:75:48:a7:12:e0:1e:b4:
fe:b7:07:56:ee:ed:5b:40:52:c5:12:dd:70:6f:e6:
e2:f0:e4:c5:fb:fb:52:cb:8e:c5:8a:54:7a:43:d6:
09:5e:2d:20:9d:04:4f:ed:0c:f3:d4:9c:1d:90:c9:
ff:05:c1:19:c3:4f:56:9b:88:7c:3b:0a:17:6c:0b:
20:51:84:3a:67:9b:f2:d9:80:fc:24:80:59:8f:24:
89:e4:90:db:2e:c8:d7:2a:71:e8:a8:2a:da:7c:66:
21:2f:ea:b4:3e:0c:f3:6a:64:ba:28:ea:88:12:a2:
be:1a:cd:7e:2c:9c:92:fa:6e:aa:c1:05:5b:85:72:
d3:8e:b6:c1:01:25:fa:11:6a:cf:df:79:62:f6:24:
c8:63:f7:3c:78:8f:19:bc:73:b6:53:f2:e7:f3:5e:
9c:6c:30:ed:00:9b:dd:90:25:a0:3c:52:32:4c:87:
6f:c2:fc:d2:59:9a:a5:9b:23:55:42:52:43:eb:98:
2a:8d:b6:95:76:c4:22:5b:85:9b:73:fb:35:58:db:
9d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:1B:7E:1D:EB:41:E6:A1:17:A0:EE:FC:9E:6F:7E:69:B7:D4:4D:34
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ght-HetB5qEXoO78nm9-abfUTTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
19:c2:c4:e1:ec:9d:17:0a:5c:0a:63:02:08:e9:f3:27:1c:5b:
e1:78:eb:8a:ed:3d:94:e0:37:e5:59:18:12:09:0a:79:5b:1d:
44:cd:ad:89:99:33:7e:e1:d3:f2:6a:60:02:ec:52:cd:bd:8b:
9d:54:4e:c7:77:32:da:3c:90:92:7c:ef:00:77:1a:4f:5a:99:
90:a3:91:29:52:94:6d:42:b2:bb:3c:26:22:79:be:ef:85:36:
40:1b:4a:ce:8e:05:38:48:ea:02:48:de:e7:8b:e5:06:45:13:
74:af:4b:7c:94:ca:24:9a:9b:67:f7:6a:d6:78:7e:39:11:28:
2f:81:97:c3:2b:2b:9a:3b:dd:e7:93:93:39:46:d5:b7:36:a0:
64:fc:8a:7d:23:79:6a:c2:fb:18:f9:ab:b3:43:b1:60:80:df:
01:56:c3:f0:7e:d4:c8:d8:64:6d:7d:c5:38:aa:85:8c:18:f7:
4e:a3:0f:54:d9:66:2d:9a:57:56:f4:34:38:ea:6c:cf:db:a2:
c0:ab:01:2c:ea:ff:f4:ee:92:81:34:88:c3:c6:15:5d:c8:48:
83:02:68:47:b7:46:f0:cb:96:bd:31:ee:89:f0:4a:9c:1b:c4:
a8:50:40:9f:82:01:29:10:81:21:0a:93:dc:13:10:d7:e7:04:
3b:71:d1:d6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwr9PBqljZvkxHlTmz8p4SMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAyMTkxNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjFiN2UxZGViNDFlNmExMTdhMGVlZmM5ZTZmN2U2OWI3ZDQ0ZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAht8T+8jXic0G86WQTcUBqLEu/WIX
bKB7zhGmpyGq/UglT3zlECbSNhIDVc0P1GaX+0W8LXVIpxLgHrT+twdW7u1bQFLF
Et1wb+bi8OTF+/tSy47FilR6Q9YJXi0gnQRP7Qzz1JwdkMn/BcEZw09Wm4h8OwoX
bAsgUYQ6Z5vy2YD8JIBZjySJ5JDbLsjXKnHoqCrafGYhL+q0PgzzamS6KOqIEqK+
Gs1+LJyS+m6qwQVbhXLTjrbBASX6EWrP33li9iTIY/c8eI8ZvHO2U/Ln816cbDDt
AJvdkCWgPFIyTIdvwvzSWZqlmyNVQlJD65gqjbaVdsQiW4Wbc/s1WNudBQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIIbfh3rQeahF6Du/J5vfmm31E00MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZ2h0LUhldEI1cUVYb083OG5tOS1hYmZVVFRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABnCxOHsnRcKXApjAgjp
8yccW+F464rtPZTgN+VZGBIJCnlbHUTNrYmZM37h0/JqYALsUs29i51UTsd3Mto8
kJJ87wB3Gk9amZCjkSlSlG1Csrs8JiJ5vu+FNkAbSs6OBThI6gJI3ueL5QZFE3Sv
S3yUyiSam2f3atZ4fjkRKC+Bl8MrK5o73eeTkzlG1bc2oGT8in0jeWrC+xj5q7ND
sWCA3wFWw/B+1MjYZG19xTiqhYwY906jD1TZZi2aV1b0NDjqbM/bosCrASzq//Tu
koE0iMPGFV3ISIMCaEe3RvDLlr0x7onwSpwbxKhQQJ+CASkQgSEKk9wTENfnBDtx
0dY=
-----END CERTIFICATE-----
Generated at Sun May 11 22:37:25 2025 by rpki-client