Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h0KKHgk4vvF99IxSOMynV6FPo5U.roa
File: h0KKHgk4vvF99IxSOMynV6FPo5U.roa (raw, json)
Hash identifier: SYCWqkDptsH5dUry9PmW4jaSw1mEV1AewcW0Xn13Xe4=
Subject key identifier: 87:42:8A:1E:09:38:BE:F1:7D:F4:8C:52:38:CC:A7:57:A1:4F:A3:95
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C285069A5CD3E5C7A0B55050740008E01
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h0KKHgk4vvF99IxSOMynV6FPo5U.roa
Signing time: Sat 02 Dec 2023 02:16:47 +0000
ROA not before: Sat 02 Dec 2023 02:16:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:28:50:69:a5:cd:3e:5c:7a:0b:55:05:07:40:00:8e:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 2 02:16:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87428a1e0938bef17df48c5238cca757a14fa395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:18:f7:24:9d:85:11:a7:86:9e:5b:51:32:b3:
a8:09:2e:1f:85:e6:43:2d:78:c6:3c:12:d1:7e:ff:
2e:fa:13:14:cb:94:de:ed:43:9c:7d:23:4f:71:e4:
1e:0f:fb:9b:53:e0:f2:24:71:31:4a:71:1c:bd:31:
13:86:29:d1:70:9b:99:4e:db:01:fe:6d:86:9f:0b:
94:c7:09:dd:84:62:4e:ea:eb:79:b0:57:21:29:5a:
4a:a1:f3:c9:fb:b9:04:f3:ff:42:ae:a7:e4:52:f2:
47:37:4e:9b:a6:4b:1c:7f:3a:57:c8:7f:49:5a:fe:
22:5c:b2:f3:e3:16:e7:84:9c:2b:dd:a4:fe:93:e4:
9c:9f:e6:50:08:1a:79:a2:b1:26:4e:8f:35:29:9b:
99:e8:b8:0b:6d:d5:89:1f:8b:d2:18:37:88:ea:f7:
ee:89:7a:39:a5:09:d0:a5:93:f5:d0:dc:7f:6c:62:
00:c7:94:2f:65:d7:98:50:f1:74:a3:09:20:4a:11:
9f:44:fa:cf:a4:fd:19:5a:10:a8:d5:34:3b:e5:e7:
79:ce:cd:4f:c6:c2:5a:4c:2c:dd:63:33:ee:cd:2b:
3a:01:0e:ff:3b:ff:c2:32:58:5e:9d:dd:0c:03:4f:
77:ca:6b:a4:0a:ad:c6:00:d5:2a:a2:66:bd:0d:88:
6c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:42:8A:1E:09:38:BE:F1:7D:F4:8C:52:38:CC:A7:57:A1:4F:A3:95
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h0KKHgk4vvF99IxSOMynV6FPo5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b8:da:99:6e:29:6d:80:10:ed:e4:f7:a4:6e:bb:57:4f:cc:a0:
d3:26:db:26:ed:eb:33:60:af:5b:15:33:45:ac:7b:f7:4f:a6:
cb:68:a9:14:44:ed:87:c4:f9:ee:92:c7:42:69:be:df:3e:46:
1e:f7:85:c1:68:b4:49:11:44:cc:5e:a0:30:99:5d:16:17:44:
ab:92:cb:b9:20:ae:cd:79:95:65:e3:37:a5:39:dd:c3:2a:c2:
da:c7:4c:42:eb:55:e6:ce:82:da:94:db:49:3f:7c:7b:40:ef:
3b:f7:b2:de:4c:f4:7d:d3:42:45:88:36:a0:35:35:fb:ec:54:
87:1b:14:76:35:8b:bf:5b:80:44:00:b9:a3:e6:76:a6:a6:2b:
1e:12:db:0f:3e:2b:19:96:24:c6:34:14:72:a4:24:23:b8:d8:
26:a7:79:fe:5a:27:5f:b2:98:31:ee:5f:ad:91:f4:36:48:e5:
61:67:fa:5a:83:8c:9e:23:2c:5e:d5:a3:76:a9:e6:0f:20:9c:
05:37:60:65:99:8a:60:6d:b1:09:20:b4:e4:44:16:ad:43:c9:
5e:7c:7f:0c:97:0a:c8:26:21:3f:d8:57:c5:eb:65:6a:46:3a:
ad:29:cf:3a:cb:df:50:ec:18:9b:4e:ac:6e:a9:17:75:34:97:
0d:f6:03:e4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwoUGmlzT5cegtVBQdAAI4BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAyMDIxNjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzQyOGExZTA5MzhiZWYxN2RmNDhjNTIzOGNjYTc1N2ExNGZhMzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBj3JJ2FEaeGnltRMrOoCS4fheZD
LXjGPBLRfv8u+hMUy5Te7UOcfSNPceQeD/ubU+DyJHExSnEcvTEThinRcJuZTtsB
/m2GnwuUxwndhGJO6ut5sFchKVpKofPJ+7kE8/9CrqfkUvJHN06bpkscfzpXyH9J
Wv4iXLLz4xbnhJwr3aT+k+Scn+ZQCBp5orEmTo81KZuZ6LgLbdWJH4vSGDeI6vfu
iXo5pQnQpZP10Nx/bGIAx5QvZdeYUPF0owkgShGfRPrPpP0ZWhCo1TQ75ed5zs1P
xsJaTCzdYzPuzSs6AQ7/O//CMlhend0MA093ymukCq3GANUqoma9DYhsewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIdCih4JOL7xffSMUjjMp1ehT6OVMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaDBLS0hnazR2dkY5OUl4U09NeW5WNkZQbzVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALjamW4pbYAQ7eT3pG67
V0/MoNMm2ybt6zNgr1sVM0Wse/dPpstoqRRE7YfE+e6Sx0Jpvt8+Rh73hcFotEkR
RMxeoDCZXRYXRKuSy7kgrs15lWXjN6U53cMqwtrHTELrVebOgtqU20k/fHtA7zv3
st5M9H3TQkWINqA1NfvsVIcbFHY1i79bgEQAuaPmdqamKx4S2w8+KxmWJMY0FHKk
JCO42Canef5aJ1+ymDHuX62R9DZI5WFn+lqDjJ4jLF7Vo3ap5g8gnAU3YGWZimBt
sQkgtOREFq1DyV58fwyXCsgmIT/YV8XrZWpGOq0pzzrL31DsGJtOrG6pF3U0lw32
A+Q=
-----END CERTIFICATE-----
Generated at Sun May 11 01:47:22 2025 by rpki-client