Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h5BB4nm-bSvFM3YOeToHRoviVXs.roa
File: h5BB4nm-bSvFM3YOeToHRoviVXs.roa (raw, json)
Hash identifier: OxREabarGmvrme3pWvqxkAKZpPHBfns1xJhclnVq7Zo=
Subject key identifier: 87:90:41:E2:79:BE:6D:2B:C5:33:76:0E:79:3A:07:46:8B:E2:55:7B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AB1DC500AC646A478CC4CF3FC08920A5D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h5BB4nm-bSvFM3YOeToHRoviVXs.roa
Signing time: Wed 20 Sep 2023 09:12:00 +0000
ROA not before: Wed 20 Sep 2023 09:12:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b1:dc:50:0a:c6:46:a4:78:cc:4c:f3:fc:08:92:0a:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 20 09:12:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=879041e279be6d2bc533760e793a07468be2557b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:16:91:91:45:03:f2:2d:92:cc:fd:1d:ed:db:
24:aa:e3:86:b2:b6:c1:40:44:12:53:84:28:49:f1:
09:74:b7:a9:49:6d:5a:a8:44:9e:38:9d:a3:6e:e3:
54:97:13:80:6f:88:fb:35:59:22:11:ee:35:7c:c8:
4f:c2:db:1c:ab:56:fd:15:44:94:cc:af:71:a6:11:
fb:90:47:7d:95:80:21:a9:ba:90:09:8a:c3:2e:9e:
d5:e5:23:c3:09:2f:14:d9:f6:ad:df:69:89:45:2e:
e3:8e:11:e9:05:74:bf:3c:3c:5a:c4:11:a7:4d:4c:
54:b0:a9:62:22:ed:f5:23:1f:6b:f4:8f:68:51:fa:
f9:60:56:ac:2b:d8:43:f7:02:6b:9c:13:81:7f:fb:
1a:d6:01:1d:f0:71:7f:ea:1a:9f:77:e7:e4:25:83:
fd:e6:a7:28:21:b1:d6:2a:3f:5a:4e:f3:32:5c:5a:
09:69:c6:8e:b1:df:80:08:5b:00:28:18:ae:ab:f5:
02:51:db:4c:e0:ae:82:bc:05:97:b6:2e:73:f7:32:
55:ba:e7:4b:ab:4d:fc:0c:99:da:dd:7d:1e:49:03:
bb:82:18:69:08:63:53:f0:a6:e2:dd:fe:e9:78:8f:
8d:f6:4b:b2:cc:6b:eb:36:ac:04:f4:37:a3:d7:fe:
4e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:90:41:E2:79:BE:6D:2B:C5:33:76:0E:79:3A:07:46:8B:E2:55:7B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h5BB4nm-bSvFM3YOeToHRoviVXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9a:51:95:71:b2:4b:09:ec:1a:c6:19:74:eb:88:f9:bb:88:99:
8a:37:92:ab:12:a1:4b:b3:5d:68:d0:a9:c7:ee:b7:41:e9:17:
cf:1b:ef:3e:3a:41:54:a6:a6:c5:7c:71:70:ec:98:b5:dc:5e:
1f:6e:7a:e0:d8:80:5b:2d:2b:39:ee:3d:8d:0c:f9:ed:94:e1:
9c:ee:07:65:7c:27:86:b3:87:05:fa:07:56:54:b4:11:37:4e:
e0:ba:4e:72:5a:25:72:46:33:29:15:16:f6:d1:5c:3a:b0:97:
ef:7e:a8:7a:4b:c6:aa:0c:84:98:74:9a:a7:84:95:df:b2:9a:
c0:58:f8:05:3d:39:2c:fe:ae:24:60:12:f2:ac:c2:66:17:4f:
7e:b3:df:3c:73:0d:4b:e6:7a:41:1a:de:ea:63:de:2c:0e:79:
c3:e3:a4:af:cc:05:50:cd:48:cb:46:dd:46:7c:ea:fa:7c:1c:
aa:bd:41:39:51:af:a0:a5:50:49:e1:b2:25:e8:b4:f7:63:bd:
68:8a:d5:da:bf:97:ce:0b:a3:52:92:3b:69:2a:8d:b7:de:af:
68:7d:43:62:ce:1a:55:79:7a:07:35:32:48:af:cc:31:a9:20:
2e:04:00:70:d0:c7:df:db:0a:32:66:91:80:ce:c5:6a:e4:07:
08:fe:e6:bc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqx3FAKxkakeMxM8/wIkgpdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIwMDkxMjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzkwNDFlMjc5YmU2ZDJiYzUzMzc2MGU3OTNhMDc0NjhiZTI1NTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxaRkUUD8i2SzP0d7dskquOGsrbB
QEQSU4QoSfEJdLepSW1aqESeOJ2jbuNUlxOAb4j7NVkiEe41fMhPwtscq1b9FUSU
zK9xphH7kEd9lYAhqbqQCYrDLp7V5SPDCS8U2fat32mJRS7jjhHpBXS/PDxaxBGn
TUxUsKliIu31Ix9r9I9oUfr5YFasK9hD9wJrnBOBf/sa1gEd8HF/6hqfd+fkJYP9
5qcoIbHWKj9aTvMyXFoJacaOsd+ACFsAKBiuq/UCUdtM4K6CvAWXti5z9zJVuudL
q038DJna3X0eSQO7ghhpCGNT8Kbi3f7peI+N9kuyzGvrNqwE9Dej1/5OWQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIeQQeJ5vm0rxTN2Dnk6B0aL4lV7MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaDVCQjRubS1iU3ZGTTNZT2VUb0hSb3ZpVlhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJpRlXGySwnsGsYZdOuI
+buImYo3kqsSoUuzXWjQqcfut0HpF88b7z46QVSmpsV8cXDsmLXcXh9ueuDYgFst
KznuPY0M+e2U4ZzuB2V8J4azhwX6B1ZUtBE3TuC6TnJaJXJGMykVFvbRXDqwl+9+
qHpLxqoMhJh0mqeEld+ymsBY+AU9OSz+riRgEvKswmYXT36z3zxzDUvmekEa3upj
3iwOecPjpK/MBVDNSMtG3UZ86vp8HKq9QTlRr6ClUEnhsiXotPdjvWiK1dq/l84L
o1KSO2kqjbfer2h9Q2LOGlV5egc1MkivzDGpIC4EAHDQx9/bCjJmkYDOxWrkBwj+
5rw=
-----END CERTIFICATE-----
Generated at Mon May 12 13:01:11 2025 by rpki-client