Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hGohv6AmLvRc2vmZOokG9xIemDw.roa
File: hGohv6AmLvRc2vmZOokG9xIemDw.roa (raw, json)
Hash identifier: S+Csoito1zUVOyYwj3WGiEIGUMOv3WxhwvbmKdb1de0=
Subject key identifier: 84:6A:21:BF:A0:26:2E:F4:5C:DA:F9:99:3A:89:06:F7:12:1E:98:3C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BB3C81A9DFCA81491B64D3E4BC0FD2BF1
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hGohv6AmLvRc2vmZOokG9xIemDw.roa
Signing time: Thu 09 Nov 2023 11:11:57 +0000
ROA not before: Thu 09 Nov 2023 11:11:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b3:c8:1a:9d:fc:a8:14:91:b6:4d:3e:4b:c0:fd:2b:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 9 11:11:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=846a21bfa0262ef45cdaf9993a8906f7121e983c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:fe:59:e0:83:e5:07:90:11:f3:a8:c5:70:85:
dc:2e:e8:18:7a:7a:26:f9:5e:16:db:84:e4:2c:22:
b1:f1:af:06:16:27:eb:19:57:52:00:f8:bd:93:4b:
ee:69:12:c9:e6:6d:d6:4a:78:c4:bf:c9:c4:1a:df:
20:6c:e3:a2:ce:62:e9:14:db:06:98:2e:7d:aa:68:
bb:2d:5c:42:d9:ed:e2:ed:35:6f:26:db:1b:fa:6a:
f1:5c:47:c0:3b:0a:e5:aa:d9:87:ba:35:74:44:cc:
4f:f2:f2:99:b0:64:c0:f9:1f:56:61:27:1d:7d:c9:
5a:d2:12:a9:11:0c:7b:b0:d2:24:73:b7:80:e3:2e:
da:b7:90:9c:45:90:d5:c1:87:7f:99:2e:eb:64:91:
db:74:64:0b:18:ba:3d:19:6a:67:fa:04:ab:50:69:
cd:f2:78:db:72:3f:65:c7:7f:17:6d:97:77:70:97:
6f:35:6f:fc:8d:83:2e:8b:8b:0d:ec:04:6b:01:51:
41:17:58:8c:c3:61:54:58:1a:6b:4e:92:aa:6f:9f:
f5:76:e6:0f:d1:a5:34:fb:69:02:25:ec:27:91:f1:
43:9d:ec:5c:af:45:db:ce:cb:64:d9:66:11:9b:69:
42:98:29:a5:20:76:18:7b:e3:3c:42:50:17:b9:79:
4f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:6A:21:BF:A0:26:2E:F4:5C:DA:F9:99:3A:89:06:F7:12:1E:98:3C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hGohv6AmLvRc2vmZOokG9xIemDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
16:95:56:41:7a:95:6c:31:2d:b7:f4:fc:33:91:13:ab:ef:64:
62:c5:50:21:9f:30:80:40:00:1e:7a:f8:3f:b2:5d:2f:87:5e:
c4:99:cc:7b:45:44:8d:62:34:bd:3c:36:96:b3:b6:34:7b:34:
34:92:67:72:46:37:1f:44:3f:8a:7f:39:fb:1d:d9:f4:fa:0e:
3e:0d:e3:e1:78:e4:9c:03:12:04:f9:a6:b0:60:ff:e5:a1:14:
1b:89:d9:1f:58:6f:05:37:60:3d:60:1b:92:89:15:38:09:40:
90:26:a9:89:15:5b:81:95:dc:66:84:f8:9a:90:19:7d:44:ac:
0b:51:c6:e8:7f:5d:9b:ae:66:36:42:de:01:bd:e0:55:07:c7:
d0:33:44:98:98:ce:ad:01:dc:3f:4d:66:95:6f:22:10:0e:7d:
81:36:a6:ca:28:fb:27:96:29:08:b8:10:42:91:17:23:3a:d0:
53:68:5b:ec:7f:08:8a:43:68:a8:20:39:18:62:06:71:75:01:
cb:b9:8e:99:f5:22:f1:71:d4:e5:df:40:f2:ef:63:69:58:d1:
f2:fd:e4:46:c4:bd:7f:1b:ba:ea:c1:1e:0e:d3:f5:9e:c4:af:
5b:0a:3f:9b:b9:4c:60:e0:05:69:c1:e1:97:ef:f9:41:a2:3c:
ca:ab:03:a3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuzyBqd/KgUkbZNPkvA/SvxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA5MTExMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDZhMjFiZmEwMjYyZWY0NWNkYWY5OTkzYTg5MDZmNzEyMWU5ODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhP5Z4IPlB5AR86jFcIXcLugYenom
+V4W24TkLCKx8a8GFifrGVdSAPi9k0vuaRLJ5m3WSnjEv8nEGt8gbOOizmLpFNsG
mC59qmi7LVxC2e3i7TVvJtsb+mrxXEfAOwrlqtmHujV0RMxP8vKZsGTA+R9WYScd
fcla0hKpEQx7sNIkc7eA4y7at5CcRZDVwYd/mS7rZJHbdGQLGLo9GWpn+gSrUGnN
8njbcj9lx38XbZd3cJdvNW/8jYMui4sN7ARrAVFBF1iMw2FUWBprTpKqb5/1duYP
0aU0+2kCJewnkfFDnexcr0Xbzstk2WYRm2lCmCmlIHYYe+M8QlAXuXlPMQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIRqIb+gJi70XNr5mTqJBvcSHpg8MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaEdvaHY2QW1MdlJjMnZtWk9va0c5eEllbUR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABaVVkF6lWwxLbf0/DOR
E6vvZGLFUCGfMIBAAB56+D+yXS+HXsSZzHtFRI1iNL08NpaztjR7NDSSZ3JGNx9E
P4p/Ofsd2fT6Dj4N4+F45JwDEgT5prBg/+WhFBuJ2R9YbwU3YD1gG5KJFTgJQJAm
qYkVW4GV3GaE+JqQGX1ErAtRxuh/XZuuZjZC3gG94FUHx9AzRJiYzq0B3D9NZpVv
IhAOfYE2psoo+yeWKQi4EEKRFyM60FNoW+x/CIpDaKggORhiBnF1Acu5jpn1IvFx
1OXfQPLvY2lY0fL95EbEvX8buurBHg7T9Z7Er1sKP5u5TGDgBWnB4Zfv+UGiPMqr
A6M=
-----END CERTIFICATE-----
Generated at Sun May 11 01:37:30 2025 by rpki-client