Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hKxVlSSSisNtHV9_flLZ-n05bsY.roa
File: hKxVlSSSisNtHV9_flLZ-n05bsY.roa (raw, json)
Hash identifier: pcZ3nGUadlSww7priktK5t1NdtMcfvPP2KWTMjYjLTo=
Subject key identifier: 84:AC:55:95:24:92:8A:C3:6D:1D:5F:7F:7E:52:D9:FA:7D:39:6E:C6
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B992BA232FD2296CD6F6ABE34EAEC43D6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hKxVlSSSisNtHV9_flLZ-n05bsY.roa
Signing time: Sat 04 Nov 2023 07:10:55 +0000
ROA not before: Sat 04 Nov 2023 07:10:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:9925:a022/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:99:2b:a2:32:fd:22:96:cd:6f:6a:be:34:ea:ec:43:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 4 07:10:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84ac559524928ac36d1d5f7f7e52d9fa7d396ec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ed:5c:fa:89:56:c8:fa:85:bd:d4:00:6b:af:
57:4f:47:f7:69:e4:f9:02:0d:08:49:11:87:c3:92:
3f:66:6a:f1:24:3f:7b:05:93:9c:53:ae:bb:4e:7e:
fe:30:bf:c5:15:90:ab:6f:86:f2:7d:9d:dc:de:a2:
2c:a6:1f:b7:26:2a:99:59:53:a6:4b:2d:4e:a0:97:
8f:a3:c5:9b:29:ac:74:6e:26:40:85:16:39:78:26:
d3:60:cd:29:6a:13:7f:2c:b0:95:9c:ca:a6:f5:a6:
83:8f:5c:76:c0:a1:30:28:aa:4e:3b:ee:65:3f:fb:
28:f4:5d:4a:07:aa:a5:22:7b:e9:bc:ae:10:41:00:
87:ab:19:36:7e:64:cf:c2:c1:24:f7:1b:f2:09:58:
b6:86:01:86:2e:bc:c1:b9:bb:78:40:54:78:67:ec:
9e:e6:ad:ec:2d:2a:6a:95:11:97:f0:2f:f9:8e:d2:
7d:72:38:08:9e:a1:2c:d8:19:f0:31:82:be:19:7c:
9d:35:d3:5e:b9:35:18:46:3a:8a:f6:bf:22:93:da:
db:71:09:d3:4c:c5:02:93:42:c7:81:16:e3:61:92:
db:1a:4c:0d:c0:01:99:a9:b2:8d:69:dd:02:b9:9e:
c8:14:d0:a7:db:d3:96:1f:03:5c:3d:90:05:b3:98:
9f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:AC:55:95:24:92:8A:C3:6D:1D:5F:7F:7E:52:D9:FA:7D:39:6E:C6
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hKxVlSSSisNtHV9_flLZ-n05bsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:2e:be:c3:10:9e:d5:6c:86:89:e5:12:cd:d1:0d:e8:23:20:
4d:03:28:07:b5:45:45:87:78:6f:06:07:09:0d:ec:47:87:98:
30:2d:6e:ec:fd:59:01:b5:ac:a8:40:45:a3:4a:f7:18:36:29:
16:9b:80:a9:71:0f:68:04:7e:ab:79:70:61:11:01:82:78:d0:
c9:3a:53:77:e4:b7:2e:6c:2f:31:a1:df:2b:76:0f:da:71:26:
0b:75:c3:52:97:30:4e:1d:a2:de:85:6f:94:79:b3:2c:9c:b7:
98:24:76:d2:07:d2:5e:25:d8:bc:75:71:77:b4:b2:8d:ae:39:
4b:52:e3:52:ca:cd:ad:e4:c4:e0:96:8b:54:5f:f5:6d:6c:f2:
60:5f:34:4b:11:5f:b8:ec:d3:42:e4:10:c3:6d:8a:bc:22:89:
13:ca:29:72:85:2d:bc:82:b7:6b:50:ca:18:fa:ed:47:5d:1c:
8c:a5:08:e6:96:05:9c:4d:00:0a:73:a4:a4:f1:09:98:cf:bc:
3c:f7:f4:5d:58:85:6f:4e:2e:8d:e4:61:8a:9c:58:d2:77:48:
2f:1b:a8:a2:93:b0:ae:d7:ea:9c:fa:b5:87:5e:09:eb:54:96:
9c:ae:aa:ad:75:76:cb:a9:d1:ee:b9:81:db:9e:1c:f3:d2:bc:
73:04:95:a9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuZK6Iy/SKWzW9qvjTq7EPWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA0MDcxMDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGFjNTU5NTI0OTI4YWMzNmQxZDVmN2Y3ZTUyZDlmYTdkMzk2ZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+1c+olWyPqFvdQAa69XT0f3aeT5
Ag0ISRGHw5I/ZmrxJD97BZOcU667Tn7+ML/FFZCrb4byfZ3c3qIsph+3JiqZWVOm
Sy1OoJePo8WbKax0biZAhRY5eCbTYM0pahN/LLCVnMqm9aaDj1x2wKEwKKpOO+5l
P/so9F1KB6qlInvpvK4QQQCHqxk2fmTPwsEk9xvyCVi2hgGGLrzBubt4QFR4Z+ye
5q3sLSpqlRGX8C/5jtJ9cjgInqEs2BnwMYK+GXydNdNeuTUYRjqK9r8ik9rbcQnT
TMUCk0LHgRbjYZLbGkwNwAGZqbKNad0CuZ7IFNCn29OWHwNcPZAFs5iffwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFISsVZUkkorDbR1ff35S2fp9OW7GMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaEt4VmxTU1Npc050SFY5X2ZsTFotbjA1YnNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGMuvsMQntVshonlEs3R
DegjIE0DKAe1RUWHeG8GBwkN7EeHmDAtbuz9WQG1rKhARaNK9xg2KRabgKlxD2gE
fqt5cGERAYJ40Mk6U3fkty5sLzGh3yt2D9pxJgt1w1KXME4dot6Fb5R5syyct5gk
dtIH0l4l2Lx1cXe0so2uOUtS41LKza3kxOCWi1Rf9W1s8mBfNEsRX7js00LkEMNt
irwiiRPKKXKFLbyCt2tQyhj67UddHIylCOaWBZxNAApzpKTxCZjPvDz39F1YhW9O
Lo3kYYqcWNJ3SC8bqKKTsK7X6pz6tYdeCetUlpyuqq11dsup0e65gdueHPPSvHME
lak=
-----END CERTIFICATE-----
Generated at Mon May 12 21:58:12 2025 by rpki-client