Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hP7jJRxC70z41v7BTDb4CqlHs0k.roa
File: hP7jJRxC70z41v7BTDb4CqlHs0k.roa (raw, json)
Hash identifier: Kdz4dKcl4SDjRk2hn+WsOqPhX62pchtEm6QAe79j0rQ=
Subject key identifier: 84:FE:E3:25:1C:42:EF:4C:F8:D6:FE:C1:4C:36:F8:0A:A9:47:B3:49
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BD5E466754B114CE03A7559BBAB6471D8
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hP7jJRxC70z41v7BTDb4CqlHs0k.roa
Signing time: Thu 16 Nov 2023 02:09:57 +0000
ROA not before: Thu 16 Nov 2023 02:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d5:e4:66:75:4b:11:4c:e0:3a:75:59:bb:ab:64:71:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 16 02:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84fee3251c42ef4cf8d6fec14c36f80aa947b349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e3:d3:8a:29:7e:b8:4c:58:36:11:2d:2e:ea:
19:73:81:ff:4d:00:35:7a:42:50:4f:05:6c:54:df:
39:f6:1f:f1:22:45:30:09:d6:6f:11:4c:46:1e:21:
47:3b:74:a2:ed:3c:67:47:38:1e:43:ae:64:5c:bc:
91:ab:5e:e7:31:32:c6:82:ed:27:75:07:c3:18:dc:
ea:79:70:35:2e:74:b8:61:77:ca:bb:b3:60:55:46:
4d:34:f1:8f:4e:19:d3:a9:fa:25:65:53:8d:05:2d:
c2:a5:bb:b1:ca:0a:a3:a2:b4:3a:db:2d:3c:b6:96:
2d:30:28:00:dc:7c:d6:b0:3c:99:a9:c2:2e:09:32:
a4:3f:4f:78:2b:a6:b7:f8:ff:93:4c:80:dc:bc:cb:
7f:20:2c:78:9d:0e:9c:f8:62:4c:6a:74:8f:5f:c3:
6c:10:30:83:35:1f:3d:33:62:78:c8:67:28:b5:56:
19:7b:ca:61:66:4e:15:4f:9c:c3:1c:01:b5:c3:50:
67:37:fa:a1:1c:d3:c2:26:53:be:54:21:1e:5a:8b:
29:11:c9:a7:e0:71:2d:10:9a:2f:7f:84:1c:99:ea:
ef:72:1f:7c:65:ee:6e:bb:da:f9:29:f9:d8:df:fc:
8e:91:f5:5e:ec:7c:b0:02:21:32:cf:44:e4:8e:30:
d2:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:FE:E3:25:1C:42:EF:4C:F8:D6:FE:C1:4C:36:F8:0A:A9:47:B3:49
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hP7jJRxC70z41v7BTDb4CqlHs0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6f:e6:41:b2:cc:ad:29:3b:3b:be:cd:5d:de:78:d3:4f:27:38:
75:33:38:e9:0e:95:82:cb:8c:5e:d6:c4:dc:5e:63:0d:97:c7:
65:76:c9:48:2a:2c:ad:66:82:8f:9f:72:b2:93:9c:ba:0e:a3:
d1:eb:dd:17:8a:74:54:35:06:5f:26:2e:4f:19:d4:56:fb:b3:
c2:36:bf:6d:e0:b7:05:30:4f:8c:a2:ee:01:f7:68:bc:48:4d:
30:39:2f:b9:d9:fa:93:6b:ff:c1:31:d6:50:a3:6e:8f:4d:3f:
1c:21:cc:85:40:de:d3:ee:b9:96:bf:a1:9d:83:a4:29:d3:1b:
d6:11:ef:54:1d:8b:50:3c:97:3f:b3:5d:d5:bc:e4:e3:67:9c:
72:00:5e:34:ad:f0:48:e4:53:94:83:94:9a:6c:ca:ab:f8:27:
63:71:65:e3:a7:25:dd:65:93:ec:72:a4:ff:e2:72:20:6b:39:
30:d9:4c:d5:e6:a5:dd:bd:53:36:5f:d7:11:9d:45:7e:97:12:
8d:8d:fb:a9:da:de:a1:52:6e:80:87:4d:86:3f:72:5f:fd:00:
a2:c9:43:a9:4d:e4:7e:59:a9:05:e9:f8:64:7d:77:7d:96:84:
10:79:30:2f:0d:c9:f6:5d:01:5e:8c:89:5d:a0:ff:bd:9b:3c:
a8:9e:fa:5b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvV5GZ1SxFM4Dp1WburZHHYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE2MDIwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGZlZTMyNTFjNDJlZjRjZjhkNmZlYzE0YzM2ZjgwYWE5NDdiMzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+PTiil+uExYNhEtLuoZc4H/TQA1
ekJQTwVsVN859h/xIkUwCdZvEUxGHiFHO3Si7TxnRzgeQ65kXLyRq17nMTLGgu0n
dQfDGNzqeXA1LnS4YXfKu7NgVUZNNPGPThnTqfolZVONBS3CpbuxygqjorQ62y08
tpYtMCgA3HzWsDyZqcIuCTKkP094K6a3+P+TTIDcvMt/ICx4nQ6c+GJManSPX8Ns
EDCDNR89M2J4yGcotVYZe8phZk4VT5zDHAG1w1BnN/qhHNPCJlO+VCEeWospEcmn
4HEtEJovf4Qcmervch98Ze5uu9r5KfnY3/yOkfVe7HywAiEyz0TkjjDS8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIT+4yUcQu9M+Nb+wUw2+AqpR7NJMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaFA3akpSeEM3MHo0MXY3QlREYjRDcWxIczBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG/mQbLMrSk7O77NXd54
008nOHUzOOkOlYLLjF7WxNxeYw2Xx2V2yUgqLK1mgo+fcrKTnLoOo9Hr3ReKdFQ1
Bl8mLk8Z1Fb7s8I2v23gtwUwT4yi7gH3aLxITTA5L7nZ+pNr/8Ex1lCjbo9NPxwh
zIVA3tPuuZa/oZ2DpCnTG9YR71Qdi1A8lz+zXdW85ONnnHIAXjSt8EjkU5SDlJps
yqv4J2NxZeOnJd1lk+xypP/iciBrOTDZTNXmpd29UzZf1xGdRX6XEo2N+6na3qFS
boCHTYY/cl/9AKLJQ6lN5H5ZqQXp+GR9d32WhBB5MC8NyfZdAV6MiV2g/72bPKie
+ls=
-----END CERTIFICATE-----
Generated at Mon May 12 12:53:29 2025 by rpki-client