Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hRmI5CEePsXu6LCUG4B8xNgqpnY.roa
File: hRmI5CEePsXu6LCUG4B8xNgqpnY.roa (raw, json)
Hash identifier: SWjq81BnSwyh60rRiHfjzNAKLFnS8DHzJph0XAOx/To=
Subject key identifier: 85:19:88:E4:21:1E:3E:C5:EE:E8:B0:94:1B:80:7C:C4:D8:2A:A6:76
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B9961F66F1771B8D3A377683CD860B226
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hRmI5CEePsXu6LCUG4B8xNgqpnY.roa
Signing time: Sat 04 Nov 2023 08:10:16 +0000
ROA not before: Sat 04 Nov 2023 08:10:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:99:61:f6:6f:17:71:b8:d3:a3:77:68:3c:d8:60:b2:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 4 08:10:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=851988e4211e3ec5eee8b0941b807cc4d82aa676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5f:6d:d4:e9:fa:12:40:40:5a:4c:ae:d9:57:
a8:29:e5:52:8b:43:1a:62:b4:0d:19:fb:ec:05:37:
2b:18:27:1b:39:5b:ae:e4:09:7a:63:58:95:dd:ab:
21:15:1b:51:e7:0d:91:57:70:75:70:d0:0c:ff:1a:
5b:2c:82:af:e5:21:e7:6c:53:d0:c6:a4:23:30:84:
21:87:c6:65:f8:13:36:7f:7a:78:2c:ad:de:23:62:
56:95:87:59:f3:69:c2:f4:05:14:4d:a8:9a:7a:a0:
5a:72:5e:1d:96:d9:3d:54:7c:75:49:aa:56:98:b1:
4f:b4:0c:77:e4:56:f0:fa:7a:a0:b8:f1:b6:aa:47:
28:b7:57:a2:75:7a:53:c2:a9:86:39:6c:f6:3f:86:
ff:64:6a:e7:b8:6c:a5:64:4f:4b:2c:1f:02:88:e3:
a5:9e:fb:09:f4:7f:fd:2f:9c:be:3d:a3:e4:80:4e:
f5:c1:b0:7e:ee:87:c1:23:22:b1:9e:9b:8b:88:52:
de:2b:20:22:43:8a:bb:56:82:73:b0:97:2e:79:7f:
98:5e:3d:5d:00:13:be:a2:2f:22:9e:f5:46:e1:b0:
dd:4a:c2:05:25:51:b5:02:ab:71:91:e9:2f:51:55:
ff:ba:c1:53:45:c7:2c:d7:94:08:e4:82:14:54:2d:
e4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:19:88:E4:21:1E:3E:C5:EE:E8:B0:94:1B:80:7C:C4:D8:2A:A6:76
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hRmI5CEePsXu6LCUG4B8xNgqpnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a0:df:71:68:c1:61:aa:63:5f:11:0e:eb:c6:ce:35:98:e5:dc:
d1:4d:68:5e:74:9f:41:46:77:f9:ec:5a:3c:0a:7c:df:08:86:
cb:23:33:9f:1f:b1:4f:b3:9f:c6:fd:ba:a5:0b:08:ff:ec:91:
37:fc:5c:1b:8f:a4:95:a5:bc:8e:14:6b:4f:94:d0:be:4c:eb:
f4:c2:28:93:3c:18:13:3e:c9:a8:7a:9e:ad:be:1b:04:35:da:
ad:c0:aa:b2:f6:56:f8:65:9b:57:d6:b0:ad:3a:27:9a:5c:5c:
0e:25:12:c2:ba:27:ee:af:ad:da:64:12:10:58:23:59:82:51:
5d:2a:f4:20:b1:9b:72:f6:3f:75:30:80:3f:f2:23:f4:15:87:
79:b2:38:6f:10:87:74:2b:d6:89:34:53:53:02:31:5b:78:09:
c1:93:6d:50:3a:42:b3:be:3b:08:7a:e7:e2:49:d8:6c:ce:bc:
b8:7d:9a:22:06:91:5f:f4:17:c3:34:51:e0:e8:ad:99:ec:08:
5a:6f:44:00:44:5b:57:d5:de:d5:2a:b5:f7:44:45:77:76:e2:
c9:c1:04:f2:d2:ba:26:88:d1:65:85:16:85:0f:ac:8e:27:d5:
09:02:29:cd:09:24:71:0d:37:77:81:3c:00:14:58:91:74:d9:
69:04:06:82
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuZYfZvF3G406N3aDzYYLImMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA0MDgxMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTE5ODhlNDIxMWUzZWM1ZWVlOGIwOTQxYjgwN2NjNGQ4MmFhNjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo19t1On6EkBAWkyu2VeoKeVSi0Ma
YrQNGfvsBTcrGCcbOVuu5Al6Y1iV3ashFRtR5w2RV3B1cNAM/xpbLIKv5SHnbFPQ
xqQjMIQhh8Zl+BM2f3p4LK3eI2JWlYdZ82nC9AUUTaiaeqBacl4dltk9VHx1SapW
mLFPtAx35Fbw+nqguPG2qkcot1eidXpTwqmGOWz2P4b/ZGrnuGylZE9LLB8CiOOl
nvsJ9H/9L5y+PaPkgE71wbB+7ofBIyKxnpuLiFLeKyAiQ4q7VoJzsJcueX+YXj1d
ABO+oi8invVG4bDdSsIFJVG1AqtxkekvUVX/usFTRccs15QI5IIUVC3k8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIUZiOQhHj7F7uiwlBuAfMTYKqZ2MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaFJtSTVDRWVQc1h1NkxDVUc0Qjh4TmdxcG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKDfcWjBYapjXxEO68bO
NZjl3NFNaF50n0FGd/nsWjwKfN8IhssjM58fsU+zn8b9uqULCP/skTf8XBuPpJWl
vI4Ua0+U0L5M6/TCKJM8GBM+yah6nq2+GwQ12q3AqrL2Vvhlm1fWsK06J5pcXA4l
EsK6J+6vrdpkEhBYI1mCUV0q9CCxm3L2P3UwgD/yI/QVh3myOG8Qh3Qr1ok0U1MC
MVt4CcGTbVA6QrO+Owh65+JJ2GzOvLh9miIGkV/0F8M0UeDorZnsCFpvRABEW1fV
3tUqtfdERXd24snBBPLSuiaI0WWFFoUPrI4n1QkCKc0JJHENN3eBPAAUWJF02WkE
BoI=
-----END CERTIFICATE-----
Generated at Sun May 11 23:02:49 2025 by rpki-client