Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hUlZ61_JyIgo1Jql-rVDN4x1Ib0.roa
File: hUlZ61_JyIgo1Jql-rVDN4x1Ib0.roa (raw, json)
Hash identifier: XJEaWIBT2ipMpgQwBXkHlmsIZjuxrP0Xf7zZtmB8YDA=
Subject key identifier: 85:49:59:EB:5F:C9:C8:88:28:D4:9A:A5:FA:B5:43:37:8C:75:21:BD
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C599FFCFB6E0A5057766D77DFC4630621
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hUlZ61_JyIgo1Jql-rVDN4x1Ib0.roa
Signing time: Mon 11 Dec 2023 16:05:06 +0000
ROA not before: Mon 11 Dec 2023 16:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:599f:7eba/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:59:9f:fc:fb:6e:0a:50:57:76:6d:77:df:c4:63:06:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 11 16:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=854959eb5fc9c88828d49aa5fab543378c7521bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:86:ec:4f:36:ad:bb:34:0f:92:fd:de:44:35:
6a:f8:ca:0d:f2:bb:27:1e:ce:7b:17:4f:32:20:09:
52:44:2a:fd:08:83:eb:43:e0:ba:b3:78:75:5a:84:
f5:90:93:e9:2e:4b:b2:74:c5:16:8b:4d:21:2b:e7:
ff:6f:0b:76:e6:b4:b0:1c:86:eb:6d:58:47:60:53:
bd:da:fb:a7:da:16:e0:82:60:64:a5:48:f7:df:88:
2e:e3:be:df:dd:5d:53:b8:c5:83:85:9b:eb:33:81:
4c:c0:75:90:91:3b:da:72:de:5e:df:9e:bc:b3:2e:
55:0a:ce:84:99:4d:bc:8e:27:69:81:0c:99:6a:b2:
f8:72:2f:54:c9:c3:61:97:c1:c5:02:6f:af:a0:9b:
1f:5d:5f:d4:25:fb:f6:66:26:b9:e5:10:e5:a7:a6:
34:ac:79:06:45:07:23:06:ea:79:57:f5:cf:94:de:
33:2c:fc:90:96:12:5b:dd:3a:50:ff:fa:8a:fc:cf:
b2:36:35:a8:19:e6:e6:91:31:37:7f:a0:3e:d9:22:
a9:89:97:f7:88:ad:09:0c:87:23:46:98:4c:b0:04:
ff:c6:14:a0:8d:29:42:4a:71:25:95:ae:5d:b9:c4:
a6:bb:8d:73:d5:a9:5f:0c:94:16:80:36:fb:c0:d0:
a3:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:49:59:EB:5F:C9:C8:88:28:D4:9A:A5:FA:B5:43:37:8C:75:21:BD
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hUlZ61_JyIgo1Jql-rVDN4x1Ib0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c5:69:5a:5c:a7:a2:a0:21:53:bc:32:c9:9f:a1:53:b2:ab:37:
3c:3e:0d:58:8b:87:e7:7b:81:4f:de:23:b9:d1:1f:15:78:21:
d0:ca:f0:cb:34:dc:fd:61:57:2f:7a:fc:45:60:7d:7e:04:c0:
ff:22:5a:3f:b5:39:ca:3f:ca:c9:1f:2d:b3:a7:64:ff:52:2e:
84:4c:b6:02:8c:10:91:67:23:de:86:80:94:aa:90:e8:8c:fc:
b8:6a:2f:b7:9c:12:df:90:0e:3f:84:4b:27:f7:79:18:4f:2f:
bf:fa:c7:47:a1:6d:d9:22:e9:1d:c1:ad:c5:17:05:f3:1c:fb:
f5:d3:5b:24:4f:d8:a8:c6:cb:99:a4:04:5b:d9:e1:45:0f:2e:
fb:3d:a2:1b:39:eb:33:3e:10:d3:60:d1:d0:b8:06:dd:13:4a:
00:ef:de:28:f4:81:79:e6:f1:da:5b:a2:95:3a:58:b0:3c:67:
6f:7c:c3:e6:bf:ee:80:25:ec:fb:49:a0:9f:10:ce:46:3b:e6:
9b:08:9a:fe:ea:ed:3f:a9:f5:57:43:7d:78:bf:e8:45:a8:3c:
eb:46:36:fd:1b:72:0e:af:5c:cc:4c:79:7e:f6:69:05:7b:18:
b0:41:ef:f4:63:6f:59:47:5e:64:78:c2:09:cd:b2:5d:aa:dd:
f4:73:11:54
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxZn/z7bgpQV3Ztd9/EYwYhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjExMTYwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTQ5NTllYjVmYzljODg4MjhkNDlhYTVmYWI1NDMzNzhjNzUyMWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYbsTzatuzQPkv3eRDVq+MoN8rsn
Hs57F08yIAlSRCr9CIPrQ+C6s3h1WoT1kJPpLkuydMUWi00hK+f/bwt25rSwHIbr
bVhHYFO92vun2hbggmBkpUj334gu477f3V1TuMWDhZvrM4FMwHWQkTvact5e3568
sy5VCs6EmU28jidpgQyZarL4ci9UycNhl8HFAm+voJsfXV/UJfv2Zia55RDlp6Y0
rHkGRQcjBup5V/XPlN4zLPyQlhJb3TpQ//qK/M+yNjWoGebmkTE3f6A+2SKpiZf3
iK0JDIcjRphMsAT/xhSgjSlCSnElla5ducSmu41z1alfDJQWgDb7wNCjsQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIVJWetfyciIKNSapfq1QzeMdSG9MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaFVsWjYxX0p5SWdvMUpxbC1yVkRONHgxSWIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMVpWlynoqAhU7wyyZ+h
U7KrNzw+DViLh+d7gU/eI7nRHxV4IdDK8Ms03P1hVy96/EVgfX4EwP8iWj+1Oco/
yskfLbOnZP9SLoRMtgKMEJFnI96GgJSqkOiM/LhqL7ecEt+QDj+ESyf3eRhPL7/6
x0ehbdki6R3BrcUXBfMc+/XTWyRP2KjGy5mkBFvZ4UUPLvs9ohs56zM+ENNg0dC4
Bt0TSgDv3ij0gXnm8dpbopU6WLA8Z298w+a/7oAl7PtJoJ8QzkY75psImv7q7T+p
9VdDfXi/6EWoPOtGNv0bcg6vXMxMeX72aQV7GLBB7/Rjb1lHXmR4wgnNsl2q3fRz
EVQ=
-----END CERTIFICATE-----
Generated at Sat May 10 13:37:57 2025 by rpki-client