Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hYGH96XLLe09pkjJNqXDbWjOSFQ.roa
File: hYGH96XLLe09pkjJNqXDbWjOSFQ.roa (raw, json)
Hash identifier: 8hE6v/AFN9SYbRbtGLWTqd2sOZ3lpE6F0ncHAgbe5xc=
Subject key identifier: 85:81:87:F7:A5:CB:2D:ED:3D:A6:48:C9:36:A5:C3:6D:68:CE:48:54
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BD12BE6EB5EABC5064134F0C0E08F6070
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hYGH96XLLe09pkjJNqXDbWjOSFQ.roa
Signing time: Wed 15 Nov 2023 04:09:57 +0000
ROA not before: Wed 15 Nov 2023 04:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d1:2b:e6:eb:5e:ab:c5:06:41:34:f0:c0:e0:8f:60:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 15 04:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=858187f7a5cb2ded3da648c936a5c36d68ce4854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:c7:46:77:c6:f1:b5:53:a4:53:4e:63:a2:96:
28:ed:48:aa:78:48:7f:1c:60:63:5d:83:48:ca:c4:
77:bf:d5:34:04:df:79:d2:8e:02:4d:f4:4e:80:a9:
9c:34:29:d0:7f:13:76:fc:30:ec:19:31:c3:99:f6:
7a:7f:12:88:67:1c:96:c8:14:72:43:cf:c5:b7:4f:
7c:d9:5c:bc:c6:c0:1d:6b:77:8f:4e:df:c1:f7:d0:
09:31:bc:29:70:72:c0:c0:56:ee:16:12:4c:b3:3d:
29:34:b2:90:ad:95:0c:0d:54:b3:c2:1f:d5:62:c4:
18:20:99:a7:c4:a1:e2:2f:4e:a7:e7:ee:7e:76:68:
41:6c:09:a7:b4:71:2f:ad:ca:9c:9b:e6:e1:20:59:
bc:aa:e1:bb:7c:63:69:6d:32:05:a7:fd:48:94:3d:
1f:a6:82:b6:2e:81:b1:92:3d:10:cb:22:0e:18:6c:
ea:b2:68:b6:4d:97:17:5f:ad:16:23:c0:fd:b8:ae:
2a:dd:f7:6c:00:bf:1d:dd:87:5e:bf:d6:d7:5a:5f:
55:16:5c:1c:93:96:2a:a3:fe:1b:a0:b8:2a:4e:f4:
39:17:f3:0c:f6:4d:3b:80:c8:0c:cd:89:b3:23:6d:
75:8b:33:0a:4b:9a:2c:34:93:00:e0:9f:77:5c:a6:
03:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:81:87:F7:A5:CB:2D:ED:3D:A6:48:C9:36:A5:C3:6D:68:CE:48:54
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hYGH96XLLe09pkjJNqXDbWjOSFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:aa:7e:c7:fc:61:68:9e:62:7e:e9:20:40:de:8f:0a:13:2e:
44:24:90:c2:2b:17:87:42:73:85:50:fd:00:41:ec:70:c0:81:
f9:23:6a:2a:ca:35:92:d5:aa:bb:46:ee:8b:ad:52:8f:ba:5a:
ac:07:77:fb:81:b9:8f:d4:5b:c8:bf:ed:60:0d:52:5a:c7:78:
fe:bb:99:f4:56:f0:60:66:de:d6:7e:8b:f4:97:46:f5:ac:c8:
32:56:e7:ca:eb:f8:00:c7:5f:26:e0:d0:ef:da:4f:81:79:e3:
c0:c0:a7:e4:2f:96:c9:20:89:4f:c1:b3:7e:88:61:cb:72:79:
16:19:ac:96:3a:32:6d:df:5d:b9:53:67:9e:12:46:34:b8:ea:
e1:a3:de:85:6a:2e:ce:45:8c:80:0c:71:70:9c:7c:b9:63:3f:
e0:88:a1:3d:13:bd:30:66:9a:f5:c8:b4:51:fd:e2:ea:42:73:
1f:bb:99:6f:ee:d9:2c:1b:41:ba:29:e1:86:b4:03:e4:c0:a9:
79:db:4a:1d:de:56:b6:c8:75:4e:ac:c1:7f:99:bf:2e:15:98:
de:a8:7a:3b:69:46:65:92:94:05:56:f4:dc:f0:8e:84:e0:93:
7b:09:c1:83:a2:15:90:52:25:ec:bf:44:9a:43:7e:c7:ed:35:
ca:6d:29:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvRK+brXqvFBkE08MDgj2BwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE1MDQwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTgxODdmN2E1Y2IyZGVkM2RhNjQ4YzkzNmE1YzM2ZDY4Y2U0ODU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcdGd8bxtVOkU05jopYo7UiqeEh/
HGBjXYNIysR3v9U0BN950o4CTfROgKmcNCnQfxN2/DDsGTHDmfZ6fxKIZxyWyBRy
Q8/Ft0982Vy8xsAda3ePTt/B99AJMbwpcHLAwFbuFhJMsz0pNLKQrZUMDVSzwh/V
YsQYIJmnxKHiL06n5+5+dmhBbAmntHEvrcqcm+bhIFm8quG7fGNpbTIFp/1IlD0f
poK2LoGxkj0QyyIOGGzqsmi2TZcXX60WI8D9uK4q3fdsAL8d3Ydev9bXWl9VFlwc
k5Yqo/4boLgqTvQ5F/MM9k07gMgMzYmzI211izMKS5osNJMA4J93XKYDkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIWBh/elyy3tPaZIyTalw21ozkhUMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaFlHSDk2WExMZTA5cGtqSk5xWERiV2pPU0ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABqqfsf8YWieYn7pIEDe
jwoTLkQkkMIrF4dCc4VQ/QBB7HDAgfkjairKNZLVqrtG7outUo+6WqwHd/uBuY/U
W8i/7WANUlrHeP67mfRW8GBm3tZ+i/SXRvWsyDJW58rr+ADHXybg0O/aT4F548DA
p+QvlskgiU/Bs36IYctyeRYZrJY6Mm3fXblTZ54SRjS46uGj3oVqLs5FjIAMcXCc
fLljP+CIoT0TvTBmmvXItFH94upCcx+7mW/u2SwbQbop4Ya0A+TAqXnbSh3eVrbI
dU6swX+Zvy4VmN6oejtpRmWSlAVW9NzwjoTgk3sJwYOiFZBSJey/RJpDfsftNcpt
Kcs=
-----END CERTIFICATE-----
Generated at Sat May 10 15:00:35 2025 by rpki-client