Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/haG516kfR23k0scrsAP098IiWqM.roa
File: haG516kfR23k0scrsAP098IiWqM.roa (raw, json)
Hash identifier: vv8nRgJiRG8Ec5fhMYfAcTLsZS6o+AuSMrVXdIqGNzM=
Subject key identifier: 85:A1:B9:D7:A9:1F:47:6D:E4:D2:C7:2B:B0:03:F4:F7:C2:22:5A:A3
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C747B99D54EEF605C00C932E15FA2D4D9
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/haG516kfR23k0scrsAP098IiWqM.roa
Signing time: Sat 16 Dec 2023 21:15:06 +0000
ROA not before: Sat 16 Dec 2023 21:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:74:7b:99:d5:4e:ef:60:5c:00:c9:32:e1:5f:a2:d4:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 16 21:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85a1b9d7a91f476de4d2c72bb003f4f7c2225aa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a8:a9:8a:1c:7b:ad:00:fd:fc:63:de:34:f2:
b8:6d:81:39:2e:c5:4f:1e:94:70:c0:5b:bb:83:64:
75:e7:da:9c:60:68:73:eb:52:b2:da:f3:f8:ae:da:
ee:6a:ba:e0:6b:8c:2b:1d:91:26:7d:80:88:f1:7b:
e1:66:6c:9b:31:82:56:36:6f:53:9c:8f:be:4c:16:
b6:97:c9:b8:7c:38:0b:7c:89:e0:cf:12:db:7d:44:
ba:86:55:02:5a:64:29:6f:4a:13:88:3d:7d:fb:94:
af:ab:25:2e:ab:f4:43:13:a9:24:f5:84:b6:30:1c:
6a:42:7f:f3:71:bb:d3:47:2f:21:c3:1a:4f:a2:c5:
0c:75:0c:00:3e:60:d7:37:6e:66:16:4b:70:0b:ee:
99:15:7b:73:db:56:11:37:99:0e:c1:68:8d:c2:e3:
5e:30:1e:d0:b4:e6:21:ae:72:e2:da:03:d7:9d:d0:
a1:f1:c6:c1:81:e3:e6:31:f5:e9:d1:9e:0f:12:3e:
0b:b6:b9:a3:68:ab:ea:8a:a4:b0:38:c5:ca:e9:a3:
74:aa:20:c4:8d:f3:e4:b6:9f:b4:83:fa:3f:53:37:
3c:cf:2c:4b:51:a5:76:27:16:c3:a9:4b:07:02:b3:
fe:2e:08:8a:3d:cf:95:49:75:6a:14:09:3d:f6:bb:
56:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:A1:B9:D7:A9:1F:47:6D:E4:D2:C7:2B:B0:03:F4:F7:C2:22:5A:A3
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/haG516kfR23k0scrsAP098IiWqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a2:64:66:49:f6:aa:02:33:34:da:7c:2a:d2:f5:86:1c:79:cc:
a0:fa:54:10:76:b2:22:b6:fe:67:da:b6:38:9a:bd:ad:3f:d5:
d6:a0:2d:8e:26:3f:a9:cd:85:48:ce:88:87:c5:37:81:04:6f:
ac:40:5b:56:89:1f:c5:2f:ff:13:76:c8:43:28:af:da:22:1a:
10:8e:32:28:1a:af:66:f9:9c:39:c7:a0:67:88:58:65:91:dc:
6a:56:cf:bf:d8:e4:4e:d8:e1:a1:17:d6:e8:d1:88:88:77:73:
a4:ee:44:65:a4:b6:58:e8:a0:b8:10:81:0f:f5:90:0a:ef:e6:
5b:a2:9f:85:64:c6:1e:af:27:4c:bf:93:c5:85:fc:40:b8:94:
55:77:18:43:3f:2d:62:66:ab:29:f7:c6:90:34:0f:4f:b2:d9:
22:f1:84:6d:37:14:1c:62:98:d7:a7:68:f0:03:88:c5:b3:e4:
0c:97:0c:0a:a3:f3:a4:60:91:54:bb:57:e3:bb:77:5a:db:4d:
e8:23:78:19:a2:4c:12:0a:4e:d8:70:c6:7a:7a:29:6a:c1:19:
f4:60:f3:cf:5c:9e:76:6d:30:96:69:91:f4:13:fc:40:d7:a7:
11:47:53:e9:1b:47:a4:84:67:d7:0b:b8:7a:9e:72:fc:d1:02:
b7:10:77:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx0e5nVTu9gXADJMuFfotTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE2MjExNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWExYjlkN2E5MWY0NzZkZTRkMmM3MmJiMDAzZjRmN2MyMjI1YWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6ipihx7rQD9/GPeNPK4bYE5LsVP
HpRwwFu7g2R159qcYGhz61Ky2vP4rtruarrga4wrHZEmfYCI8XvhZmybMYJWNm9T
nI++TBa2l8m4fDgLfIngzxLbfUS6hlUCWmQpb0oTiD19+5SvqyUuq/RDE6kk9YS2
MBxqQn/zcbvTRy8hwxpPosUMdQwAPmDXN25mFktwC+6ZFXtz21YRN5kOwWiNwuNe
MB7QtOYhrnLi2gPXndCh8cbBgePmMfXp0Z4PEj4LtrmjaKvqiqSwOMXK6aN0qiDE
jfPktp+0g/o/Uzc8zyxLUaV2JxbDqUsHArP+LgiKPc+VSXVqFAk99rtW/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIWhudepH0dt5NLHK7AD9PfCIlqjMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaGFHNTE2a2ZSMjNrMHNjcnNBUDA5OElpV3FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKJkZkn2qgIzNNp8KtL1
hhx5zKD6VBB2siK2/mfatjiava0/1dagLY4mP6nNhUjOiIfFN4EEb6xAW1aJH8Uv
/xN2yEMor9oiGhCOMigar2b5nDnHoGeIWGWR3GpWz7/Y5E7Y4aEX1ujRiIh3c6Tu
RGWktljooLgQgQ/1kArv5luin4Vkxh6vJ0y/k8WF/EC4lFV3GEM/LWJmqyn3xpA0
D0+y2SLxhG03FBximNenaPADiMWz5AyXDAqj86RgkVS7V+O7d1rbTegjeBmiTBIK
Tthwxnp6KWrBGfRg889cnnZtMJZpkfQT/EDXpxFHU+kbR6SEZ9cLuHqecvzRArcQ
d5Q=
-----END CERTIFICATE-----
Generated at Sun May 11 10:44:28 2025 by rpki-client