Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vh0d5zFlZrppL_fNH5jZ2H3UR7g.roa
File: vh0d5zFlZrppL_fNH5jZ2H3UR7g.roa (raw, json)
Hash identifier: t57FC9knSj7JzzpyrGh85dE8mWFqAYDYXCwFF7NvnS4=
Subject key identifier: BE:1D:1D:E7:31:65:66:BA:69:2F:F7:CD:1F:98:D9:D8:7D:D4:47:B8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B2D6E761C2FD5B18E2B66EADAD2FC1648
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vh0d5zFlZrppL_fNH5jZ2H3UR7g.roa
Signing time: Sat 14 Oct 2023 09:04:55 +0000
ROA not before: Sat 14 Oct 2023 09:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:2d6d:c4fc/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2d:6e:76:1c:2f:d5:b1:8e:2b:66:ea:da:d2:fc:16:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 14 09:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be1d1de7316566ba692ff7cd1f98d9d87dd447b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:fd:12:f1:1d:3d:72:d5:3a:27:2c:dc:dd:76:
fc:ae:7e:f8:06:b9:b0:db:a2:13:1a:72:1a:9b:fa:
f0:0c:87:60:94:55:1d:b7:63:56:8f:36:52:1d:08:
eb:a4:04:02:60:10:cc:1a:08:ca:02:39:a4:a9:d2:
13:1e:84:85:6b:5e:29:86:47:dc:4e:85:a5:bf:81:
0e:91:22:8a:1a:90:9a:50:e8:ca:3a:6a:b0:76:c9:
6b:5d:47:7e:5b:66:e2:52:ad:71:f1:cb:8b:08:03:
95:04:4e:48:5c:f8:54:af:ad:eb:fe:98:53:48:ac:
aa:9a:51:c2:db:be:41:b5:ef:1d:70:37:92:30:68:
03:78:65:12:2b:e2:fa:80:e1:c7:e1:c8:d6:ad:f2:
51:52:c2:44:9a:e5:53:8b:07:6f:6d:2e:2e:73:08:
43:c9:17:92:25:33:3b:c2:d7:32:10:74:2b:cf:06:
ae:91:93:79:97:3d:6e:59:1e:49:4e:ec:33:06:91:
f7:f4:b9:e5:aa:39:9d:60:84:87:65:5a:f5:60:4e:
dc:24:db:af:01:86:47:b1:63:93:f2:5a:5b:ed:28:
88:f1:c6:aa:41:dc:39:af:5d:8f:c6:02:2e:38:dc:
f1:11:df:48:3f:76:05:0d:26:9a:6a:12:a3:82:12:
56:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:1D:1D:E7:31:65:66:BA:69:2F:F7:CD:1F:98:D9:D8:7D:D4:47:B8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vh0d5zFlZrppL_fNH5jZ2H3UR7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:76:a5:dc:ec:26:dd:0a:e8:07:c8:35:d7:6e:31:f7:6e:ce:
f6:c0:59:df:68:9c:33:62:06:6a:f2:a7:fd:e8:42:a0:e1:4f:
0b:a2:d4:81:1f:77:d1:47:3a:49:f2:3e:50:4e:44:0e:18:0f:
9b:e2:dc:36:99:9c:16:72:3e:8e:25:b2:b7:a0:95:dd:3c:7a:
b5:06:fb:f0:a1:95:85:33:73:5e:5f:d4:d5:b9:63:cd:c2:dd:
5c:0e:cd:5b:1a:0e:70:9f:6d:db:c7:4f:49:d0:a8:7e:33:6f:
d0:0e:80:c6:e1:5a:80:f0:68:54:d3:15:10:f4:45:ad:3e:79:
d8:c5:a6:6d:b8:7b:a3:cc:c9:b3:bf:1c:33:3d:ba:3b:98:68:
19:98:e3:df:3c:a2:29:93:b9:75:1a:86:47:d6:06:ff:42:2c:
0b:ac:f5:c0:a4:75:30:23:68:81:b5:d0:48:a3:20:66:0c:fd:
f6:0a:fd:fa:09:19:eb:eb:cb:db:d1:ae:de:e8:ee:21:24:15:
fe:35:58:64:a0:28:35:6e:8b:25:ea:0b:73:46:41:c6:1c:5c:
6c:cb:91:43:17:2c:28:b1:13:86:c5:c3:1e:35:a4:58:33:bb:
1f:a1:f7:e9:df:d4:b2:79:db:5a:29:0b:64:81:46:a9:5f:9d:
b5:71:69:87
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYstbnYcL9Wxjitm6trS/BZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE0MDkwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTFkMWRlNzMxNjU2NmJhNjkyZmY3Y2QxZjk4ZDlkODdkZDQ0N2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnP0S8R09ctU6Jyzc3Xb8rn74Brmw
26ITGnIam/rwDIdglFUdt2NWjzZSHQjrpAQCYBDMGgjKAjmkqdITHoSFa14phkfc
ToWlv4EOkSKKGpCaUOjKOmqwdslrXUd+W2biUq1x8cuLCAOVBE5IXPhUr63r/phT
SKyqmlHC275Bte8dcDeSMGgDeGUSK+L6gOHH4cjWrfJRUsJEmuVTiwdvbS4ucwhD
yReSJTM7wtcyEHQrzwaukZN5lz1uWR5JTuwzBpH39LnlqjmdYISHZVr1YE7cJNuv
AYZHsWOT8lpb7SiI8caqQdw5r12PxgIuONzxEd9IP3YFDSaaahKjghJWxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL4dHecxZWa6aS/3zR+Y2dh91Ee4MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdmgwZDV6RmxacnBwTF9mTkg1aloySDNVUjdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHJ2pdzsJt0K6AfINddu
MfduzvbAWd9onDNiBmryp/3oQqDhTwui1IEfd9FHOknyPlBORA4YD5vi3DaZnBZy
Po4lsregld08erUG+/ChlYUzc15f1NW5Y83C3VwOzVsaDnCfbdvHT0nQqH4zb9AO
gMbhWoDwaFTTFRD0Ra0+edjFpm24e6PMybO/HDM9ujuYaBmY4988oimTuXUahkfW
Bv9CLAus9cCkdTAjaIG10EijIGYM/fYK/foJGevry9vRrt7o7iEkFf41WGSgKDVu
iyXqC3NGQcYcXGzLkUMXLCixE4bFwx41pFgzux+h9+nf1LJ521opC2SBRqlfnbVx
aYc=
-----END CERTIFICATE-----
Generated at Tue May 13 08:16:10 2025 by rpki-client