Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/HWYEUX7K4X4-nj1xZRMPYPA6eAA.roa
File: HWYEUX7K4X4-nj1xZRMPYPA6eAA.roa (raw, json)
Hash identifier: 3xHZTXZj5T8DHP90Un2/NghifWhM6NTksNK4fYRszhQ=
Subject key identifier: 1D:66:04:51:7E:CA:E1:7E:3E:9E:3D:71:65:13:0F:60:F0:3A:78:00
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A68053B552EFF7A3B309F9F7EBE55D778
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/HWYEUX7K4X4-nj1xZRMPYPA6eAA.roa
Signing time: Wed 06 Sep 2023 01:04:47 +0000
ROA not before: Wed 06 Sep 2023 01:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:6804:d11b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:68:05:3b:55:2e:ff:7a:3b:30:9f:9f:7e:be:55:d7:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 6 01:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d6604517ecae17e3e9e3d7165130f60f03a7800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b6:57:c7:66:67:c3:ab:99:5c:cf:fc:5a:6e:
d7:78:e1:c8:80:48:72:44:e0:2f:5b:e2:71:00:96:
42:37:f3:3e:9e:95:a2:f3:98:7a:2b:f3:aa:8c:63:
90:58:53:5f:98:2a:b0:fb:7f:48:f5:83:2f:5d:3f:
e7:59:bb:d1:cc:55:cc:bc:0c:7a:a4:e3:e9:ae:49:
47:6c:49:e9:0e:05:e3:9a:7e:37:65:91:b1:0f:8e:
fa:cd:77:f5:0a:e2:2d:9b:bd:53:fd:93:41:ab:08:
a0:62:91:98:77:19:c7:c5:2d:61:fa:84:27:8e:2e:
44:15:37:53:ef:c4:77:e2:17:4a:2c:16:40:72:79:
f5:d7:92:9d:d1:fb:03:91:73:f1:dc:5a:ca:6e:e1:
b5:47:77:bb:83:d4:be:cd:25:e9:57:f8:2a:e8:df:
c7:58:05:7a:5a:38:29:29:31:06:e7:98:52:c3:69:
de:04:1a:64:78:56:49:39:ef:eb:94:9f:7f:0b:66:
e4:95:e7:e7:42:d1:d7:bc:20:5e:4b:65:c5:b8:e2:
80:75:af:e2:c0:34:df:78:56:af:42:9d:89:32:72:
85:d1:da:c3:6e:c2:2a:bd:4c:34:6d:7f:36:c7:f5:
0a:31:f3:45:d0:ad:6e:a1:0f:05:dc:bc:03:36:ca:
60:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:66:04:51:7E:CA:E1:7E:3E:9E:3D:71:65:13:0F:60:F0:3A:78:00
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/HWYEUX7K4X4-nj1xZRMPYPA6eAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
13:0d:c1:cc:93:23:5f:b4:e7:a6:32:8f:4f:99:8b:6f:62:38:
c3:75:73:2e:25:99:14:0f:08:12:db:d7:ec:64:c7:40:c3:a3:
ac:3b:45:0d:37:37:7c:ff:e4:5f:75:ab:f1:29:34:3c:b6:3f:
02:7b:46:73:d9:78:54:1e:32:68:82:85:fb:67:13:cb:ce:01:
d5:94:c1:7f:58:e1:ed:e9:4a:c3:8e:b3:ac:60:c2:f6:f0:ce:
f5:d0:d8:42:db:5d:b4:f9:1c:ae:ba:70:bb:f7:71:be:b9:b7:
fb:2b:7b:35:64:1e:e1:09:ec:16:63:6e:5e:68:d8:c7:2b:04:
ba:a7:f9:1c:f7:0e:ac:10:9f:7b:e6:a2:95:0a:64:bc:9f:34:
56:ab:f1:8c:ec:9a:c9:a7:4c:5e:55:b2:1f:bf:fa:1f:42:ba:
2a:67:d2:57:3e:05:f7:b5:05:04:3e:13:3b:fb:80:71:c4:30:
d1:d1:7e:ce:79:84:2b:cb:19:a3:3e:50:c8:fa:6e:ea:25:24:
3b:3b:05:9b:36:26:74:1d:69:d5:5c:4d:a2:af:70:2b:f9:8c:
f8:5c:af:70:cd:0c:ac:a8:67:df:1f:a7:8d:96:42:c5:52:eb:
63:f5:85:dc:34:5f:c8:34:62:d7:28:97:8b:1a:53:df:81:ee:
c0:61:3b:95
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpoBTtVLv96OzCfn36+Vdd4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA2MDEwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDY2MDQ1MTdlY2FlMTdlM2U5ZTNkNzE2NTEzMGY2MGYwM2E3ODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLZXx2Znw6uZXM/8Wm7XeOHIgEhy
ROAvW+JxAJZCN/M+npWi85h6K/OqjGOQWFNfmCqw+39I9YMvXT/nWbvRzFXMvAx6
pOPprklHbEnpDgXjmn43ZZGxD476zXf1CuItm71T/ZNBqwigYpGYdxnHxS1h+oQn
ji5EFTdT78R34hdKLBZAcnn115Kd0fsDkXPx3FrKbuG1R3e7g9S+zSXpV/gq6N/H
WAV6WjgpKTEG55hSw2neBBpkeFZJOe/rlJ9/C2bklefnQtHXvCBeS2XFuOKAda/i
wDTfeFavQp2JMnKF0drDbsIqvUw0bX82x/UKMfNF0K1uoQ8F3LwDNspgBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB1mBFF+yuF+Pp49cWUTD2DwOngAMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvSFdZRVVYN0s0WDQtbmoxeFpSTVBZUEE2ZUFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABMNwcyTI1+056Yyj0+Z
i29iOMN1cy4lmRQPCBLb1+xkx0DDo6w7RQ03N3z/5F91q/EpNDy2PwJ7RnPZeFQe
MmiChftnE8vOAdWUwX9Y4e3pSsOOs6xgwvbwzvXQ2ELbXbT5HK66cLv3cb65t/sr
ezVkHuEJ7BZjbl5o2McrBLqn+Rz3DqwQn3vmopUKZLyfNFar8YzsmsmnTF5Vsh+/
+h9Cuipn0lc+Bfe1BQQ+Ezv7gHHEMNHRfs55hCvLGaM+UMj6buolJDs7BZs2JnQd
adVcTaKvcCv5jPhcr3DNDKyoZ98fp42WQsVS62P1hdw0X8g0Ytcol4saU9+B7sBh
O5U=
-----END CERTIFICATE-----
Generated at Mon May 12 02:20:51 2025 by rpki-client