Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/0XHGmyX3_0o_MzI6Axni2OWDbEo.roa
File: 0XHGmyX3_0o_MzI6Axni2OWDbEo.roa (raw, json)
Hash identifier: 2DjyYGcy0i74JEK7Ap2bnQIx0iVOPdW5V0kzceCFoJM=
Subject key identifier: D1:71:C6:9B:25:F7:FF:4A:3F:33:32:3A:03:19:E2:D8:E5:83:6C:4A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C250DF8B1EA316C263AB477B41D79F91E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/0XHGmyX3_0o_MzI6Axni2OWDbEo.roa
Signing time: Fri 01 Dec 2023 11:05:21 +0000
ROA not before: Fri 01 Dec 2023 11:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18c:250d:9908/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:25:0d:f8:b1:ea:31:6c:26:3a:b4:77:b4:1d:79:f9:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 1 11:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d171c69b25f7ff4a3f33323a0319e2d8e5836c4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0f:c9:4c:1e:77:cf:1b:4b:e6:92:91:8f:47:
10:a6:cd:70:56:ce:c4:bc:ee:c9:d0:2e:65:ad:95:
c8:ea:8e:3e:49:39:e2:6d:fc:5c:f0:08:c8:59:86:
eb:62:f1:57:3f:53:8d:fa:d3:0c:99:a8:4c:2b:86:
a0:7d:9a:38:1e:fb:e2:92:c7:a9:1e:88:b2:b9:d7:
65:56:b9:aa:0d:5c:78:fb:34:75:d2:62:ef:c2:f3:
24:5b:42:41:b4:7b:ea:bf:c0:ce:15:47:cf:32:dc:
08:d8:2a:ce:2d:b3:0d:58:f0:94:74:26:8f:1c:63:
5a:94:dd:68:48:c3:1c:58:70:89:e0:3e:fc:1e:0b:
88:bc:3d:45:20:1b:7e:9c:ce:4c:7f:5f:57:0e:f3:
b4:5f:c4:49:21:4b:00:a4:1c:2e:c1:3a:1f:58:be:
f1:b4:8f:35:2e:1b:ec:32:a6:6e:bb:0b:5e:8c:09:
04:06:b8:df:4f:c3:cf:50:62:b3:a4:db:80:5c:52:
d2:ef:34:0b:98:eb:0b:47:59:bd:89:a5:56:94:dd:
50:fb:94:e7:1c:e6:e1:9e:65:6a:32:18:95:47:53:
c9:3e:fc:06:ae:de:f8:ad:f6:1c:66:58:6c:20:e7:
3a:27:11:05:75:68:2f:f2:5a:cd:33:d4:15:41:4d:
d7:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:71:C6:9B:25:F7:FF:4A:3F:33:32:3A:03:19:E2:D8:E5:83:6C:4A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/0XHGmyX3_0o_MzI6Axni2OWDbEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8b:e7:60:63:4b:a0:c4:b4:59:2a:ee:85:24:52:4f:22:eb:a6:
36:be:5f:0a:a7:d9:2c:2a:ab:22:d6:f7:6d:73:0d:65:00:dc:
2b:27:d8:fa:a6:bf:cb:97:25:64:51:c9:67:cb:75:c7:54:73:
f7:93:1e:af:3f:b0:8c:2b:53:70:23:99:be:72:45:61:d3:f2:
96:2d:9c:e2:20:cc:3c:2e:a7:fe:81:75:ed:e0:07:54:2f:0d:
87:b0:02:84:bc:95:04:b5:37:53:9a:b1:1b:31:5b:03:cb:bd:
54:d2:86:fa:47:af:64:54:9b:cf:5b:46:21:be:50:05:a2:75:
6c:0a:a1:88:ee:53:52:60:5f:f1:38:a4:b8:65:67:84:cf:ab:
90:99:bf:8a:d9:d1:5f:33:82:40:99:62:18:20:5b:e4:5a:18:
3a:14:81:a2:a1:78:5c:fa:db:dd:1f:74:f8:7a:08:f5:94:98:
69:dc:d7:f4:cf:cf:f0:f7:67:a2:45:21:67:90:9f:54:5c:e0:
f8:bb:9f:2d:12:9b:81:d9:7d:12:f9:3c:ce:55:3c:2b:07:5f:
8f:cd:66:0c:9a:7c:4c:1c:0d:72:a7:72:2c:ae:c2:ca:59:c8:
dc:c1:ed:b3:f0:78:10:3e:cf:b4:8f:3c:08:f0:11:6a:5c:b0:
ce:da:8b:03
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwlDfix6jFsJjq0d7QdefkeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAxMTEwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTcxYzY5YjI1ZjdmZjRhM2YzMzMyM2EwMzE5ZTJkOGU1ODM2YzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQ/JTB53zxtL5pKRj0cQps1wVs7E
vO7J0C5lrZXI6o4+STnibfxc8AjIWYbrYvFXP1ON+tMMmahMK4agfZo4Hvviksep
HoiyuddlVrmqDVx4+zR10mLvwvMkW0JBtHvqv8DOFUfPMtwI2CrOLbMNWPCUdCaP
HGNalN1oSMMcWHCJ4D78HguIvD1FIBt+nM5Mf19XDvO0X8RJIUsApBwuwTofWL7x
tI81LhvsMqZuuwtejAkEBrjfT8PPUGKzpNuAXFLS7zQLmOsLR1m9iaVWlN1Q+5Tn
HObhnmVqMhiVR1PJPvwGrt74rfYcZlhsIOc6JxEFdWgv8lrNM9QVQU3X+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNFxxpsl9/9KPzMyOgMZ4tjlg2xKMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMFhIR215WDNfMG9fTXpJNkF4bmkyT1dEYkVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIvnYGNLoMS0WSruhSRS
TyLrpja+Xwqn2SwqqyLW921zDWUA3Csn2Pqmv8uXJWRRyWfLdcdUc/eTHq8/sIwr
U3Ajmb5yRWHT8pYtnOIgzDwup/6Bde3gB1QvDYewAoS8lQS1N1OasRsxWwPLvVTS
hvpHr2RUm89bRiG+UAWidWwKoYjuU1JgX/E4pLhlZ4TPq5CZv4rZ0V8zgkCZYhgg
W+RaGDoUgaKheFz6290fdPh6CPWUmGnc1/TPz/D3Z6JFIWeQn1Rc4Pi7ny0Sm4HZ
fRL5PM5VPCsHX4/NZgyafEwcDXKnciyuwspZyNzB7bPweBA+z7SPPAjwEWpcsM7a
iwM=
-----END CERTIFICATE-----
Generated at Wed Jun 18 21:16:52 2025 by rpki-client