Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9zHCQgC3wynLCpEpBLoxSh-HWEI.roa
File: 9zHCQgC3wynLCpEpBLoxSh-HWEI.roa (raw, json)
Hash identifier: bjcj3GEfe2wjyCwjiWFwefp4piKnvdfNx9Wj1eWu+2U=
Subject key identifier: F7:31:C2:42:00:B7:C3:29:CB:0A:91:29:04:BA:31:4A:1F:87:58:42
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C3CA80B19881D19BD25D63C5AF4A43E14
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9zHCQgC3wynLCpEpBLoxSh-HWEI.roa
Signing time: Wed 06 Dec 2023 01:04:54 +0000
ROA not before: Wed 06 Dec 2023 01:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:3ca7:7061/128 maxlen: 128
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3c:a8:0b:19:88:1d:19:bd:25:d6:3c:5a:f4:a4:3e:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 6 01:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f731c24200b7c329cb0a912904ba314a1f875842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:33:97:f4:a9:f1:ff:62:0e:52:39:dd:97:86:
5b:b1:11:f0:8b:ae:a0:3c:6f:37:2c:25:6f:7f:4f:
d3:e8:ae:bb:a8:43:60:11:53:aa:1f:db:b0:02:86:
dd:2f:c7:52:ea:ee:9f:b8:42:95:d6:9f:38:37:4b:
3e:fe:0e:e8:3b:fd:cc:82:b1:97:6b:7e:19:1f:df:
e3:43:86:25:d8:fa:69:7f:7e:5c:5c:fc:19:6f:75:
41:f0:8b:27:b1:91:e6:cb:05:93:d9:a4:66:56:54:
9e:0c:ea:33:b0:7c:ad:d3:3a:1d:41:75:70:f6:fb:
87:76:16:c7:ee:63:45:05:3f:6a:a1:15:e5:9b:2e:
e5:cc:08:3f:e8:ea:b7:b1:c8:db:73:a6:25:c7:27:
eb:fd:f4:bb:d0:48:86:51:c7:81:d7:43:f9:26:14:
25:9f:e1:1d:a8:1b:ef:96:40:61:96:b5:0c:9b:a0:
fa:79:ec:16:d7:64:1a:6d:d0:b1:ad:37:76:38:8e:
da:63:07:bb:38:28:3c:20:11:a7:05:b1:a6:2f:bc:
92:d7:f9:04:cc:65:39:08:73:02:5d:21:28:3c:2b:
71:8a:ac:05:83:b1:5b:f3:42:72:4f:62:9d:10:43:
80:81:c3:f7:19:d1:eb:72:17:29:e8:c0:07:aa:2a:
9c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:31:C2:42:00:B7:C3:29:CB:0A:91:29:04:BA:31:4A:1F:87:58:42
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9zHCQgC3wynLCpEpBLoxSh-HWEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:a4:2a:b2:b2:b3:3b:df:e3:44:0c:76:cc:1f:36:d8:d6:84:
ad:4b:b1:ff:93:36:09:cd:13:8a:99:57:fe:ab:77:4b:6f:6a:
85:c3:a4:d5:12:e4:79:a0:eb:36:45:8d:a3:07:1a:89:8d:bb:
2f:d0:e4:4d:6c:ce:1e:68:8f:b8:c2:59:73:83:aa:70:55:c5:
6c:fc:20:42:08:0e:36:57:00:e5:29:4d:37:1d:77:40:a7:57:
46:1a:a7:20:66:11:5b:0d:db:1c:81:aa:d1:f1:c1:0c:d1:95:
1e:fc:4d:c7:62:c2:e1:9c:2c:b6:df:b9:b3:7e:7c:5b:6b:94:
48:5b:9a:0b:a0:d4:ed:3f:d7:52:53:90:6c:cc:f3:d8:22:db:
6b:42:92:10:26:ac:3c:16:2d:05:87:03:04:e3:07:4e:11:35:
8c:28:08:55:98:ba:a1:23:40:09:1d:4e:f7:88:05:d4:2a:e8:
33:90:20:ae:e4:f7:6a:a2:9d:56:31:68:c4:5d:4b:5b:95:84:
7c:46:9d:a8:c1:10:b8:59:2f:86:71:e9:28:40:71:64:b7:77:
9d:94:97:cd:bd:5c:83:ad:7b:0e:64:8e:a3:fe:8b:43:82:10:
14:ae:ba:31:f0:68:19:e3:8b:e8:63:53:41:08:bd:67:e6:56:
d0:c3:5d:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw8qAsZiB0ZvSXWPFr0pD4UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA2MDEwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzMxYzI0MjAwYjdjMzI5Y2IwYTkxMjkwNGJhMzE0YTFmODc1ODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDOX9Knx/2IOUjndl4ZbsRHwi66g
PG83LCVvf0/T6K67qENgEVOqH9uwAobdL8dS6u6fuEKV1p84N0s+/g7oO/3MgrGX
a34ZH9/jQ4Yl2Pppf35cXPwZb3VB8IsnsZHmywWT2aRmVlSeDOozsHyt0zodQXVw
9vuHdhbH7mNFBT9qoRXlmy7lzAg/6Oq3scjbc6Ylxyfr/fS70EiGUceB10P5JhQl
n+EdqBvvlkBhlrUMm6D6eewW12QabdCxrTd2OI7aYwe7OCg8IBGnBbGmL7yS1/kE
zGU5CHMCXSEoPCtxiqwFg7Fb80JyT2KdEEOAgcP3GdHrchcp6MAHqiqcKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPcxwkIAt8MpywqRKQS6MUofh1hCMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvOXpIQ1FnQzN3eW5MQ3BFcEJMb3hTaC1IV0VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAECkKrKyszvf40QMdswf
NtjWhK1Lsf+TNgnNE4qZV/6rd0tvaoXDpNUS5Hmg6zZFjaMHGomNuy/Q5E1szh5o
j7jCWXODqnBVxWz8IEIIDjZXAOUpTTcdd0CnV0YapyBmEVsN2xyBqtHxwQzRlR78
TcdiwuGcLLbfubN+fFtrlEhbmgug1O0/11JTkGzM89gi22tCkhAmrDwWLQWHAwTj
B04RNYwoCFWYuqEjQAkdTveIBdQq6DOQIK7k92qinVYxaMRdS1uVhHxGnajBELhZ
L4Zx6ShAcWS3d52Ul829XIOtew5kjqP+i0OCEBSuujHwaBnji+hjU0EIvWfmVtDD
XaE=
-----END CERTIFICATE-----
Generated at Mon Jun 16 19:30:51 2025 by rpki-client