Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HL1AaDGIpWyHtCpaIk4we-TMeVI.roa
File: HL1AaDGIpWyHtCpaIk4we-TMeVI.roa (raw, json)
Hash identifier: /1IWifLr9+3CaFQMVou2U4FAQ4hw9/q6Z/fUKTReAF0=
Subject key identifier: 1C:BD:40:68:31:88:A5:6C:87:B4:2A:5A:22:4E:30:7B:E4:CC:79:52
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B2690A6BEB20BAF13AFAF2B441C73AF70
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HL1AaDGIpWyHtCpaIk4we-TMeVI.roa
Signing time: Fri 13 Oct 2023 01:04:55 +0000
ROA not before: Fri 13 Oct 2023 01:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:2690:6c4c/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:26:90:a6:be:b2:0b:af:13:af:af:2b:44:1c:73:af:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 13 01:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1cbd40683188a56c87b42a5a224e307be4cc7952
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:7f:52:b5:73:6a:d5:1f:4b:cd:8b:b8:13:fe:
f7:bc:a7:25:34:74:dd:76:45:59:22:ca:f9:9b:d6:
d1:a7:bb:ee:f4:78:d5:f3:f0:e0:61:fe:e9:6f:55:
a3:48:e8:e6:35:36:7f:85:77:1f:61:4e:ad:a7:36:
83:36:2c:d6:b5:22:04:95:1a:86:6d:b0:4b:69:ec:
6d:fd:66:fb:9f:67:2d:83:db:c7:e8:fd:c8:24:fc:
56:f2:ab:ba:86:d8:4b:7e:19:22:85:6b:c8:25:c5:
16:e8:2c:fb:04:6b:c3:1b:a9:9b:c3:ce:15:8f:64:
71:ed:7d:bd:6f:80:0f:c2:c6:51:a7:16:3b:97:45:
f9:fe:da:b7:ff:70:41:00:dd:4e:53:f7:71:46:7a:
0c:48:90:13:62:1e:64:25:49:08:ed:bc:72:bf:99:
54:fa:e5:b8:4f:c9:62:88:0f:7a:4d:6e:03:49:c4:
53:f0:f1:f9:e7:f2:b3:52:e5:23:b1:f9:8c:db:d5:
fb:db:d6:1b:1b:08:d7:ae:b1:fc:dd:be:fc:7c:59:
40:66:1c:eb:11:22:0e:04:d7:56:d5:f9:06:1f:c7:
89:99:43:8f:b5:c4:ea:7b:e2:a7:fa:e9:f7:0f:98:
92:57:ca:f0:15:1d:51:f0:72:bc:f6:16:2e:ec:e4:
2a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:BD:40:68:31:88:A5:6C:87:B4:2A:5A:22:4E:30:7B:E4:CC:79:52
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HL1AaDGIpWyHtCpaIk4we-TMeVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b3:bb:e9:79:08:34:b1:21:91:09:cc:f0:ef:e7:3a:98:f9:93:
fb:ca:f9:47:69:bc:52:9c:8e:05:55:3d:39:1f:aa:7f:5a:2e:
7b:05:71:db:d5:10:e6:2b:09:52:20:91:02:cb:07:97:1b:f5:
e3:83:78:c6:27:d6:ca:c9:98:c9:f1:6c:3b:e0:cb:af:2d:d6:
6b:b6:78:04:72:00:1e:58:1d:2d:12:9a:b2:e0:24:5f:74:36:
71:46:e6:1a:a0:b4:25:43:2f:11:24:e1:17:a7:ca:28:2b:8e:
5b:06:6b:be:10:6e:90:62:c4:96:53:8d:9c:40:d2:38:d4:16:
5b:cc:95:d4:f6:f8:4c:18:bb:fb:3d:ec:1f:8d:ab:fd:4d:25:
bb:7c:90:20:a0:32:ba:d8:b6:30:98:00:4c:86:1c:2e:ba:90:
32:14:30:51:2e:1a:e2:01:f4:87:0b:40:94:40:7d:d0:fc:0b:
d1:05:12:ae:95:ab:26:d8:57:42:63:86:22:e2:96:81:13:86:
f3:3f:bd:42:53:e1:84:d2:55:60:39:06:a8:86:8d:43:4c:d9:
f0:a9:82:08:b2:43:4a:48:12:4c:f3:61:13:6a:49:5c:a3:8d:
5f:9a:79:d2:d7:05:21:cd:7d:1b:a9:58:83:c4:47:0c:9c:0a:
8e:25:66:6f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsmkKa+sguvE6+vK0Qcc69wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEzMDEwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2JkNDA2ODMxODhhNTZjODdiNDJhNWEyMjRlMzA3YmU0Y2M3OTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkX9StXNq1R9LzYu4E/73vKclNHTd
dkVZIsr5m9bRp7vu9HjV8/DgYf7pb1WjSOjmNTZ/hXcfYU6tpzaDNizWtSIElRqG
bbBLaext/Wb7n2ctg9vH6P3IJPxW8qu6hthLfhkihWvIJcUW6Cz7BGvDG6mbw84V
j2Rx7X29b4APwsZRpxY7l0X5/tq3/3BBAN1OU/dxRnoMSJATYh5kJUkI7bxyv5lU
+uW4T8liiA96TW4DScRT8PH55/KzUuUjsfmM29X729YbGwjXrrH83b78fFlAZhzr
ESIOBNdW1fkGH8eJmUOPtcTqe+Kn+un3D5iSV8rwFR1R8HK89hYu7OQq3wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBy9QGgxiKVsh7QqWiJOMHvkzHlSMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSEwxQWFER0lwV3lIdENwYUlrNHdlLVRNZVZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALO76XkINLEhkQnM8O/n
Opj5k/vK+UdpvFKcjgVVPTkfqn9aLnsFcdvVEOYrCVIgkQLLB5cb9eODeMYn1srJ
mMnxbDvgy68t1mu2eARyAB5YHS0SmrLgJF90NnFG5hqgtCVDLxEk4RenyigrjlsG
a74QbpBixJZTjZxA0jjUFlvMldT2+EwYu/s97B+Nq/1NJbt8kCCgMrrYtjCYAEyG
HC66kDIUMFEuGuIB9IcLQJRAfdD8C9EFEq6VqybYV0JjhiLiloEThvM/vUJT4YTS
VWA5BqiGjUNM2fCpggiyQ0pIEkzzYRNqSVyjjV+aedLXBSHNfRupWIPERwycCo4l
Zm8=
-----END CERTIFICATE-----
Generated at Thu Jun 19 10:24:57 2025 by rpki-client