Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HofcgZtqtMqvd2CHJay1vUfRaD8.roa
File: HofcgZtqtMqvd2CHJay1vUfRaD8.roa (raw, json)
Hash identifier: /Svl6N5bCcksDNV7f0H/syS9LMnpGRoDMXItxyQySI4=
Subject key identifier: 1E:87:DC:81:9B:6A:B4:CA:AF:77:60:87:25:AC:B5:BD:47:D1:68:3F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C1608C169E732E184B7C7F4793DF7B585
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HofcgZtqtMqvd2CHJay1vUfRaD8.roa
Signing time: Tue 28 Nov 2023 13:05:21 +0000
ROA not before: Tue 28 Nov 2023 13:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:1607:d9a2/128 maxlen: 128
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:16:08:c1:69:e7:32:e1:84:b7:c7:f4:79:3d:f7:b5:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 28 13:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e87dc819b6ab4caaf77608725acb5bd47d1683f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:03:3b:b7:4a:c7:40:27:ec:41:74:7a:fa:ad:
7c:e9:65:5f:ee:4a:31:da:44:92:f2:c8:cf:76:60:
2e:c9:ec:3b:e4:a9:77:72:35:26:ea:fb:3b:e8:c5:
3c:ef:19:18:6f:cc:bf:d8:31:dd:a6:b7:20:91:ed:
26:8a:5e:62:9d:79:28:f7:1c:db:81:68:03:f8:27:
01:44:70:cf:53:ee:6a:4c:8d:c9:d1:21:dc:6a:a6:
29:f9:70:97:1c:17:ae:7e:20:28:31:e9:e2:b8:7e:
98:ff:91:04:d1:c2:55:05:31:d1:f0:95:ee:48:5d:
f7:71:f9:9e:4c:5f:47:09:78:d7:b7:a7:b4:dd:9d:
e3:60:62:fd:d6:ef:40:6a:99:82:d6:49:fb:eb:d1:
e6:2b:8a:e3:52:14:01:10:1e:dc:61:87:ae:ac:b6:
fe:b5:1d:09:da:3c:6e:ae:bf:b8:52:6a:68:55:de:
0e:d7:c3:aa:13:b9:9c:d9:80:94:68:4d:7b:22:ca:
24:b8:5a:8d:c6:8b:80:d0:65:ab:52:5d:f4:f0:7b:
2b:80:ce:3f:18:08:58:59:e1:21:19:90:f9:48:57:
7c:42:7d:9c:75:9a:00:1e:34:3c:20:aa:be:78:17:
87:7d:e8:c5:91:df:35:b2:33:af:16:4b:bc:95:a7:
78:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:87:DC:81:9B:6A:B4:CA:AF:77:60:87:25:AC:B5:BD:47:D1:68:3F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/HofcgZtqtMqvd2CHJay1vUfRaD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b5:9d:93:3b:69:8a:44:64:e8:bb:07:9e:7a:50:00:6a:fb:a0:
41:bb:f4:f6:66:d3:10:dc:be:1c:f3:93:89:f2:b1:04:ab:d8:
79:ae:f9:19:4f:09:d0:fd:2c:70:1c:6d:4f:a1:77:96:dc:77:
e5:03:98:15:c2:49:37:81:f2:b7:3a:c1:33:ec:14:41:6c:d2:
5b:97:91:20:8f:48:a6:de:7d:66:c6:3f:a0:4f:cd:a9:e8:bb:
db:7d:c1:08:df:63:e6:a4:1c:37:91:75:16:a6:58:46:42:e7:
b3:f5:61:da:94:ee:82:a4:5b:1f:c8:b6:23:5a:6c:ca:62:d2:
2d:02:1a:68:dd:39:10:c3:8f:a8:2d:46:30:1b:21:4f:5b:da:
bf:a8:c2:69:a1:2d:0d:3c:b5:c0:f2:dc:2f:01:3c:7b:44:a2:
c0:b2:90:dc:6d:db:f3:d2:b1:f1:51:a5:e3:f4:f4:12:16:7a:
14:a9:c1:51:13:b7:eb:b3:33:1e:e9:6e:8f:b2:6c:3c:af:00:
b3:cd:a5:3b:7a:f1:d6:13:63:d1:e5:24:6c:b9:a5:61:8c:22:
74:ca:99:7a:d4:4e:23:07:87:19:a5:79:3b:c0:25:c8:da:48:
fd:e9:c7:97:d9:26:5b:a0:61:dc:a8:2d:2f:05:6b:b3:9d:39:
e4:8d:56:85
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwWCMFp5zLhhLfH9Hk997WFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI4MTMwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTg3ZGM4MTliNmFiNGNhYWY3NzYwODcyNWFjYjViZDQ3ZDE2ODNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgM7t0rHQCfsQXR6+q186WVf7kox
2kSS8sjPdmAuyew75Kl3cjUm6vs76MU87xkYb8y/2DHdprcgke0mil5inXko9xzb
gWgD+CcBRHDPU+5qTI3J0SHcaqYp+XCXHBeufiAoMeniuH6Y/5EE0cJVBTHR8JXu
SF33cfmeTF9HCXjXt6e03Z3jYGL91u9AapmC1kn769HmK4rjUhQBEB7cYYeurLb+
tR0J2jxurr+4UmpoVd4O18OqE7mc2YCUaE17IsokuFqNxouA0GWrUl308HsrgM4/
GAhYWeEhGZD5SFd8Qn2cdZoAHjQ8IKq+eBeHfejFkd81sjOvFku8lad4fwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFB6H3IGbarTKr3dghyWstb1H0Wg/MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSG9mY2dadHF0TXF2ZDJDSEpheTF2VWZSYUQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALWdkztpikRk6LsHnnpQ
AGr7oEG79PZm0xDcvhzzk4nysQSr2Hmu+RlPCdD9LHAcbU+hd5bcd+UDmBXCSTeB
8rc6wTPsFEFs0luXkSCPSKbefWbGP6BPzanou9t9wQjfY+akHDeRdRamWEZC57P1
YdqU7oKkWx/ItiNabMpi0i0CGmjdORDDj6gtRjAbIU9b2r+owmmhLQ08tcDy3C8B
PHtEosCykNxt2/PSsfFRpeP09BIWehSpwVETt+uzMx7pbo+ybDyvALPNpTt68dYT
Y9HlJGy5pWGMInTKmXrUTiMHhxmleTvAJcjaSP3px5fZJlugYdyoLS8Fa7OdOeSN
VoU=
-----END CERTIFICATE-----
Generated at Tue Jun 17 07:15:42 2025 by rpki-client