Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h1BeYLtzXX_iShm9qioK16cpxIk.roa
File: h1BeYLtzXX_iShm9qioK16cpxIk.roa (raw, json)
Hash identifier: ZqTstBpU7CHPd9LKFPSkdK2p7Ooc0E2WTyE0O5gv/Bk=
Subject key identifier: 87:50:5E:60:BB:73:5D:7F:E2:4A:19:BD:AA:2A:0A:D7:A7:29:C4:89
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B0A3D7DAA95121760759E1648476D2BA9
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h1BeYLtzXX_iShm9qioK16cpxIk.roa
Signing time: Sat 07 Oct 2023 13:04:43 +0000
ROA not before: Sat 07 Oct 2023 13:04:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:a3d:88e/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:0a:3d:7d:aa:95:12:17:60:75:9e:16:48:47:6d:2b:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 7 13:04:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87505e60bb735d7fe24a19bdaa2a0ad7a729c489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:10:4c:33:a3:25:f1:85:cb:d0:18:d1:82:2f:
82:e5:b2:54:42:6b:0c:fa:a7:85:b6:f0:6c:94:01:
ed:c8:fb:2e:1a:6d:f7:01:dc:3f:85:2e:45:08:8d:
8a:e5:5b:bb:ec:9c:d8:b5:b4:6e:d7:5e:98:87:5d:
40:24:fc:5c:ea:47:cc:23:26:66:85:e7:c6:e5:17:
ee:e6:00:9b:ff:1e:11:73:1d:08:fe:63:60:ac:c5:
19:c9:2d:19:2a:d5:2c:cb:3d:59:43:bb:04:dc:f7:
c3:b6:12:1c:0f:41:23:5c:43:4e:28:2c:ec:a6:de:
ea:45:33:12:cf:0e:43:b7:d6:cf:a0:11:b6:00:c1:
c5:a1:d9:9f:a8:e3:24:dc:c0:03:9d:a7:79:55:10:
68:cf:1d:cb:8f:c6:38:3c:dc:a1:be:35:4f:81:92:
b8:fc:5e:32:92:2c:0d:78:77:c9:d9:2d:09:55:89:
0b:18:38:ef:f0:63:4c:68:29:36:40:a3:41:ee:5d:
cd:8f:47:95:f2:74:26:69:5a:7a:7a:a8:0b:f1:24:
a8:b1:c5:45:1d:4d:d8:11:a0:b4:0f:e2:32:74:40:
8c:dd:36:c2:32:52:47:91:7a:5b:34:25:13:1c:cb:
84:9b:93:38:dd:4d:50:66:07:5a:0a:60:46:58:3d:
18:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:50:5E:60:BB:73:5D:7F:E2:4A:19:BD:AA:2A:0A:D7:A7:29:C4:89
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/h1BeYLtzXX_iShm9qioK16cpxIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
05:a0:f6:e8:fa:a2:cf:0a:90:79:62:32:4b:2c:c2:ef:cc:b7:
83:4a:de:ac:ce:3b:fc:fb:8e:1d:85:74:e5:68:03:ef:06:11:
4d:5f:d9:67:48:94:cf:2d:b4:37:29:55:66:6f:45:16:df:2d:
db:10:1c:41:df:09:82:59:08:e0:eb:cf:e0:90:fa:bd:67:2a:
cd:be:4b:7d:87:3d:5b:b0:99:7d:e3:87:63:e5:e7:de:c5:0e:
ca:c5:bb:58:1f:5f:71:7d:31:92:74:03:ee:62:a4:9f:d2:9e:
d8:11:4d:9a:b5:c4:b8:19:f5:5c:80:2f:94:58:9d:16:48:bc:
44:38:af:a0:29:3b:cb:a3:92:a1:ed:ac:e4:82:55:8b:4d:e1:
70:9b:9c:31:e3:2e:7a:db:07:6c:49:09:75:c8:0c:8a:fe:67:
d2:df:a2:b9:d6:65:96:22:b2:f6:84:bb:65:d9:c0:5d:92:e2:
7d:07:c9:f7:77:61:fb:d7:7f:4e:63:ae:51:d0:70:d7:fe:c4:
c4:24:27:f5:07:ca:36:f6:16:72:39:b3:3c:9b:b7:d1:5d:99:
62:bd:9f:7f:31:04:f1:d0:46:23:d3:09:e8:c5:3c:19:d5:10:
4f:d4:d1:74:0f:84:e7:cf:37:f2:8e:92:c3:f8:f2:ac:b8:0b:
03:6c:4f:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsKPX2qlRIXYHWeFkhHbSupMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA3MTMwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzUwNWU2MGJiNzM1ZDdmZTI0YTE5YmRhYTJhMGFkN2E3MjljNDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBBMM6Ml8YXL0BjRgi+C5bJUQmsM
+qeFtvBslAHtyPsuGm33Adw/hS5FCI2K5Vu77JzYtbRu116Yh11AJPxc6kfMIyZm
hefG5Rfu5gCb/x4Rcx0I/mNgrMUZyS0ZKtUsyz1ZQ7sE3PfDthIcD0EjXENOKCzs
pt7qRTMSzw5Dt9bPoBG2AMHFodmfqOMk3MADnad5VRBozx3Lj8Y4PNyhvjVPgZK4
/F4ykiwNeHfJ2S0JVYkLGDjv8GNMaCk2QKNB7l3Nj0eV8nQmaVp6eqgL8SSoscVF
HU3YEaC0D+IydECM3TbCMlJHkXpbNCUTHMuEm5M43U1QZgdaCmBGWD0YpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIdQXmC7c11/4koZvaoqCtenKcSJMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaDFCZVlMdHpYWF9pU2htOXFpb0sxNmNweElrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAWg9uj6os8KkHliMkss
wu/Mt4NK3qzOO/z7jh2FdOVoA+8GEU1f2WdIlM8ttDcpVWZvRRbfLdsQHEHfCYJZ
CODrz+CQ+r1nKs2+S32HPVuwmX3jh2Pl597FDsrFu1gfX3F9MZJ0A+5ipJ/SntgR
TZq1xLgZ9VyAL5RYnRZIvEQ4r6ApO8ujkqHtrOSCVYtN4XCbnDHjLnrbB2xJCXXI
DIr+Z9LfornWZZYisvaEu2XZwF2S4n0Hyfd3YfvXf05jrlHQcNf+xMQkJ/UHyjb2
FnI5szybt9FdmWK9n38xBPHQRiPTCejFPBnVEE/U0XQPhOfPN/KOksP48qy4CwNs
T2k=
-----END CERTIFICATE-----
Generated at Wed Jun 18 04:43:13 2025 by rpki-client