Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hyiEUZAfDbW_W8ZthQ0C6mMEgfM.roa
File: hyiEUZAfDbW_W8ZthQ0C6mMEgfM.roa (raw, json)
Hash identifier: IYLvNsJBrd5i3hBVwc+nZXddWd3ESc9vqhv4fCf2yfc=
Subject key identifier: 87:28:84:51:90:1F:0D:B5:BF:5B:C6:6D:85:0D:02:EA:63:04:81:F3
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BD3F1709D449A6795D0E2EBC17082D3E4
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hyiEUZAfDbW_W8ZthQ0C6mMEgfM.roa
Signing time: Wed 15 Nov 2023 17:04:57 +0000
ROA not before: Wed 15 Nov 2023 17:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:d3f0:e91c/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d3:f1:70:9d:44:9a:67:95:d0:e2:eb:c1:70:82:d3:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 15 17:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87288451901f0db5bf5bc66d850d02ea630481f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:00:da:16:d0:92:ed:f0:5f:da:ff:9a:15:63:
32:16:11:b7:2f:8a:77:21:ae:e6:7a:61:87:a9:20:
d2:f6:66:d9:85:b9:30:7b:ed:65:47:3b:3c:6f:9e:
4d:d8:09:45:a1:76:69:bb:dd:24:06:39:b0:2e:42:
19:9c:6a:97:d8:2f:5a:39:56:ce:78:85:f7:d5:40:
92:f5:71:a2:a4:2a:44:85:ab:e0:f8:9d:0c:58:22:
4a:e7:e9:ea:00:5e:ad:3c:82:a6:3d:cc:5e:dc:dc:
7a:65:aa:4a:b9:87:25:55:42:56:8d:bd:de:8b:3b:
70:53:6f:41:e0:8b:11:c3:ad:74:48:05:0d:91:19:
50:08:16:2a:a3:ca:f8:44:65:8c:24:a5:ea:a5:ec:
b8:7f:60:b9:f6:c8:82:3d:4b:9a:52:7c:39:cb:1b:
70:10:6c:55:b5:83:91:b2:75:22:2a:c4:13:c1:18:
e4:c8:6c:49:4b:fc:a1:0a:f9:ae:e4:a6:f1:66:64:
a8:3a:eb:6d:8c:b4:85:8e:60:f4:4e:db:55:d9:fb:
a7:83:96:d3:11:fe:35:83:61:2e:72:db:b0:11:63:
2d:c1:1c:95:89:0e:04:f1:b1:e2:2a:57:dc:75:13:
9e:e2:85:78:f1:97:2b:d3:a3:21:dd:e7:4a:82:67:
4d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:28:84:51:90:1F:0D:B5:BF:5B:C6:6D:85:0D:02:EA:63:04:81:F3
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/hyiEUZAfDbW_W8ZthQ0C6mMEgfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c4:ba:a5:fd:76:83:e7:e9:d4:f6:23:70:ea:ff:b2:2c:e7:e1:
3d:16:3e:b9:4f:3b:5f:9e:f9:ed:e7:5b:85:9b:69:29:7a:31:
ae:4d:4f:fd:79:f3:29:34:8e:8c:b0:55:0b:bf:35:e7:46:a3:
bb:de:99:01:a5:56:8b:53:e3:41:f3:51:cc:e7:57:ed:63:85:
f6:7e:96:4c:46:c8:8e:b9:14:77:6e:b2:94:df:4b:fd:6e:5a:
b3:74:ee:85:c8:a2:8d:5e:48:a8:a4:84:0d:ec:dd:82:71:68:
70:31:27:49:90:fe:8e:fb:c2:5b:a3:5e:b7:06:dd:29:ce:7a:
ba:50:12:49:7c:69:fd:39:d7:22:3b:25:f7:51:fb:4a:ad:20:
70:1c:95:52:84:af:0c:be:aa:1f:14:57:14:aa:55:a1:4a:48:
21:9c:fb:c4:3a:0a:a8:27:48:cc:c6:c2:37:39:38:44:09:ed:
1a:a5:3d:70:40:a3:bb:97:00:b5:a2:1d:60:66:37:58:97:48:
2d:77:02:51:e2:98:c6:9b:9d:5b:0a:26:99:ce:29:de:d2:08:
9d:cd:f5:8c:d9:a6:1e:98:ed:df:e4:4e:49:e0:89:0d:c3:8b:
e1:f8:02:65:75:84:e2:40:ea:03:62:d3:59:b9:8e:06:4c:c9:
79:1e:9a:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvT8XCdRJpnldDi68FwgtPkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE1MTcwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzI4ODQ1MTkwMWYwZGI1YmY1YmM2NmQ4NTBkMDJlYTYzMDQ4MWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gDaFtCS7fBf2v+aFWMyFhG3L4p3
Ia7memGHqSDS9mbZhbkwe+1lRzs8b55N2AlFoXZpu90kBjmwLkIZnGqX2C9aOVbO
eIX31UCS9XGipCpEhavg+J0MWCJK5+nqAF6tPIKmPcxe3Nx6ZapKuYclVUJWjb3e
iztwU29B4IsRw610SAUNkRlQCBYqo8r4RGWMJKXqpey4f2C59siCPUuaUnw5yxtw
EGxVtYORsnUiKsQTwRjkyGxJS/yhCvmu5KbxZmSoOuttjLSFjmD0TttV2fung5bT
Ef41g2EuctuwEWMtwRyViQ4E8bHiKlfcdROe4oV48Zcr06Mh3edKgmdNaQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIcohFGQHw21v1vGbYUNAupjBIHzMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaHlpRVVaQWZEYldfVzhadGhRMEM2bU1FZ2ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMS6pf12g+fp1PYjcOr/
sizn4T0WPrlPO1+e+e3nW4WbaSl6Ma5NT/158yk0joywVQu/NedGo7vemQGlVotT
40HzUcznV+1jhfZ+lkxGyI65FHduspTfS/1uWrN07oXIoo1eSKikhA3s3YJxaHAx
J0mQ/o77wlujXrcG3SnOerpQEkl8af051yI7JfdR+0qtIHAclVKErwy+qh8UVxSq
VaFKSCGc+8Q6CqgnSMzGwjc5OEQJ7RqlPXBAo7uXALWiHWBmN1iXSC13AlHimMab
nVsKJpnOKd7SCJ3N9YzZph6Y7d/kTkngiQ3Di+H4AmV1hOJA6gNi01m5jgZMyXke
mgE=
-----END CERTIFICATE-----
Generated at Sat Jun 21 01:50:09 2025 by rpki-client