Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rHjOxX3rD6bj5xiXeJOkyXi1D6c.roa
File: rHjOxX3rD6bj5xiXeJOkyXi1D6c.roa (raw, json)
Hash identifier: CgOKCMpz4fgZvGuzzdLPYM2PRKySD0ThMZXZlG+Qugc=
Subject key identifier: AC:78:CE:C5:7D:EB:0F:A6:E3:E7:18:97:78:93:A4:C9:78:B5:0F:A7
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B4AA28736C83CFE70FF78692DC18443C7
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rHjOxX3rD6bj5xiXeJOkyXi1D6c.roa
Signing time: Fri 20 Oct 2023 01:10:47 +0000
ROA not before: Fri 20 Oct 2023 01:10:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:4a9c:ec76/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4a:a2:87:36:c8:3c:fe:70:ff:78:69:2d:c1:84:43:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 20 01:10:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac78cec57deb0fa6e3e718977893a4c978b50fa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0a:f9:c4:4e:5f:7d:76:49:28:ee:a9:01:7c:
42:b8:97:e0:2b:72:5d:c0:44:48:6b:75:ac:8a:ea:
1f:60:d7:ce:9e:59:1f:28:12:24:98:be:ce:3e:8f:
e7:cc:23:e5:78:00:e4:03:61:ff:17:c4:79:79:6f:
eb:4b:c3:45:80:f3:c3:d9:8a:1b:e4:71:e8:94:7e:
13:0c:14:f9:5c:b8:08:dd:40:c2:e0:43:90:c9:bb:
a7:56:ae:d8:b7:a4:fd:4c:40:36:ab:55:43:cd:ed:
20:2f:a3:d8:cc:91:18:20:7c:fe:34:3c:52:68:96:
4c:d9:4c:2b:33:73:97:c6:8d:fb:7c:db:f5:16:b6:
20:74:42:b8:9a:c9:8f:4d:d7:f3:f3:78:d9:02:f9:
7a:d7:1e:12:d6:a2:4b:88:a1:ba:05:3c:3d:d4:fb:
32:88:b5:8b:ea:4f:7b:e0:6e:0c:f1:d2:01:56:c4:
86:01:13:a7:bc:da:24:d1:93:8a:5a:5d:76:44:da:
2c:94:23:20:86:79:92:be:b7:93:ab:2c:53:48:d2:
49:14:9c:02:e3:b2:a6:18:12:3a:32:3c:ca:0f:e7:
35:59:50:14:28:9e:f7:28:90:c8:7f:99:d0:ac:9b:
f9:1e:23:f5:cd:23:69:fe:dc:73:d5:e9:b7:8c:53:
0f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:78:CE:C5:7D:EB:0F:A6:E3:E7:18:97:78:93:A4:C9:78:B5:0F:A7
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rHjOxX3rD6bj5xiXeJOkyXi1D6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:a5:bd:65:ec:e4:0a:77:bd:e7:48:bd:7c:45:45:f5:0f:dc:
16:15:fa:e0:a6:78:a3:97:f9:87:f2:c0:15:e3:4f:b3:a4:8d:
ba:7f:60:34:92:79:f6:7e:a4:62:f0:4d:bb:da:a9:d3:1e:16:
6b:02:4b:fb:b4:38:7c:a7:5f:97:23:dd:29:9c:d8:86:b5:47:
af:a2:b1:37:22:54:78:41:89:fb:c6:6d:59:c9:3c:71:18:e0:
63:1c:1a:7b:77:2b:73:a4:e0:3c:91:a9:61:99:aa:6d:cd:60:
72:b4:36:b4:15:5a:2b:24:b1:b8:eb:42:c0:ba:9d:21:d2:01:
db:c7:81:77:2c:e3:c3:2a:11:54:7d:39:72:ce:fc:40:79:71:
2b:04:c2:3b:e6:11:5d:de:7b:e8:57:3a:db:0a:12:4e:c6:6b:
61:b4:c9:5b:82:11:4f:dc:7a:37:b5:13:08:d2:a8:68:61:36:
20:ca:c7:a9:fc:46:8a:8d:7e:29:dd:79:5a:9d:22:51:5c:13:
36:de:83:65:ca:41:f5:3c:5d:4b:50:22:9e:d1:8b:98:2a:ac:
d3:c0:b2:98:1f:77:23:f2:fe:a9:f3:8c:48:00:d1:da:16:b8:
3c:78:9f:8a:b3:9d:84:63:4f:a7:3c:7f:f0:6a:ea:49:93:9c:
08:0c:e5:63
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtKooc2yDz+cP94aS3BhEPHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIwMDExMDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzc4Y2VjNTdkZWIwZmE2ZTNlNzE4OTc3ODkzYTRjOTc4YjUwZmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQr5xE5ffXZJKO6pAXxCuJfgK3Jd
wERIa3WsiuofYNfOnlkfKBIkmL7OPo/nzCPleADkA2H/F8R5eW/rS8NFgPPD2Yob
5HHolH4TDBT5XLgI3UDC4EOQybunVq7Yt6T9TEA2q1VDze0gL6PYzJEYIHz+NDxS
aJZM2UwrM3OXxo37fNv1FrYgdEK4msmPTdfz83jZAvl61x4S1qJLiKG6BTw91Psy
iLWL6k974G4M8dIBVsSGAROnvNok0ZOKWl12RNoslCMghnmSvreTqyxTSNJJFJwC
47KmGBI6MjzKD+c1WVAUKJ73KJDIf5nQrJv5HiP1zSNp/txz1em3jFMPPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKx4zsV96w+m4+cYl3iTpMl4tQ+nMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvckhqT3hYM3JENmJqNXhpWGVKT2t5WGkxRDZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABKlvWXs5Ap3vedIvXxF
RfUP3BYV+uCmeKOX+YfywBXjT7Okjbp/YDSSefZ+pGLwTbvaqdMeFmsCS/u0OHyn
X5cj3Smc2Ia1R6+isTciVHhBifvGbVnJPHEY4GMcGnt3K3Ok4DyRqWGZqm3NYHK0
NrQVWisksbjrQsC6nSHSAdvHgXcs48MqEVR9OXLO/EB5cSsEwjvmEV3ee+hXOtsK
Ek7Ga2G0yVuCEU/ceje1EwjSqGhhNiDKx6n8RoqNfindeVqdIlFcEzbeg2XKQfU8
XUtQIp7Ri5gqrNPAspgfdyPy/qnzjEgA0doWuDx4n4qznYRjT6c8f/Bq6kmTnAgM
5WM=
-----END CERTIFICATE-----
Generated at Thu Jun 19 02:48:19 2025 by rpki-client