Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UxTJHX6DK6ltFaXzuKV92xUnYW8.roa
File: UxTJHX6DK6ltFaXzuKV92xUnYW8.roa (raw, json)
Hash identifier: Q4TmdlJcA5iY58POttcWZ90lP5JTEZayoknxgYorzio=
Subject key identifier: 53:14:C9:1D:7E:83:2B:A9:6D:15:A5:F3:B8:A5:7D:DB:15:27:61:6F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B2403E03C59063AB0E317F416EFC2CE98
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UxTJHX6DK6ltFaXzuKV92xUnYW8.roa
Signing time: Thu 12 Oct 2023 13:11:55 +0000
ROA not before: Thu 12 Oct 2023 13:11:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:24:03:e0:3c:59:06:3a:b0:e3:17:f4:16:ef:c2:ce:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 12 13:11:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5314c91d7e832ba96d15a5f3b8a57ddb1527616f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:13:8c:9d:9c:7d:7a:16:95:fc:26:ab:27:d0:
a0:53:76:05:9d:c0:9d:b2:63:57:dc:62:3d:c3:6a:
e2:aa:3c:18:ba:f2:a0:63:c7:e3:69:36:b8:14:4f:
61:78:6e:6e:0f:44:4e:01:76:57:13:94:28:5a:8d:
40:b5:52:ac:38:e3:08:3a:9b:f8:96:83:72:6a:87:
cb:23:74:61:40:3f:41:8d:55:f8:fa:2d:12:70:8c:
a5:29:d3:04:6a:5e:69:72:2e:a8:62:a0:c9:e7:d4:
56:df:75:00:15:6f:7b:d0:bc:9d:c8:52:c2:57:ae:
ac:e0:75:d9:49:56:0d:3b:8f:1a:9f:8e:11:6b:24:
94:b0:b3:51:25:8c:bb:b2:8f:79:d8:90:6b:5a:c4:
20:be:e0:d6:95:88:d9:8f:74:a6:01:51:f4:87:65:
72:56:60:1c:ca:0f:f1:74:8c:61:c5:04:e2:fd:e4:
ff:e3:b3:84:d9:2f:de:7d:cb:f9:74:5b:8a:80:61:
18:e5:d9:e6:2a:18:42:40:bd:7e:22:d4:f4:f1:01:
c0:a4:b1:24:09:af:0f:13:a1:41:af:7f:47:17:66:
01:8a:08:d6:76:b8:da:bf:a9:bc:c2:9d:45:fc:ab:
18:b8:9b:38:f0:a6:eb:5a:c2:0a:a2:34:8c:fd:63:
7e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:14:C9:1D:7E:83:2B:A9:6D:15:A5:F3:B8:A5:7D:DB:15:27:61:6F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UxTJHX6DK6ltFaXzuKV92xUnYW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3f:40:e7:ce:54:ae:2c:ee:7a:47:ef:7d:0a:74:e3:69:ae:39:
3e:dd:3a:ac:dd:e1:7d:fe:72:d3:94:ef:1f:8f:d0:bf:60:e0:
08:49:ec:2b:dd:6c:69:09:02:39:83:80:14:5a:40:a5:c2:10:
a1:d2:cc:01:d4:02:1e:ab:7e:e1:64:ba:44:f5:83:67:65:fa:
8e:79:31:b7:31:83:77:44:ca:ed:a3:2b:22:28:af:90:95:e6:
50:ca:ed:c6:c6:32:48:37:d3:e0:ec:38:b3:23:23:16:4c:53:
08:84:63:95:2b:cf:b9:b5:f8:a7:3d:e2:d1:ad:6a:ed:a2:1c:
7b:a5:f4:5a:49:d8:61:e6:a7:ae:6c:07:0d:ac:6d:48:23:11:
29:55:ad:66:cb:6f:7d:12:ee:ff:d6:52:fd:f9:9b:e0:76:55:
1b:a7:ad:e7:30:1c:a5:35:23:b3:80:9d:4f:cd:31:7b:69:df:
97:66:e9:4a:bc:f6:93:a5:a2:b5:48:7b:a4:d5:42:a8:00:21:
fe:e7:47:3c:d8:14:1e:b7:bd:d5:a0:a3:c7:2d:01:fe:a4:29:
d7:ec:af:30:62:72:be:a2:98:70:6e:f8:04:a7:b0:23:f3:68:
fe:68:ba:4a:fd:4c:b3:ac:a9:33:3d:f6:30:09:22:b5:4e:4e:
c0:09:5f:ea
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYskA+A8WQY6sOMX9Bbvws6YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEyMTMxMTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzE0YzkxZDdlODMyYmE5NmQxNWE1ZjNiOGE1N2RkYjE1Mjc2MTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhOMnZx9ehaV/CarJ9CgU3YFncCd
smNX3GI9w2riqjwYuvKgY8fjaTa4FE9heG5uD0ROAXZXE5QoWo1AtVKsOOMIOpv4
loNyaofLI3RhQD9BjVX4+i0ScIylKdMEal5pci6oYqDJ59RW33UAFW970LydyFLC
V66s4HXZSVYNO48an44RaySUsLNRJYy7so952JBrWsQgvuDWlYjZj3SmAVH0h2Vy
VmAcyg/xdIxhxQTi/eT/47OE2S/efcv5dFuKgGEY5dnmKhhCQL1+ItT08QHApLEk
Ca8PE6FBr39HF2YBigjWdrjav6m8wp1F/KsYuJs48KbrWsIKojSM/WN+SQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFMUyR1+gyupbRWl87ilfdsVJ2FvMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVXhUSkhYNkRLNmx0RmFYenVLVjkyeFVuWVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD9A585UrizuekfvfQp0
42muOT7dOqzd4X3+ctOU7x+P0L9g4AhJ7CvdbGkJAjmDgBRaQKXCEKHSzAHUAh6r
fuFkukT1g2dl+o55Mbcxg3dEyu2jKyIor5CV5lDK7cbGMkg30+DsOLMjIxZMUwiE
Y5Urz7m1+Kc94tGtau2iHHul9FpJ2GHmp65sBw2sbUgjESlVrWbLb30S7v/WUv35
m+B2VRunrecwHKU1I7OAnU/NMXtp35dm6Uq89pOlorVIe6TVQqgAIf7nRzzYFB63
vdWgo8ctAf6kKdfsrzBicr6imHBu+ASnsCPzaP5oukr9TLOsqTM99jAJIrVOTsAJ
X+o=
-----END CERTIFICATE-----
Generated at Mon May 12 04:32:59 2025 by rpki-client