Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XAgDSNC88ZCHxMcmAKN0NLHXarc.roa
File: XAgDSNC88ZCHxMcmAKN0NLHXarc.roa (raw, json)
Hash identifier: U7sybn7O5ixa4bHj2HwhaeNF8N4EZEp0Ns06hoHqiBg=
Subject key identifier: 5C:08:03:48:D0:BC:F1:90:87:C4:C7:26:00:A3:74:34:B1:D7:6A:B7
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B1B38991ED02926ADDECF9CA444745D2F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XAgDSNC88ZCHxMcmAKN0NLHXarc.roa
Signing time: Tue 10 Oct 2023 20:12:55 +0000
ROA not before: Tue 10 Oct 2023 20:12:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1b:38:99:1e:d0:29:26:ad:de:cf:9c:a4:44:74:5d:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 10 20:12:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c080348d0bcf19087c4c72600a37434b1d76ab7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:cc:6c:04:8e:10:ad:b1:e8:e2:9f:73:03:55:
a3:81:ed:4f:a7:d7:98:19:49:7f:46:ad:13:eb:93:
28:e4:db:c0:a3:a1:5b:ec:3a:1c:53:92:9a:bd:f5:
f5:f5:0c:fe:b5:76:cd:bc:2b:33:f0:14:b0:64:a3:
c5:ef:8a:51:b8:8e:b0:6a:9a:56:b5:6d:d1:28:7c:
af:9e:59:0e:97:a7:57:8d:db:68:33:0f:db:43:b4:
2e:90:b0:a4:d5:b1:66:9c:66:2c:47:32:ae:40:c5:
36:0a:66:9e:0f:13:ac:06:74:b8:8a:36:3e:5e:9e:
4d:5a:39:73:1a:3e:a1:ce:b0:1f:53:4b:67:59:2c:
14:b9:c9:ae:39:7f:de:7a:f7:5f:08:e8:6c:76:65:
ae:9d:8c:88:ee:6a:8a:43:6c:ca:41:29:ed:df:39:
73:65:61:33:18:f5:82:be:fb:9f:0c:8f:2b:30:d5:
62:14:e2:dc:f7:03:06:af:89:df:49:ca:d2:08:bf:
6d:85:38:92:5b:f1:bc:b3:96:23:31:5b:2b:7b:75:
d8:82:68:37:dd:0c:84:77:b6:25:8a:d9:3d:8c:56:
2f:9a:58:1d:07:e9:63:48:3a:87:e3:22:cc:71:6c:
b3:4a:34:96:23:62:28:1f:d1:cc:55:d0:33:4a:29:
44:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:08:03:48:D0:BC:F1:90:87:C4:C7:26:00:A3:74:34:B1:D7:6A:B7
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XAgDSNC88ZCHxMcmAKN0NLHXarc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
43:e5:7c:65:cc:8c:4d:38:df:20:32:ba:08:f0:14:7f:b4:ff:
f9:5f:28:25:4e:03:ca:51:7c:0b:9d:cd:22:8a:c1:cb:4e:4b:
51:04:f5:d1:54:99:5b:c2:fd:a4:ee:95:e2:a4:1a:5a:96:c0:
08:56:f1:3c:a2:72:38:da:fa:ab:9f:38:a1:61:a6:58:00:ed:
43:2b:2e:e5:b9:bf:7f:35:d7:34:1a:7e:79:3c:40:fe:fb:26:
5b:f6:02:ae:b1:f0:17:8c:42:ea:f7:01:c2:d4:18:08:93:9e:
36:55:44:f3:d5:9f:e9:f0:9d:a9:65:c0:64:59:03:18:f4:0e:
ef:63:80:e5:e8:5f:3c:52:e5:55:00:9f:83:53:38:e7:4b:32:
21:89:39:52:02:ab:d2:15:7d:56:1e:90:90:7a:98:4c:84:e3:
3c:b8:d8:2b:3d:5a:87:dc:d5:d4:56:9d:cf:85:86:ce:22:f1:
49:fc:58:39:02:67:0e:49:0c:00:e1:89:d3:c6:6a:7b:00:ec:
f2:93:1a:9d:9f:d0:e1:e9:08:18:69:ee:65:76:fc:78:e3:1d:
bf:b4:42:26:54:44:6c:14:88:4e:e1:17:a6:4e:c2:37:29:2a:
68:b6:cf:10:72:d6:3e:a0:59:2a:42:c9:54:40:e2:db:8a:7d:
8a:aa:7b:de
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsbOJke0Ckmrd7PnKREdF0vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEwMjAxMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzA4MDM0OGQwYmNmMTkwODdjNGM3MjYwMGEzNzQzNGIxZDc2YWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsxsBI4QrbHo4p9zA1Wjge1Pp9eY
GUl/Rq0T65Mo5NvAo6Fb7DocU5KavfX19Qz+tXbNvCsz8BSwZKPF74pRuI6wappW
tW3RKHyvnlkOl6dXjdtoMw/bQ7QukLCk1bFmnGYsRzKuQMU2CmaeDxOsBnS4ijY+
Xp5NWjlzGj6hzrAfU0tnWSwUucmuOX/eevdfCOhsdmWunYyI7mqKQ2zKQSnt3zlz
ZWEzGPWCvvufDI8rMNViFOLc9wMGr4nfScrSCL9thTiSW/G8s5YjMVsre3XYgmg3
3QyEd7Ylitk9jFYvmlgdB+ljSDqH4yLMcWyzSjSWI2IoH9HMVdAzSilEgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFwIA0jQvPGQh8THJgCjdDSx12q3MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWEFnRFNOQzg4WkNIeE1jbUFLTjBOTEhYYXJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEPlfGXMjE043yAyugjw
FH+0//lfKCVOA8pRfAudzSKKwctOS1EE9dFUmVvC/aTuleKkGlqWwAhW8Tyicjja
+qufOKFhplgA7UMrLuW5v3811zQafnk8QP77Jlv2Aq6x8BeMQur3AcLUGAiTnjZV
RPPVn+nwnallwGRZAxj0Du9jgOXoXzxS5VUAn4NTOOdLMiGJOVICq9IVfVYekJB6
mEyE4zy42Cs9Wofc1dRWnc+Fhs4i8Un8WDkCZw5JDADhidPGansA7PKTGp2f0OHp
CBhp7mV2/HjjHb+0QiZURGwUiE7hF6ZOwjcpKmi2zxBy1j6gWSpCyVRA4tuKfYqq
e94=
-----END CERTIFICATE-----
Generated at Mon May 12 04:31:34 2025 by rpki-client