Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XOU4L2je4UU3I_yQmXXb2GKWHXU.roa
File: XOU4L2je4UU3I_yQmXXb2GKWHXU.roa (raw, json)
Hash identifier: 0B3KR89ECp/Kvh9Nf7hVZxdQn3r0gZ4ItpEzvYdoigA=
Subject key identifier: 5C:E5:38:2F:68:DE:E1:45:37:23:FC:90:99:75:DB:D8:62:96:1D:75
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C81F7229677C9C052F6762833114F3197
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XOU4L2je4UU3I_yQmXXb2GKWHXU.roa
Signing time: Tue 19 Dec 2023 12:05:06 +0000
ROA not before: Tue 19 Dec 2023 12:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:81f6:9c74/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:81:f7:22:96:77:c9:c0:52:f6:76:28:33:11:4f:31:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 19 12:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ce5382f68dee1453723fc909975dbd862961d75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:b0:d7:98:e0:1e:14:a1:16:de:b6:80:d1:93:
f1:52:1d:cd:aa:31:2c:80:64:73:d3:ba:ce:92:8e:
f7:b5:de:a9:e9:a5:90:88:68:51:df:8e:95:66:bc:
f8:68:d5:ed:bb:49:fa:de:12:44:e2:77:67:e1:89:
94:27:18:b7:d7:35:e7:7e:aa:22:95:f4:f2:24:90:
22:c8:13:52:de:45:20:f4:ad:4b:11:4d:2b:cc:2c:
13:d3:4a:cc:82:48:2c:3e:e7:ad:b1:e8:68:ef:bd:
44:e1:d8:fc:58:4f:8e:68:73:fc:3c:27:b6:81:7a:
4a:e7:6f:98:1e:35:22:1e:b1:65:57:58:cf:f5:2f:
6a:32:a4:f6:75:e1:03:e4:ea:c3:fe:79:da:65:e6:
62:57:97:86:03:96:bb:92:5d:d6:fd:ae:e3:82:f9:
45:9c:4f:d3:db:60:2f:df:85:f2:04:ed:38:45:fa:
55:2d:0b:e6:b3:f9:73:42:bb:65:6a:2a:0f:84:f1:
75:91:e5:99:31:e6:af:d3:84:92:cb:7d:c0:2a:6c:
d7:31:97:45:e0:6b:ce:ec:6b:98:75:95:10:73:a9:
c8:f5:47:5a:15:67:79:41:a5:29:fe:70:1e:8a:a7:
9f:d4:a2:22:9f:7a:04:be:17:0b:32:7e:89:85:d2:
7d:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:E5:38:2F:68:DE:E1:45:37:23:FC:90:99:75:DB:D8:62:96:1D:75
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XOU4L2je4UU3I_yQmXXb2GKWHXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
94:e6:93:6d:97:6d:e6:a3:af:21:c5:be:4e:0d:28:50:7a:4c:
24:22:44:8e:39:5b:96:3b:65:08:86:f2:ed:07:58:83:42:72:
ca:65:e9:34:9f:88:2d:a4:d7:26:17:78:1b:e3:a6:7c:93:a1:
07:9a:07:46:49:12:83:7a:63:f2:7d:78:6d:b6:d2:96:37:63:
c3:55:1a:26:5f:5c:f7:f4:ce:8e:69:cd:90:01:99:6e:36:54:
d9:8b:9d:b5:8e:b5:82:ed:ab:75:82:35:bc:7a:a1:ef:09:d9:
21:f1:45:cb:a1:46:d3:bd:9f:4c:1c:9a:7f:02:54:36:88:93:
18:8a:03:fd:f5:35:ce:17:81:71:04:71:56:29:e0:fa:da:86:
0b:b7:ae:d4:79:05:aa:1a:88:a3:98:50:fe:bc:e5:c7:07:ea:
70:d9:ae:7b:0a:aa:bf:13:bb:ab:14:f8:0d:ba:03:bf:c1:02:
f3:27:a2:be:00:89:62:6f:19:b1:19:96:af:64:9c:06:8d:4e:
ea:1e:bf:ea:92:bb:af:26:30:cd:f4:b8:20:b3:05:a2:ee:44:
96:4d:2b:c9:4f:b5:b6:bc:64:fa:71:35:f4:60:59:8a:f6:f7:
be:5c:17:85:cb:c4:13:de:40:60:4a:95:42:df:6c:46:b4:2d:
1a:f9:06:e8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyB9yKWd8nAUvZ2KDMRTzGXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE5MTIwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2U1MzgyZjY4ZGVlMTQ1MzcyM2ZjOTA5OTc1ZGJkODYyOTYxZDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLDXmOAeFKEW3raA0ZPxUh3NqjEs
gGRz07rOko73td6p6aWQiGhR346VZrz4aNXtu0n63hJE4ndn4YmUJxi31zXnfqoi
lfTyJJAiyBNS3kUg9K1LEU0rzCwT00rMgkgsPuetseho771E4dj8WE+OaHP8PCe2
gXpK52+YHjUiHrFlV1jP9S9qMqT2deED5OrD/nnaZeZiV5eGA5a7kl3W/a7jgvlF
nE/T22Av34XyBO04RfpVLQvms/lzQrtlaioPhPF1keWZMeav04SSy33AKmzXMZdF
4GvO7GuYdZUQc6nI9UdaFWd5QaUp/nAeiqef1KIin3oEvhcLMn6JhdJ9AQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFzlOC9o3uFFNyP8kJl129hilh11MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWE9VNEwyamU0VVUzSV95UW1YWGIyR0tXSFhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJTmk22XbeajryHFvk4N
KFB6TCQiRI45W5Y7ZQiG8u0HWINCcspl6TSfiC2k1yYXeBvjpnyToQeaB0ZJEoN6
Y/J9eG220pY3Y8NVGiZfXPf0zo5pzZABmW42VNmLnbWOtYLtq3WCNbx6oe8J2SHx
RcuhRtO9n0wcmn8CVDaIkxiKA/31Nc4XgXEEcVYp4Prahgu3rtR5BaoaiKOYUP68
5ccH6nDZrnsKqr8Tu6sU+A26A7/BAvMnor4AiWJvGbEZlq9knAaNTuoev+qSu68m
MM30uCCzBaLuRJZNK8lPtba8ZPpxNfRgWYr2975cF4XLxBPeQGBKlULfbEa0LRr5
Bug=
-----END CERTIFICATE-----
Generated at Sun May 11 13:08:13 2025 by rpki-client