Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XYSaZ7C5TmKoYKWFL6hdYA2BBK4.roa
File: XYSaZ7C5TmKoYKWFL6hdYA2BBK4.roa (raw, json)
Hash identifier: PA789dvmx/TN7CPOgxpJ2QRPsyo7YBYrfUuFvpeTK54=
Subject key identifier: 5D:84:9A:67:B0:B9:4E:62:A8:60:A5:85:2F:A8:5D:60:0D:81:04:AE
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AEF7384E1848D6DF65C78A876DC95B737
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XYSaZ7C5TmKoYKWFL6hdYA2BBK4.roa
Signing time: Mon 02 Oct 2023 08:13:59 +0000
ROA not before: Mon 02 Oct 2023 08:13:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ef:73:84:e1:84:8d:6d:f6:5c:78:a8:76:dc:95:b7:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 2 08:13:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d849a67b0b94e62a860a5852fa85d600d8104ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:6a:63:de:b5:04:dc:51:95:bd:8b:7b:d4:b7:
6d:8b:e5:53:2d:19:df:55:95:5a:91:19:28:d8:e4:
14:f3:70:4c:92:9d:b0:07:c9:05:b4:e5:f7:03:36:
a9:71:c9:55:19:6a:e8:b8:f3:28:da:03:fd:42:5b:
59:31:d6:3b:02:a8:0e:7a:6f:21:10:45:7d:15:39:
49:f5:29:65:10:6c:9d:11:49:13:d2:15:9c:5f:10:
e5:bb:d6:82:05:40:2d:49:3c:fc:af:60:68:0e:1e:
1b:b9:8d:f1:af:93:e8:75:d7:42:72:fc:57:66:d9:
a6:3d:a4:f2:dc:a5:60:53:90:c5:00:d5:bb:69:be:
e5:7c:37:37:3e:2f:96:95:36:25:46:d6:ad:a4:a6:
70:a8:ee:96:69:ec:26:3e:c1:e2:a7:62:2b:70:04:
2f:34:27:65:1d:cf:b7:40:e2:e9:d9:81:9e:2b:e3:
8f:05:35:dc:72:f8:c4:0f:e4:e6:a3:a0:d8:13:1a:
98:4d:ca:f4:e1:42:b9:c8:38:4d:03:c6:a6:9e:26:
a1:0d:1e:93:f2:9e:a3:9f:26:b2:2f:b1:6e:e9:dc:
9e:d9:22:35:75:12:f5:52:3e:81:d3:e8:76:58:23:
8b:c8:30:04:8d:8d:92:eb:5a:d4:e0:c4:0d:2e:57:
74:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:84:9A:67:B0:B9:4E:62:A8:60:A5:85:2F:A8:5D:60:0D:81:04:AE
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XYSaZ7C5TmKoYKWFL6hdYA2BBK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:42:6b:03:bd:cb:ca:b6:30:3e:d2:1d:5b:18:6d:42:d7:c5:
e3:dd:3a:d9:a8:ea:0d:8b:06:75:17:d1:f6:a8:0e:e0:6d:3c:
d1:e9:94:ed:ef:03:27:b1:81:35:2f:6a:1e:37:a8:a5:64:2f:
24:a8:ba:93:41:52:a4:1f:45:76:a4:32:f5:8f:3c:36:d0:58:
c5:f6:cb:18:2d:05:b7:a1:d7:34:39:d5:dc:94:a0:1f:80:2a:
8b:da:a5:af:9b:98:f4:ae:73:01:b2:95:34:80:ed:00:2d:e9:
1b:29:63:3d:4d:b2:37:1d:d7:ba:fa:14:74:90:11:3c:be:32:
ad:14:11:6a:08:7b:3d:2e:a6:e8:ce:54:78:4b:97:72:1d:8e:
fa:21:e7:48:47:f5:ef:a9:d9:a2:5e:ac:d3:73:0e:e9:85:f6:
fd:3b:33:68:ce:b7:68:29:3e:fe:36:48:dc:0d:61:c9:a7:fb:
4a:67:65:b4:c5:e5:8c:86:12:60:1b:fe:bb:35:21:5e:da:1c:
01:0d:46:5a:86:41:e2:94:fd:df:9d:17:8a:e4:e0:47:71:ff:
de:95:28:a6:2f:5f:d4:cf:c9:f9:b5:5c:ce:26:df:ce:6b:5b:
9f:10:e9:d1:73:41:27:ee:ea:bf:24:3e:e4:e6:1e:c9:e3:a8:
82:af:66:21
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrvc4ThhI1t9lx4qHbclbc3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAyMDgxMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDg0OWE2N2IwYjk0ZTYyYTg2MGE1ODUyZmE4NWQ2MDBkODEwNGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2pj3rUE3FGVvYt71Ldti+VTLRnf
VZVakRko2OQU83BMkp2wB8kFtOX3AzapcclVGWrouPMo2gP9QltZMdY7AqgOem8h
EEV9FTlJ9SllEGydEUkT0hWcXxDlu9aCBUAtSTz8r2BoDh4buY3xr5PodddCcvxX
ZtmmPaTy3KVgU5DFANW7ab7lfDc3Pi+WlTYlRtatpKZwqO6WaewmPsHip2IrcAQv
NCdlHc+3QOLp2YGeK+OPBTXccvjED+Tmo6DYExqYTcr04UK5yDhNA8amniahDR6T
8p6jnyayL7Fu6dye2SI1dRL1Uj6B0+h2WCOLyDAEjY2S61rU4MQNLld0aQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF2EmmewuU5iqGClhS+oXWANgQSuMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWFlTYVo3QzVUbUtvWUtXRkw2aGRZQTJCQks0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAERCawO9y8q2MD7SHVsY
bULXxePdOtmo6g2LBnUX0faoDuBtPNHplO3vAyexgTUvah43qKVkLySoupNBUqQf
RXakMvWPPDbQWMX2yxgtBbeh1zQ51dyUoB+AKovapa+bmPSucwGylTSA7QAt6Rsp
Yz1Nsjcd17r6FHSQETy+Mq0UEWoIez0upujOVHhLl3Idjvoh50hH9e+p2aJerNNz
DumF9v07M2jOt2gpPv42SNwNYcmn+0pnZbTF5YyGEmAb/rs1IV7aHAENRlqGQeKU
/d+dF4rk4Edx/96VKKYvX9TPyfm1XM4m385rW58Q6dFzQSfu6r8kPuTmHsnjqIKv
ZiE=
-----END CERTIFICATE-----
Generated at Mon May 12 18:54:17 2025 by rpki-client