Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XeEiZqpToUWCXrG6k11GN2PHnb4.roa
File: XeEiZqpToUWCXrG6k11GN2PHnb4.roa (raw, json)
Hash identifier: 88DEGsgcioXTbAxqa6QBh9Zh304/MWRFju2LkdUgEh0=
Subject key identifier: 5D:E1:22:66:AA:53:A1:45:82:5E:B1:BA:93:5D:46:37:63:C7:9D:BE
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B0BF4F1D803C737706EDFFA5CFC4CBB3C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XeEiZqpToUWCXrG6k11GN2PHnb4.roa
Signing time: Sat 07 Oct 2023 21:04:43 +0000
ROA not before: Sat 07 Oct 2023 21:04:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:bf4:aae9/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:0b:f4:f1:d8:03:c7:37:70:6e:df:fa:5c:fc:4c:bb:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 7 21:04:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5de12266aa53a145825eb1ba935d463763c79dbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d9:93:fc:42:4f:22:58:ac:cc:dd:fa:d5:b2:
64:63:84:fd:4f:dc:44:9c:39:ad:c0:73:67:24:4a:
25:a7:32:e0:95:e7:4d:42:86:f5:69:c0:0a:c7:b9:
55:f2:a0:c6:94:93:4d:89:ec:81:10:b3:ac:47:9b:
c3:40:03:e7:32:1f:bb:01:62:fc:2c:38:7f:91:0e:
7b:3f:c9:08:e6:99:1d:c7:5a:45:94:74:76:6d:9d:
63:74:16:05:bb:1b:5e:bd:f8:88:72:55:1f:bb:a9:
8f:4f:73:ea:d1:47:30:b6:7f:67:00:c0:3e:ef:d0:
41:41:45:e2:51:61:38:7a:99:07:8e:c0:1c:a3:eb:
e1:ae:99:c3:11:a1:48:56:11:20:4a:23:49:9c:48:
bc:c6:af:4b:24:2c:22:98:9d:51:83:79:b5:41:cd:
81:05:cd:52:20:d8:4b:fa:e3:8e:92:df:4e:e9:b1:
3d:bd:c1:cc:a2:14:74:03:3f:1c:0f:df:95:e2:8e:
50:c3:36:d2:0e:09:d5:24:1a:04:a6:3e:4f:a1:45:
8a:40:09:d5:4e:04:9d:f7:21:6c:b9:5c:39:a7:27:
e3:44:ee:df:8f:c5:6e:c6:99:65:1d:08:d1:84:e1:
a9:a5:6e:b5:aa:81:7e:b0:52:c5:19:91:8b:77:90:
42:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E1:22:66:AA:53:A1:45:82:5E:B1:BA:93:5D:46:37:63:C7:9D:BE
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XeEiZqpToUWCXrG6k11GN2PHnb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
87:6d:7c:57:7c:d1:8c:0c:23:07:f4:7a:ce:a2:f6:4c:43:3e:
a8:79:8d:40:db:e1:17:f1:90:7d:c1:0c:ad:8f:e9:d0:5d:fe:
4b:6d:d6:16:7b:47:42:79:8a:51:96:75:81:49:58:4b:5c:7d:
9a:d7:55:d2:25:dd:99:0d:02:e3:2f:11:4f:be:50:65:c8:3c:
65:d3:52:98:eb:51:a0:69:5e:3d:1b:6d:ac:10:33:b3:9a:07:
ba:80:65:64:a3:62:72:ad:6c:33:d6:3a:7d:74:f7:4c:8a:06:
28:f1:5f:f7:74:89:41:14:b6:46:7b:59:a6:5e:f7:b3:dd:4d:
74:3d:89:47:6d:27:b2:2e:f3:1f:d9:d0:7c:29:d1:bd:87:96:
fb:c2:6d:72:36:bb:61:f1:8a:f6:6f:40:2b:0e:d0:32:61:d7:
8f:dc:19:71:f0:ea:ad:dc:b5:d7:78:45:46:20:db:cf:4d:08:
b6:5d:45:f6:c5:8e:a1:c6:4a:94:42:ae:ce:f3:62:21:d2:9c:
a9:04:ba:e9:d5:8b:71:bf:06:e6:12:e2:66:61:83:93:ff:cf:
77:d0:81:a6:d6:09:0b:5b:8e:e5:04:a2:ec:01:e0:e4:bb:12:
ee:85:dc:4d:56:b0:da:e7:b7:62:0a:68:70:d7:ab:74:fc:e4:
4a:39:b4:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsL9PHYA8c3cG7f+lz8TLs8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA3MjEwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGUxMjI2NmFhNTNhMTQ1ODI1ZWIxYmE5MzVkNDYzNzYzYzc5ZGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNmT/EJPIliszN361bJkY4T9T9xE
nDmtwHNnJEolpzLgledNQob1acAKx7lV8qDGlJNNieyBELOsR5vDQAPnMh+7AWL8
LDh/kQ57P8kI5pkdx1pFlHR2bZ1jdBYFuxtevfiIclUfu6mPT3Pq0Ucwtn9nAMA+
79BBQUXiUWE4epkHjsAco+vhrpnDEaFIVhEgSiNJnEi8xq9LJCwimJ1Rg3m1Qc2B
Bc1SINhL+uOOkt9O6bE9vcHMohR0Az8cD9+V4o5QwzbSDgnVJBoEpj5PoUWKQAnV
TgSd9yFsuVw5pyfjRO7fj8VuxpllHQjRhOGppW61qoF+sFLFGZGLd5BCBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF3hImaqU6FFgl6xupNdRjdjx52+MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWGVFaVpxcFRvVVdDWHJHNmsxMUdOMlBIbmI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIdtfFd80YwMIwf0es6i
9kxDPqh5jUDb4RfxkH3BDK2P6dBd/ktt1hZ7R0J5ilGWdYFJWEtcfZrXVdIl3ZkN
AuMvEU++UGXIPGXTUpjrUaBpXj0bbawQM7OaB7qAZWSjYnKtbDPWOn1090yKBijx
X/d0iUEUtkZ7WaZe97PdTXQ9iUdtJ7Iu8x/Z0Hwp0b2HlvvCbXI2u2HxivZvQCsO
0DJh14/cGXHw6q3ctdd4RUYg289NCLZdRfbFjqHGSpRCrs7zYiHSnKkEuunVi3G/
BuYS4mZhg5P/z3fQgabWCQtbjuUEouwB4OS7Eu6F3E1WsNrnt2IKaHDXq3T85Eo5
tGk=
-----END CERTIFICATE-----
Generated at Sun May 11 22:09:11 2025 by rpki-client