Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XgJoG_q7XY5-kU0LF7TXvrdFEBM.roa
File: XgJoG_q7XY5-kU0LF7TXvrdFEBM.roa (raw, json)
Hash identifier: yM4TdKVUfYjzyqJ9V7RAOJdQiGZu/6TrCtbG3MarYNs=
Subject key identifier: 5E:02:68:1B:FA:BB:5D:8E:7E:91:4D:0B:17:B4:D7:BE:B7:45:10:13
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B32DAFF1AE89F97EAE9D88F2B3BC63F55
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XgJoG_q7XY5-kU0LF7TXvrdFEBM.roa
Signing time: Sun 15 Oct 2023 10:21:34 +0000
ROA not before: Sun 15 Oct 2023 10:21:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:32:da:ff:1a:e8:9f:97:ea:e9:d8:8f:2b:3b:c6:3f:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 15 10:21:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e02681bfabb5d8e7e914d0b17b4d7beb7451013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:38:55:90:cd:9b:bb:0b:02:c5:f1:d2:82:de:
7a:6a:12:4c:93:5a:b0:2f:e2:e1:e1:4d:8c:86:46:
97:9d:ba:83:14:d1:81:3f:89:9b:ea:8f:f2:6a:3c:
9f:c0:5e:f2:85:7e:fa:a4:92:26:13:90:2a:37:9b:
4a:8f:9c:c1:43:61:a2:4b:08:2c:f1:14:35:b0:fe:
31:45:10:68:69:f7:69:0d:ab:59:01:94:88:2f:5e:
87:0d:ee:22:40:2f:12:30:c3:2a:2f:e3:de:24:cf:
80:0b:cc:95:b7:8d:2c:8b:29:a3:2b:0e:bb:7f:b5:
20:c2:9c:15:75:e7:3a:10:88:2e:94:f4:14:15:d0:
cc:ba:5e:66:66:f0:82:1b:5e:07:0c:59:ab:d4:f9:
18:30:06:88:87:75:d0:77:28:90:57:94:e5:3b:a6:
af:9d:34:bb:c2:43:c5:af:95:50:83:74:9a:d0:49:
b1:da:28:9f:c7:ae:28:83:e2:80:1c:63:f9:60:c7:
f8:8f:73:b4:56:6f:30:71:1a:a5:aa:41:76:57:68:
1b:3d:78:38:a1:38:a8:98:06:03:27:61:18:f5:c8:
d3:f1:c5:67:7b:6f:ad:a3:d8:a0:a3:16:19:e7:3d:
97:69:e9:2a:75:be:6e:2d:33:96:ee:d4:2c:d0:83:
23:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:02:68:1B:FA:BB:5D:8E:7E:91:4D:0B:17:B4:D7:BE:B7:45:10:13
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XgJoG_q7XY5-kU0LF7TXvrdFEBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:83:76:d8:10:8d:0a:e6:83:81:75:15:74:08:b0:39:52:74:
74:41:fb:0f:0f:f0:d3:55:e1:07:70:b3:8e:6b:bb:5c:64:5b:
8e:c2:ec:d8:73:43:1b:73:28:a0:01:4b:a0:2f:01:82:23:82:
4d:09:02:1b:c8:2a:f3:6f:b7:f2:ee:71:49:7c:2b:1b:c8:4e:
d2:67:16:43:15:c5:ae:9e:f5:3e:e1:ee:df:c2:bc:b5:36:cd:
dc:10:61:e7:5e:8e:34:3d:76:0a:49:a0:3d:61:b1:16:4d:2b:
55:c6:a4:39:44:cd:1a:a2:73:64:55:4b:68:c0:fc:b4:da:a5:
f8:93:33:1c:66:a3:af:73:49:9c:13:ea:af:7a:f6:eb:09:72:
a7:54:68:f6:6f:2e:02:de:fe:c0:fe:fd:07:55:44:ec:a7:fe:
b0:5c:63:5e:87:7c:f5:cf:ed:b3:be:97:08:55:94:7b:e5:ea:
60:b9:6d:5b:ae:43:c6:cb:e0:6e:cc:6c:c2:78:ca:8b:a3:ab:
56:e3:e5:07:61:a4:57:76:08:f1:7e:60:12:60:8b:69:43:ed:
a3:bb:85:4e:0d:12:50:5b:4b:37:71:e3:75:dd:f2:b6:b8:06:
72:d3:63:4c:0a:b8:71:31:65:b1:65:a3:b5:60:a5:8f:5b:02:
b4:11:47:9d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsy2v8a6J+X6unYjys7xj9VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE1MTAyMTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTAyNjgxYmZhYmI1ZDhlN2U5MTRkMGIxN2I0ZDdiZWI3NDUxMDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkThVkM2buwsCxfHSgt56ahJMk1qw
L+Lh4U2MhkaXnbqDFNGBP4mb6o/yajyfwF7yhX76pJImE5AqN5tKj5zBQ2GiSwgs
8RQ1sP4xRRBoafdpDatZAZSIL16HDe4iQC8SMMMqL+PeJM+AC8yVt40siymjKw67
f7UgwpwVdec6EIgulPQUFdDMul5mZvCCG14HDFmr1PkYMAaIh3XQdyiQV5TlO6av
nTS7wkPFr5VQg3Sa0Emx2iifx64og+KAHGP5YMf4j3O0Vm8wcRqlqkF2V2gbPXg4
oTiomAYDJ2EY9cjT8cVne2+to9igoxYZ5z2Xaekqdb5uLTOW7tQs0IMjLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF4CaBv6u12OfpFNCxe01763RRATMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWGdKb0dfcTdYWTUta1UwTEY3VFh2cmRGRUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAECDdtgQjQrmg4F1FXQI
sDlSdHRB+w8P8NNV4Qdws45ru1xkW47C7NhzQxtzKKABS6AvAYIjgk0JAhvIKvNv
t/LucUl8KxvITtJnFkMVxa6e9T7h7t/CvLU2zdwQYedejjQ9dgpJoD1hsRZNK1XG
pDlEzRqic2RVS2jA/LTapfiTMxxmo69zSZwT6q969usJcqdUaPZvLgLe/sD+/QdV
ROyn/rBcY16HfPXP7bO+lwhVlHvl6mC5bVuuQ8bL4G7MbMJ4youjq1bj5QdhpFd2
CPF+YBJgi2lD7aO7hU4NElBbSzdx43Xd8ra4BnLTY0wKuHExZbFlo7VgpY9bArQR
R50=
-----END CERTIFICATE-----
Generated at Sat May 10 19:31:57 2025 by rpki-client