Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XjgHF1n5Wcfobt6aCZhKO4qgqDo.roa
File: XjgHF1n5Wcfobt6aCZhKO4qgqDo.roa (raw, json)
Hash identifier: jZEawEjmZ+kPDG8oBos1TwJLZkTm6ejgdF3ktso/pEM=
Subject key identifier: 5E:38:07:17:59:F9:59:C7:E8:6E:DE:9A:09:98:4A:3B:8A:A0:A8:3A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B2C5CB777078831583C7FA8662E0874EF
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XjgHF1n5Wcfobt6aCZhKO4qgqDo.roa
Signing time: Sat 14 Oct 2023 04:05:55 +0000
ROA not before: Sat 14 Oct 2023 04:05:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:2c5b:fb07/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2c:5c:b7:77:07:88:31:58:3c:7f:a8:66:2e:08:74:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 14 04:05:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e38071759f959c7e86ede9a09984a3b8aa0a83a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:4b:3d:f4:83:1c:f1:3e:47:9a:6a:6d:30:44:
ad:b9:0b:8f:91:b3:35:0f:73:29:b5:fe:03:30:da:
d8:56:6d:de:9e:46:f5:d4:18:94:1d:b4:4a:1c:0a:
26:2e:51:1e:84:f6:90:08:ff:91:c3:43:a8:4b:40:
a7:13:bd:b6:9e:89:d2:80:a3:00:67:da:9e:ac:40:
5d:6f:ab:15:00:c6:c1:51:3b:59:03:c0:8b:8c:b2:
aa:59:da:5a:33:fe:43:85:42:17:23:3c:ea:30:94:
78:dd:f9:23:70:cc:32:7e:ff:7c:05:52:8b:dc:f2:
e4:c9:cb:a3:aa:0b:0e:dd:dc:58:19:53:88:43:dd:
fc:f8:66:9a:c4:a5:e7:52:44:63:b0:5c:34:53:90:
1e:6e:1a:39:2e:9b:e5:10:e3:c0:6f:4f:24:c1:1c:
8b:b9:fa:0b:e0:0b:cd:a6:32:5a:44:38:03:e6:a1:
82:5e:8b:e3:53:79:35:cb:8f:bf:3d:6f:95:2c:28:
5c:1d:2c:92:0c:55:9a:f6:9b:eb:72:f9:65:d1:ef:
6c:34:7d:24:f0:c4:05:a5:79:e0:41:8c:aa:bc:a5:
ae:a7:f6:af:ab:79:10:78:eb:21:30:e7:c0:be:1f:
31:9c:2b:67:ea:a1:7f:da:9d:ff:56:10:77:75:ee:
d4:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:38:07:17:59:F9:59:C7:E8:6E:DE:9A:09:98:4A:3B:8A:A0:A8:3A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XjgHF1n5Wcfobt6aCZhKO4qgqDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6c:43:9d:27:be:01:47:05:3c:43:55:61:b1:06:3d:0b:e4:be:
4c:f3:1a:95:f9:d7:d5:76:48:24:7b:f0:df:66:8e:6d:98:ca:
d1:ec:c9:39:ae:68:b7:87:9d:b5:e2:4d:3c:57:62:4b:c6:b9:
b0:56:f3:90:a4:10:a9:dc:3b:d2:26:9e:e9:51:68:30:a2:e3:
09:8d:a9:1a:0f:e2:44:63:c0:84:7c:41:96:1f:d7:66:48:8c:
1a:7a:de:4d:ba:98:ef:fe:6e:04:c3:ee:02:b3:66:5b:74:45:
cf:b7:00:33:e6:11:54:ac:63:bb:5a:ee:46:50:88:5e:b3:c7:
d5:7e:1e:ce:53:cd:33:d8:73:8b:a5:82:ae:b4:5b:af:79:df:
29:0a:bd:6b:fc:c0:5f:c3:12:c0:88:0c:8e:3f:ff:9c:40:6e:
fc:67:75:f5:c8:f5:ef:99:13:98:9d:23:f0:e0:a5:5b:06:9b:
03:a4:f7:b5:6a:a0:69:96:fb:f2:21:53:a7:87:ff:07:f2:2c:
5a:d3:db:a3:eb:9f:a2:a3:28:a4:5f:18:ec:4c:6b:8e:95:62:
df:50:9b:0d:e0:9d:a1:7d:fc:a0:f3:fb:32:5b:47:76:3b:54:
d1:84:b5:c3:38:92:a8:12:2d:56:c3:68:66:10:8f:ea:ec:a3:
a0:65:06:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYssXLd3B4gxWDx/qGYuCHTvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE0MDQwNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTM4MDcxNzU5Zjk1OWM3ZTg2ZWRlOWEwOTk4NGEzYjhhYTBhODNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEs99IMc8T5HmmptMEStuQuPkbM1
D3Mptf4DMNrYVm3enkb11BiUHbRKHAomLlEehPaQCP+Rw0OoS0CnE722nonSgKMA
Z9qerEBdb6sVAMbBUTtZA8CLjLKqWdpaM/5DhUIXIzzqMJR43fkjcMwyfv98BVKL
3PLkycujqgsO3dxYGVOIQ938+GaaxKXnUkRjsFw0U5Aebho5LpvlEOPAb08kwRyL
ufoL4AvNpjJaRDgD5qGCXovjU3k1y4+/PW+VLChcHSySDFWa9pvrcvll0e9sNH0k
8MQFpXngQYyqvKWup/avq3kQeOshMOfAvh8xnCtn6qF/2p3/VhB3de7UyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF44BxdZ+VnH6G7emgmYSjuKoKg6MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWGpnSEYxbjVXY2ZvYnQ2YUNaaEtPNHFncURvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGxDnSe+AUcFPENVYbEG
PQvkvkzzGpX519V2SCR78N9mjm2YytHsyTmuaLeHnbXiTTxXYkvGubBW85CkEKnc
O9ImnulRaDCi4wmNqRoP4kRjwIR8QZYf12ZIjBp63k26mO/+bgTD7gKzZlt0Rc+3
ADPmEVSsY7ta7kZQiF6zx9V+Hs5TzTPYc4ulgq60W6953ykKvWv8wF/DEsCIDI4/
/5xAbvxndfXI9e+ZE5idI/DgpVsGmwOk97VqoGmW+/IhU6eH/wfyLFrT26Prn6Kj
KKRfGOxMa46VYt9Qmw3gnaF9/KDz+zJbR3Y7VNGEtcM4kqgSLVbDaGYQj+rso6Bl
BmQ=
-----END CERTIFICATE-----
Generated at Sun May 11 22:11:31 2025 by rpki-client