Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XnGUrS6BOi6SO6rEmPKmAlOEOl0.roa
File: XnGUrS6BOi6SO6rEmPKmAlOEOl0.roa (raw, json)
Hash identifier: fPK1qN3iI2q4KykXaRthsCZMYNZvGYzp0YG3zCif/Fs=
Subject key identifier: 5E:71:94:AD:2E:81:3A:2E:92:3B:AA:C4:98:F2:A6:02:53:84:3A:5D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C31C19C43B2CECB3060CF541F77C6F4E9
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XnGUrS6BOi6SO6rEmPKmAlOEOl0.roa
Signing time: Sun 03 Dec 2023 22:17:01 +0000
ROA not before: Sun 03 Dec 2023 22:17:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:31:c1:9c:43:b2:ce:cb:30:60:cf:54:1f:77:c6:f4:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 3 22:17:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e7194ad2e813a2e923baac498f2a60253843a5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:8b:36:b0:c9:06:9f:69:6b:50:2d:8d:15:81:
7c:ce:72:64:ce:d1:70:6e:b6:7d:36:48:7b:79:eb:
ed:73:42:f3:ff:7c:e3:d4:ae:8a:76:b1:3e:a6:74:
bc:3a:b9:bc:48:95:76:c1:68:67:93:53:d6:d8:5e:
0c:c2:94:f2:09:b1:cf:f3:8d:a6:b5:34:0a:88:57:
e0:02:55:1e:d3:6a:12:2c:c4:fe:e7:19:ee:a7:bf:
33:6e:35:32:ab:5e:d4:f7:42:94:35:97:79:f0:1c:
c6:f3:e0:49:38:98:d4:e7:11:f4:5c:e9:71:da:7d:
4d:dc:c7:f6:22:81:c5:39:3e:26:13:e4:f3:b6:3a:
ba:46:93:57:6e:88:fc:39:d1:e1:64:9e:a7:b0:a7:
a3:d7:6d:a7:b8:6d:95:a8:6b:36:07:80:a9:8b:17:
ea:f3:07:7f:4b:af:03:02:6b:fa:bb:83:b9:20:6d:
7a:75:76:f5:79:23:44:07:68:87:5c:02:6f:50:f1:
e5:73:ec:a6:01:93:2b:7b:2a:6f:23:a9:27:a6:b9:
d4:2c:13:fb:50:6a:e5:37:a9:8e:87:c5:9f:20:ec:
e6:d8:a8:40:c4:fb:c6:5e:56:ea:db:34:2a:b1:1a:
1d:ed:b9:c0:a2:2f:1c:4e:be:80:b8:f8:b0:53:df:
47:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:71:94:AD:2E:81:3A:2E:92:3B:AA:C4:98:F2:A6:02:53:84:3A:5D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XnGUrS6BOi6SO6rEmPKmAlOEOl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
56:90:26:cb:1b:93:f2:07:ed:9f:41:70:c3:15:74:0d:5f:f0:
e9:df:25:76:6b:d0:16:f7:1e:a8:fe:73:f1:39:f7:90:21:ef:
af:6a:52:26:d5:a1:bd:28:5d:dd:18:7b:8f:74:b7:b4:4f:c7:
11:83:00:97:f7:d7:0c:79:3c:47:d2:23:35:32:db:7d:98:d9:
de:1d:d6:a4:68:bc:07:5c:1b:5a:17:74:4a:2e:87:ae:89:74:
ea:ef:e3:be:07:9e:7e:10:e0:f3:07:57:e1:e2:26:54:c4:d9:
9b:82:0c:2e:98:ae:f2:f5:27:3a:5b:f7:06:5c:5c:34:97:e8:
e8:46:10:f4:68:e1:fd:a2:eb:d0:22:df:4a:a1:1c:78:4f:11:
4c:0c:49:bd:bf:67:97:a6:c9:17:e2:db:1c:b5:c1:ab:53:46:
dd:68:ab:df:08:cd:10:0c:46:14:1c:26:1a:ef:20:31:a6:c7:
a8:03:1c:3a:c1:ae:1c:7f:9e:e7:ae:93:a2:f4:79:d6:9e:84:
1b:75:68:c5:b0:b0:69:0c:a0:56:75:7a:40:1c:79:51:ec:8f:
99:4e:98:02:ff:b6:0a:45:c6:13:43:8c:76:b8:dc:46:bd:43:
3d:7f:5a:33:cf:c7:3b:1d:79:04:e7:ca:8d:6c:16:2c:89:c4:
f8:bf:70:d2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwxwZxDss7LMGDPVB93xvTpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAzMjIxNzAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTcxOTRhZDJlODEzYTJlOTIzYmFhYzQ5OGYyYTYwMjUzODQzYTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4s2sMkGn2lrUC2NFYF8znJkztFw
brZ9Nkh7eevtc0Lz/3zj1K6KdrE+pnS8Orm8SJV2wWhnk1PW2F4MwpTyCbHP842m
tTQKiFfgAlUe02oSLMT+5xnup78zbjUyq17U90KUNZd58BzG8+BJOJjU5xH0XOlx
2n1N3Mf2IoHFOT4mE+Tztjq6RpNXboj8OdHhZJ6nsKej122nuG2VqGs2B4Cpixfq
8wd/S68DAmv6u4O5IG16dXb1eSNEB2iHXAJvUPHlc+ymAZMreypvI6knprnULBP7
UGrlN6mOh8WfIOzm2KhAxPvGXlbq2zQqsRod7bnAoi8cTr6AuPiwU99HjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF5xlK0ugToukjuqxJjypgJThDpdMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWG5HVXJTNkJPaTZTTzZyRW1QS21BbE9FT2wwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFaQJssbk/IH7Z9BcMMV
dA1f8OnfJXZr0Bb3Hqj+c/E595Ah769qUibVob0oXd0Ye490t7RPxxGDAJf31wx5
PEfSIzUy232Y2d4d1qRovAdcG1oXdEouh66JdOrv474Hnn4Q4PMHV+HiJlTE2ZuC
DC6YrvL1Jzpb9wZcXDSX6OhGEPRo4f2i69Ai30qhHHhPEUwMSb2/Z5emyRfi2xy1
watTRt1oq98IzRAMRhQcJhrvIDGmx6gDHDrBrhx/nueuk6L0edaehBt1aMWwsGkM
oFZ1ekAceVHsj5lOmAL/tgpFxhNDjHa43Ea9Qz1/WjPPxzsdeQTnyo1sFiyJxPi/
cNI=
-----END CERTIFICATE-----
Generated at Mon May 12 21:55:53 2025 by rpki-client