Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XySqlMKuuanfA_OXwCQZZ9ebYWw.roa
File: XySqlMKuuanfA_OXwCQZZ9ebYWw.roa (raw, json)
Hash identifier: 3Vp0xvlnMtKSWr1XRkG5lE18sH+3akuwAKSeAshxlss=
Subject key identifier: 5F:24:AA:94:C2:AE:B9:A9:DF:03:F3:97:C0:24:19:67:D7:9B:61:6C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B7C6FAF839DE98D2B81569BB4E5B0A846
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XySqlMKuuanfA_OXwCQZZ9ebYWw.roa
Signing time: Sun 29 Oct 2023 17:16:16 +0000
ROA not before: Sun 29 Oct 2023 17:16:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7c:6f:af:83:9d:e9:8d:2b:81:56:9b:b4:e5:b0:a8:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 29 17:16:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f24aa94c2aeb9a9df03f397c0241967d79b616c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:bc:8f:89:1d:df:6a:1e:e6:f6:70:50:44:69:
1b:49:57:bc:ad:0d:3c:6f:b4:d1:7d:46:10:da:e1:
74:37:0f:1c:20:dd:fc:ed:2b:6d:f2:60:f9:73:10:
e5:61:89:18:fa:c8:0d:4a:ee:fc:78:98:81:ac:8e:
e0:f5:55:da:f7:92:bd:aa:e6:af:a1:88:11:6a:2f:
08:95:8b:e5:e6:cb:4d:eb:c5:ba:0e:d9:24:49:a1:
e9:8a:68:1c:4e:67:76:4c:8b:be:7b:ab:0e:28:cc:
ea:32:51:be:c1:1e:b4:2a:04:e0:2d:50:53:2f:cf:
66:62:be:0e:0d:cf:da:53:eb:b3:26:ce:96:73:02:
44:f8:62:7b:29:b2:37:1b:3e:47:99:13:0e:6d:a0:
d7:11:03:4b:ef:cf:2f:d2:6f:bc:1c:7e:a4:d5:f2:
71:dd:fb:80:ed:bf:66:2c:10:5b:2d:a0:b4:b8:7d:
d2:08:6d:85:17:ef:3c:df:56:3d:3c:f4:eb:23:c3:
35:e8:c4:d1:f5:3e:03:39:9c:8e:cf:f3:0a:34:0d:
cb:63:aa:de:15:39:e8:02:eb:d5:00:f7:6c:c2:48:
79:eb:a3:1e:39:36:ae:9b:d8:0d:30:ea:d6:92:fc:
fe:c5:44:b3:0c:a6:75:20:ac:e9:c2:8c:f5:11:ff:
b1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:24:AA:94:C2:AE:B9:A9:DF:03:F3:97:C0:24:19:67:D7:9B:61:6C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XySqlMKuuanfA_OXwCQZZ9ebYWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9d:5c:80:e5:36:88:d0:89:22:ee:0a:f3:90:8f:1b:aa:0b:39:
84:39:e9:10:60:c6:fc:55:ab:8c:12:fe:c6:7e:79:c6:57:13:
bd:6f:ea:b3:5d:2d:b9:2b:8a:02:3e:36:f4:ba:b6:db:1e:79:
42:f9:94:3d:63:90:8a:b3:1e:12:da:23:c3:68:e7:fc:4f:92:
00:da:ca:2c:a8:db:15:c1:2b:7d:cd:eb:75:70:d3:6b:a5:0e:
68:a3:1f:7b:47:1b:05:b4:c1:c9:99:27:ed:aa:29:d3:0a:2e:
a2:9d:64:32:a8:99:47:1a:97:14:2e:97:be:ed:b3:d6:23:2c:
cd:c1:e3:2b:f5:ea:46:83:2f:05:1c:03:fe:ac:5d:3c:79:e3:
2b:7d:2e:9a:60:f5:77:58:ba:dd:86:44:01:b3:84:2a:45:fc:
f3:da:aa:09:24:ec:02:b9:6a:01:75:24:aa:90:1f:0a:36:35:
c7:fd:e6:7b:56:5c:f5:d3:4b:9c:d2:48:b6:87:4b:4e:ad:d9:
77:3d:45:42:a8:d6:8e:f3:83:6e:f0:10:fd:e0:9f:1b:90:f1:
20:d2:32:cd:1f:cf:5f:c0:5e:0e:57:60:eb:b7:28:ca:ff:b5:
e4:4b:b8:d2:e6:b7:c7:4d:3c:8b:a9:15:f1:0c:5a:9c:27:c7:
02:16:92:0e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYt8b6+DnemNK4FWm7TlsKhGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI5MTcxNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjI0YWE5NGMyYWViOWE5ZGYwM2YzOTdjMDI0MTk2N2Q3OWI2MTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLyPiR3fah7m9nBQRGkbSVe8rQ08
b7TRfUYQ2uF0Nw8cIN387Stt8mD5cxDlYYkY+sgNSu78eJiBrI7g9VXa95K9quav
oYgRai8IlYvl5stN68W6DtkkSaHpimgcTmd2TIu+e6sOKMzqMlG+wR60KgTgLVBT
L89mYr4ODc/aU+uzJs6WcwJE+GJ7KbI3Gz5HmRMObaDXEQNL788v0m+8HH6k1fJx
3fuA7b9mLBBbLaC0uH3SCG2FF+8831Y9PPTrI8M16MTR9T4DOZyOz/MKNA3LY6re
FTnoAuvVAPdswkh566MeOTaum9gNMOrWkvz+xUSzDKZ1IKzpwoz1Ef+xSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF8kqpTCrrmp3wPzl8AkGWfXm2FsMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWHlTcWxNS3V1YW5mQV9PWHdDUVpaOWViWVd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ1cgOU2iNCJIu4K85CP
G6oLOYQ56RBgxvxVq4wS/sZ+ecZXE71v6rNdLbkrigI+NvS6ttseeUL5lD1jkIqz
HhLaI8No5/xPkgDayiyo2xXBK33N63Vw02ulDmijH3tHGwW0wcmZJ+2qKdMKLqKd
ZDKomUcalxQul77ts9YjLM3B4yv16kaDLwUcA/6sXTx54yt9Lppg9XdYut2GRAGz
hCpF/PPaqgkk7AK5agF1JKqQHwo2Ncf95ntWXPXTS5zSSLaHS06t2Xc9RUKo1o7z
g27wEP3gnxuQ8SDSMs0fz1/AXg5XYOu3KMr/teRLuNLmt8dNPIupFfEMWpwnxwIW
kg4=
-----END CERTIFICATE-----
Generated at Sun May 11 10:17:20 2025 by rpki-client