Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sXgN5p34g-eaCAl49Lo_sYrUHF4.roa
File: sXgN5p34g-eaCAl49Lo_sYrUHF4.roa (raw, json)
Hash identifier: xg31p3bUhceTNarDsjma+SYonnYtN5y82PNaXo+uqQI=
Subject key identifier: B1:78:0D:E6:9D:F8:83:E7:9A:08:09:78:F4:BA:3F:B1:8A:D4:1C:5E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C2F2E40C201F431F0BF354C29130793FB
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sXgN5p34g-eaCAl49Lo_sYrUHF4.roa
Signing time: Sun 03 Dec 2023 10:16:49 +0000
ROA not before: Sun 03 Dec 2023 10:16:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2f:2e:40:c2:01:f4:31:f0:bf:35:4c:29:13:07:93:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 3 10:16:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1780de69df883e79a080978f4ba3fb18ad41c5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a8:06:73:27:46:92:2f:60:4c:4b:f0:80:4e:
a0:6a:0a:f6:bc:55:58:ae:a9:c1:a4:bf:4b:b3:4d:
33:e4:35:20:a6:ab:46:2c:ee:44:ab:3f:05:bb:d9:
95:f6:14:47:b0:c7:44:37:98:a0:d1:38:ef:89:24:
1f:de:37:54:4b:01:d0:da:cb:90:e0:1e:33:d8:a0:
af:2d:44:5c:6e:dc:90:f3:96:59:06:d5:e9:da:01:
62:a4:59:6f:31:1b:2f:bd:aa:b4:05:2c:8d:0f:88:
66:49:18:b9:73:8b:69:cf:37:80:1e:f0:5e:c9:19:
86:84:ed:45:14:f2:34:64:03:07:ad:70:4e:df:d5:
98:9f:0d:db:6f:51:aa:af:3f:15:2f:12:aa:fb:99:
c2:97:6f:31:6d:dc:6b:f8:46:30:ea:5e:87:54:97:
73:6d:48:ee:9a:f3:74:44:7f:6c:f8:b8:72:23:06:
fe:e5:9f:f4:d4:50:7d:e9:43:a6:49:21:68:0d:be:
1c:75:fb:0c:6f:c1:83:ff:0c:a2:ce:44:ed:cf:cb:
36:95:6f:c1:a7:76:10:7a:a3:ba:6a:0d:7f:18:50:
b3:28:de:3c:d5:7d:de:71:de:80:61:2a:f5:3d:2c:
0d:90:a8:58:a1:e2:0c:4e:7d:b9:7f:87:fe:5d:60:
b7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:78:0D:E6:9D:F8:83:E7:9A:08:09:78:F4:BA:3F:B1:8A:D4:1C:5E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sXgN5p34g-eaCAl49Lo_sYrUHF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:cd:37:a5:7a:1c:bb:55:26:42:12:7f:8e:ab:0d:eb:66:a1:
c5:8a:ec:d5:39:00:c5:a9:58:a6:d3:0d:27:b6:e1:ac:c3:6e:
67:2b:93:1f:62:d8:62:07:28:da:db:9a:eb:92:ca:7e:99:5d:
78:89:b5:58:38:b5:4d:b4:7e:e3:58:59:92:f8:9b:0f:f8:77:
ea:86:b4:7a:51:ce:0d:1e:5f:b4:70:44:b4:94:f8:2b:81:e2:
f6:c9:68:03:dc:be:bb:8f:28:9c:a4:7e:bd:d5:17:93:07:f0:
dc:4f:55:59:de:0b:c9:89:21:e0:63:75:7b:77:d3:a6:54:ac:
be:a9:1c:b0:37:0a:15:15:bf:48:e2:c8:4d:2e:b6:94:f3:04:
3e:bb:1d:5a:da:ca:d5:06:ab:9a:62:0f:57:ca:d3:96:42:06:
69:26:12:a0:80:8e:49:22:4c:65:14:b2:90:29:dd:47:12:67:
e1:19:d8:71:fa:ea:6d:a1:0c:b9:76:d4:03:af:61:d8:d9:f8:
42:9a:4c:0f:bf:44:fa:c9:9a:ea:29:be:f0:26:1f:58:c4:83:
5b:21:a5:4c:4b:39:15:4f:b4:03:8b:29:7d:82:c9:2d:37:b5:
6d:5e:2b:cf:b7:71:42:4d:06:ba:33:96:d8:2e:c0:68:d6:79:
e4:c7:84:92
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwvLkDCAfQx8L81TCkTB5P7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAzMTAxNjQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTc4MGRlNjlkZjg4M2U3OWEwODA5NzhmNGJhM2ZiMThhZDQxYzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsagGcydGki9gTEvwgE6gagr2vFVY
rqnBpL9Ls00z5DUgpqtGLO5Eqz8Fu9mV9hRHsMdEN5ig0TjviSQf3jdUSwHQ2suQ
4B4z2KCvLURcbtyQ85ZZBtXp2gFipFlvMRsvvaq0BSyND4hmSRi5c4tpzzeAHvBe
yRmGhO1FFPI0ZAMHrXBO39WYnw3bb1Gqrz8VLxKq+5nCl28xbdxr+EYw6l6HVJdz
bUjumvN0RH9s+LhyIwb+5Z/01FB96UOmSSFoDb4cdfsMb8GD/wyizkTtz8s2lW/B
p3YQeqO6ag1/GFCzKN481X3ecd6AYSr1PSwNkKhYoeIMTn25f4f+XWC3YQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLF4Dead+IPnmggJePS6P7GK1BxeMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvc1hnTjVwMzRnLWVhQ0FsNDlMb19zWXJVSEY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHPNN6V6HLtVJkISf46r
DetmocWK7NU5AMWpWKbTDSe24azDbmcrkx9i2GIHKNrbmuuSyn6ZXXiJtVg4tU20
fuNYWZL4mw/4d+qGtHpRzg0eX7RwRLSU+CuB4vbJaAPcvruPKJykfr3VF5MH8NxP
VVneC8mJIeBjdXt306ZUrL6pHLA3ChUVv0jiyE0utpTzBD67HVraytUGq5piD1fK
05ZCBmkmEqCAjkkiTGUUspAp3UcSZ+EZ2HH66m2hDLl21AOvYdjZ+EKaTA+/RPrJ
muopvvAmH1jEg1shpUxLORVPtAOLKX2CyS03tW1eK8+3cUJNBrozltguwGjWeeTH
hJI=
-----END CERTIFICATE-----
Generated at Tue May 13 14:59:31 2025 by rpki-client