Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xBFMVcdjUE9lZMlhsIjq_6f4N-s.roa
File: xBFMVcdjUE9lZMlhsIjq_6f4N-s.roa (raw, json)
Hash identifier: EZXO28Yaev2CefTRwcZY06jeDvdCuzt1NfYvD+iYUQ4=
Subject key identifier: C4:11:4C:55:C7:63:50:4F:65:64:C9:61:B0:88:EA:FF:A7:F8:37:EB
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ACE31AFEEC7D089C4089F1852743A985F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xBFMVcdjUE9lZMlhsIjq_6f4N-s.roa
Signing time: Mon 25 Sep 2023 21:14:37 +0000
ROA not before: Mon 25 Sep 2023 21:14:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ce:31:af:ee:c7:d0:89:c4:08:9f:18:52:74:3a:98:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 25 21:14:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4114c55c763504f6564c961b088eaffa7f837eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:3b:3d:a0:f4:41:3b:5d:dc:84:2d:b5:26:ad:
5f:89:22:93:45:42:eb:96:e0:e8:b4:13:27:b0:d4:
f1:42:11:73:ba:22:74:0c:43:26:82:d1:36:e4:ca:
b1:c1:a1:d5:af:34:11:3e:91:8e:7d:3c:cf:af:c0:
79:b4:7a:2a:db:28:13:e7:91:d9:53:17:13:e1:83:
65:d9:03:c0:ac:19:43:a3:6b:8e:0e:4a:40:e7:f2:
cd:56:0b:8d:65:22:ab:59:1e:f7:43:11:71:d9:09:
64:ff:72:cd:d5:bc:9b:84:bc:24:65:d7:6d:b1:e2:
52:01:7f:12:b2:1b:b5:60:40:44:f9:31:ea:69:4b:
7b:d3:c1:e7:97:e3:e2:73:03:85:09:db:ca:d7:d6:
5a:a4:7f:e4:dc:a5:87:fb:3b:e6:1b:21:05:3c:44:
36:33:c6:25:46:d6:73:9a:2d:71:2f:e8:28:df:78:
f2:ad:88:bd:00:1b:67:ca:3c:d0:20:c4:4e:e7:45:
79:7d:a4:5f:6d:78:f6:14:fc:a9:70:62:65:51:03:
c4:18:ab:f5:62:76:b8:ee:1e:ee:d4:9c:a7:b2:92:
b2:7f:48:ac:01:f6:e7:e0:9f:24:26:3d:02:fb:f7:
23:47:de:a0:89:14:09:cd:68:5f:c5:d6:cb:a0:51:
80:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:11:4C:55:C7:63:50:4F:65:64:C9:61:B0:88:EA:FF:A7:F8:37:EB
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xBFMVcdjUE9lZMlhsIjq_6f4N-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
52:83:ac:b0:79:5c:41:f1:c5:66:d3:6e:0e:d1:d1:51:4d:43:
53:ef:06:98:7a:f2:79:37:af:ac:26:ce:17:2a:e9:cc:2d:80:
2f:f2:57:d2:19:28:6e:98:e3:91:d0:0a:8a:1e:60:9e:18:7d:
ee:33:de:22:bf:61:4b:99:91:96:6b:21:ff:02:09:5e:1d:2a:
0b:64:15:07:8f:3f:b3:dd:18:74:a0:33:5e:de:75:43:63:a6:
62:38:5d:6b:93:17:78:e4:bf:e9:ab:48:0c:58:da:d6:33:bb:
14:a0:9a:ca:3e:77:b9:6e:8b:52:11:98:c3:8c:d4:28:45:ba:
f3:c5:7e:ba:30:dd:50:80:79:0e:59:d3:9f:03:3e:7c:11:fd:
bc:26:32:29:7c:49:90:10:d1:4e:28:01:be:96:1b:9f:ec:0e:
0b:5a:4f:65:cc:a7:84:69:99:3f:dd:0d:8c:c2:fe:73:2f:20:
08:c7:f7:1b:08:5e:c0:8e:df:ea:5b:0e:65:ec:5f:8a:f2:27:
dc:6a:fc:aa:f8:8b:a6:31:e5:fc:d3:8c:2f:f0:78:2a:3a:55:
b7:3e:b3:87:6e:65:d0:40:9c:38:95:9a:0e:8e:32:d1:13:31:
93:c8:c0:e9:1d:67:9f:9e:50:16:1a:43:b7:9c:53:5c:88:f8:
ae:ff:d8:86
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrOMa/ux9CJxAifGFJ0OphfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI1MjExNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDExNGM1NWM3NjM1MDRmNjU2NGM5NjFiMDg4ZWFmZmE3ZjgzN2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzs9oPRBO13chC21Jq1fiSKTRULr
luDotBMnsNTxQhFzuiJ0DEMmgtE25MqxwaHVrzQRPpGOfTzPr8B5tHoq2ygT55HZ
UxcT4YNl2QPArBlDo2uODkpA5/LNVguNZSKrWR73QxFx2Qlk/3LN1bybhLwkZddt
seJSAX8Sshu1YEBE+THqaUt708Hnl+PicwOFCdvK19ZapH/k3KWH+zvmGyEFPEQ2
M8YlRtZzmi1xL+go33jyrYi9ABtnyjzQIMRO50V5faRfbXj2FPypcGJlUQPEGKv1
Yna47h7u1JynspKyf0isAfbn4J8kJj0C+/cjR96giRQJzWhfxdbLoFGA/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMQRTFXHY1BPZWTJYbCI6v+n+DfrMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveEJGTVZjZGpVRTlsWk1saHNJanFfNmY0Ti1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFKDrLB5XEHxxWbTbg7R
0VFNQ1PvBph68nk3r6wmzhcq6cwtgC/yV9IZKG6Y45HQCooeYJ4Yfe4z3iK/YUuZ
kZZrIf8CCV4dKgtkFQePP7PdGHSgM17edUNjpmI4XWuTF3jkv+mrSAxY2tYzuxSg
mso+d7lui1IRmMOM1ChFuvPFfrow3VCAeQ5Z058DPnwR/bwmMil8SZAQ0U4oAb6W
G5/sDgtaT2XMp4RpmT/dDYzC/nMvIAjH9xsIXsCO3+pbDmXsX4ryJ9xq/Kr4i6Yx
5fzTjC/weCo6Vbc+s4duZdBAnDiVmg6OMtETMZPIwOkdZ5+eUBYaQ7ecU1yI+K7/
2IY=
-----END CERTIFICATE-----
Generated at Tue May 13 16:11:15 2025 by rpki-client