Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xE-lqWhigDVQlmaE-xUmKwBIqiA.roa
File: xE-lqWhigDVQlmaE-xUmKwBIqiA.roa (raw, json)
Hash identifier: pq2SQdjVMi1jYULWQIjHnAtTc+NGI3KZGHARDr85m9w=
Subject key identifier: C4:4F:A5:A9:68:62:80:35:50:96:66:84:FB:15:26:2B:00:48:AA:20
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BA59DFC2A46B740231030B14D5661E316
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xE-lqWhigDVQlmaE-xUmKwBIqiA.roa
Signing time: Mon 06 Nov 2023 17:11:16 +0000
ROA not before: Mon 06 Nov 2023 17:11:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a5:9d:fc:2a:46:b7:40:23:10:30:b1:4d:56:61:e3:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 6 17:11:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c44fa5a96862803550966684fb15262b0048aa20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:41:26:09:38:35:a6:dc:1c:7b:86:a8:47:8c:
99:cd:8c:1f:ef:6a:80:db:02:2e:fa:0e:ea:79:ad:
7f:24:19:0f:ba:7b:b1:4f:78:4f:35:7e:50:fb:78:
a8:7f:2f:fb:b4:d2:8d:3f:b6:08:07:92:dd:70:1a:
2c:84:8e:58:29:2d:d5:93:a7:00:d9:b4:d5:5a:42:
74:a0:e1:26:8f:1d:3b:a0:9a:01:67:95:d3:48:74:
85:c1:fb:39:9c:2a:2f:ac:82:93:82:75:45:a1:a7:
42:c4:b2:99:de:3f:12:de:8c:8f:1b:27:b3:96:38:
48:23:1b:35:2c:6d:c2:97:0e:56:52:72:e9:67:c1:
c7:d5:08:c6:07:a5:6c:2a:be:2a:f4:c4:fe:cd:63:
19:4b:b6:17:26:7d:89:10:6e:68:3e:51:b8:ad:f5:
d3:52:50:20:d3:7c:3f:2b:e3:e4:20:15:53:76:f9:
46:11:66:37:90:d0:a9:bb:79:4a:07:49:55:47:f9:
b0:8f:85:fc:c5:57:15:5c:2f:25:62:3d:e9:21:53:
05:8c:d1:6f:8a:be:c3:93:15:10:53:0d:e5:fa:9c:
55:57:8c:d6:9d:80:9e:91:e3:8a:b8:a4:8c:02:be:
24:86:bc:a2:f4:f1:22:81:36:e6:35:78:e8:c3:6a:
ed:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:4F:A5:A9:68:62:80:35:50:96:66:84:FB:15:26:2B:00:48:AA:20
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xE-lqWhigDVQlmaE-xUmKwBIqiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3a:00:3e:45:b3:41:43:90:d1:14:5f:01:8e:b6:aa:81:0f:35:
3b:51:0f:46:0b:0e:78:e5:e2:f8:6e:b3:ff:b3:55:02:22:a4:
96:a1:db:a5:18:32:61:69:0a:5f:50:45:82:66:b8:00:d0:5b:
cc:97:93:c0:09:44:9d:d0:99:d4:76:7c:ba:07:0b:37:70:0a:
c3:6e:77:23:f2:47:15:ac:22:db:65:ff:ce:89:7b:91:42:20:
2e:10:7b:3e:10:57:88:89:61:c9:a2:d2:90:f0:55:d5:f8:d5:
36:cc:0d:32:c2:90:6a:87:ce:74:4e:84:33:73:37:aa:3d:88:
8d:cf:d3:e4:fb:3e:a4:e4:9d:fc:7b:f5:8d:f0:67:4d:be:e9:
78:9b:56:b6:bc:61:4c:60:ca:3d:52:15:e1:07:b2:0b:fc:ac:
fd:35:2b:67:40:49:03:72:20:94:4b:a9:9c:ea:bf:bd:df:6d:
66:a2:62:67:e6:24:2c:43:79:a9:7c:44:6c:e2:c9:c2:58:2a:
54:db:d4:e8:4a:f2:91:11:4f:46:00:33:20:36:bf:36:6d:bb:
5e:a4:d4:9b:65:3e:85:41:f3:83:b0:c4:b9:3a:56:69:eb:ae:
9d:ea:c4:5a:07:3d:30:bb:99:62:64:4a:f7:86:e8:3a:42:61:
b1:cc:c8:1f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYulnfwqRrdAIxAwsU1WYeMWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA2MTcxMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDRmYTVhOTY4NjI4MDM1NTA5NjY2ODRmYjE1MjYyYjAwNDhhYTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUEmCTg1ptwce4aoR4yZzYwf72qA
2wIu+g7qea1/JBkPunuxT3hPNX5Q+3iofy/7tNKNP7YIB5LdcBoshI5YKS3Vk6cA
2bTVWkJ0oOEmjx07oJoBZ5XTSHSFwfs5nCovrIKTgnVFoadCxLKZ3j8S3oyPGyez
ljhIIxs1LG3Clw5WUnLpZ8HH1QjGB6VsKr4q9MT+zWMZS7YXJn2JEG5oPlG4rfXT
UlAg03w/K+PkIBVTdvlGEWY3kNCpu3lKB0lVR/mwj4X8xVcVXC8lYj3pIVMFjNFv
ir7DkxUQUw3l+pxVV4zWnYCekeOKuKSMAr4khryi9PEigTbmNXjow2rtSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMRPpaloYoA1UJZmhPsVJisASKogMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveEUtbHFXaGlnRFZRbG1hRS14VW1Ld0JJcWlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADoAPkWzQUOQ0RRfAY62
qoEPNTtRD0YLDnjl4vhus/+zVQIipJah26UYMmFpCl9QRYJmuADQW8yXk8AJRJ3Q
mdR2fLoHCzdwCsNudyPyRxWsIttl/86Je5FCIC4Qez4QV4iJYcmi0pDwVdX41TbM
DTLCkGqHznROhDNzN6o9iI3P0+T7PqTknfx79Y3wZ02+6XibVra8YUxgyj1SFeEH
sgv8rP01K2dASQNyIJRLqZzqv73fbWaiYmfmJCxDeal8RGziycJYKlTb1OhK8pER
T0YAMyA2vzZtu16k1JtlPoVB84OwxLk6Vmnrrp3qxFoHPTC7mWJkSveG6DpCYbHM
yB8=
-----END CERTIFICATE-----
Generated at Thu May 15 12:12:44 2025 by rpki-client