Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xECnBRrpEqeIOYYKUKNdLRVhI_U.roa
File: xECnBRrpEqeIOYYKUKNdLRVhI_U.roa (raw, json)
Hash identifier: bVAU1/vxYx3MmFI32gzUbDVuI4Kch5Sz1epJ96w0ebw=
Subject key identifier: C4:40:A7:05:1A:E9:12:A7:88:39:86:0A:50:A3:5D:2D:15:61:23:F5
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C6649DE8BA89CD849FEFADEA1EF9D94AB
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xECnBRrpEqeIOYYKUKNdLRVhI_U.roa
Signing time: Thu 14 Dec 2023 03:06:06 +0000
ROA not before: Thu 14 Dec 2023 03:06:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18c:6649:518/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:66:49:de:8b:a8:9c:d8:49:fe:fa:de:a1:ef:9d:94:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 14 03:06:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c440a7051ae912a78839860a50a35d2d156123f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:81:b5:e7:73:2d:c2:11:f0:c3:59:02:98:2a:
20:9d:bd:33:15:21:92:ce:f3:09:ad:bb:cb:e9:14:
af:dc:a2:2b:5a:ca:a7:f1:cc:96:c0:e9:e1:b7:81:
41:1a:47:18:fd:95:b7:66:0d:4e:57:fd:0f:64:73:
5a:b8:7d:f4:08:01:f2:2f:95:07:db:da:af:86:c0:
90:75:ef:2d:8c:ee:89:ed:60:a1:18:98:fb:38:8e:
c3:82:26:4d:a5:c6:c2:c7:b4:8a:44:75:67:3b:54:
37:74:46:b8:ff:7a:5d:06:bc:27:f7:68:c2:84:93:
3f:23:74:6f:64:de:69:65:cb:12:e1:ae:5c:75:78:
74:41:e4:47:95:6e:6a:d9:f8:03:13:ec:5d:b4:6d:
25:e3:7f:9d:1c:12:30:40:6f:7d:03:72:e8:01:5b:
36:6d:51:18:a1:31:5a:ef:13:e7:50:9f:44:ab:62:
58:dd:6b:a3:d2:b5:ff:2b:f6:34:90:8e:3f:6f:a6:
b1:b1:92:c0:d2:24:b7:13:99:fd:b5:94:d9:a8:df:
6d:ab:1b:c3:27:55:35:02:ca:79:f7:92:6f:99:ff:
eb:dd:c3:3e:0e:39:79:41:54:69:78:24:83:03:f8:
5b:c9:60:18:b6:bb:09:c0:3e:d0:b8:0b:67:e2:41:
72:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:40:A7:05:1A:E9:12:A7:88:39:86:0A:50:A3:5D:2D:15:61:23:F5
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xECnBRrpEqeIOYYKUKNdLRVhI_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
05:db:e0:96:22:57:c9:e8:48:c8:2c:2c:62:a9:f9:19:d4:89:
c6:2d:a5:87:92:d4:e2:4c:03:3f:2a:54:9f:60:10:a5:46:40:
bd:2a:b1:0e:09:69:d0:98:a7:e0:eb:9e:4d:91:cc:ba:99:3c:
44:23:05:24:ec:a7:5f:f2:b7:48:75:78:65:5a:a9:b3:0d:08:
12:92:cb:f2:83:15:da:78:c0:c7:a2:e0:73:80:88:79:de:82:
d3:f3:45:8d:bf:f3:4a:1e:09:d8:e0:fa:f4:72:7c:7f:86:b8:
73:c3:12:e7:1b:38:19:9b:1b:15:f4:36:b6:67:73:d0:07:9d:
08:a6:c4:ef:10:83:25:9a:e1:37:f1:38:28:67:49:de:df:73:
08:93:cf:51:da:ec:eb:fb:8e:42:55:5c:b3:05:78:a8:60:61:
c3:23:39:3b:1a:d6:44:04:77:73:03:f8:ea:85:d4:e3:8d:2f:
ed:39:d6:3c:b8:54:3e:d3:ec:39:a2:8f:8c:da:d9:55:60:5f:
d3:f7:96:08:f8:88:57:fc:d2:d6:40:a5:51:1d:3f:52:99:fd:
fd:e4:15:77:d9:05:e8:16:ec:f4:11:b1:91:08:0e:89:cb:7d:
80:33:aa:97:42:70:f3:b4:14:72:18:66:e2:92:11:0f:64:80:
a1:65:c6:04
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxmSd6LqJzYSf763qHvnZSrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE0MDMwNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDQwYTcwNTFhZTkxMmE3ODgzOTg2MGE1MGEzNWQyZDE1NjEyM2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloG153MtwhHww1kCmCognb0zFSGS
zvMJrbvL6RSv3KIrWsqn8cyWwOnht4FBGkcY/ZW3Zg1OV/0PZHNauH30CAHyL5UH
29qvhsCQde8tjO6J7WChGJj7OI7DgiZNpcbCx7SKRHVnO1Q3dEa4/3pdBrwn92jC
hJM/I3RvZN5pZcsS4a5cdXh0QeRHlW5q2fgDE+xdtG0l43+dHBIwQG99A3LoAVs2
bVEYoTFa7xPnUJ9Eq2JY3Wuj0rX/K/Y0kI4/b6axsZLA0iS3E5n9tZTZqN9tqxvD
J1U1Asp595Jvmf/r3cM+Djl5QVRpeCSDA/hbyWAYtrsJwD7QuAtn4kFydwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMRApwUa6RKniDmGClCjXS0VYSP1MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveEVDbkJScnBFcWVJT1lZS1VLTmRMUlZoSV9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAXb4JYiV8noSMgsLGKp
+RnUicYtpYeS1OJMAz8qVJ9gEKVGQL0qsQ4JadCYp+Drnk2RzLqZPEQjBSTsp1/y
t0h1eGVaqbMNCBKSy/KDFdp4wMei4HOAiHnegtPzRY2/80oeCdjg+vRyfH+GuHPD
EucbOBmbGxX0NrZnc9AHnQimxO8QgyWa4TfxOChnSd7fcwiTz1Ha7Ov7jkJVXLMF
eKhgYcMjOTsa1kQEd3MD+OqF1OONL+051jy4VD7T7Dmij4za2VVgX9P3lgj4iFf8
0tZApVEdP1KZ/f3kFXfZBegW7PQRsZEIDonLfYAzqpdCcPO0FHIYZuKSEQ9kgKFl
xgQ=
-----END CERTIFICATE-----
Generated at Mon May 12 21:54:53 2025 by rpki-client