Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xHp_mdWJBDg6Qhhuq_WqUCMuCjs.roa
File: xHp_mdWJBDg6Qhhuq_WqUCMuCjs.roa (raw, json)
Hash identifier: 3YKkRQwP0LrG9EHhT6iypFNbPhD/zoNXl+YMjYutP14=
Subject key identifier: C4:7A:7F:99:D5:89:04:38:3A:42:18:6E:AB:F5:AA:50:23:2E:0A:3B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B31528F375675D926CCFF9C6E89D0514E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xHp_mdWJBDg6Qhhuq_WqUCMuCjs.roa
Signing time: Sun 15 Oct 2023 03:12:55 +0000
ROA not before: Sun 15 Oct 2023 03:12:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:31:52:8f:37:56:75:d9:26:cc:ff:9c:6e:89:d0:51:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 15 03:12:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c47a7f99d58904383a42186eabf5aa50232e0a3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:0f:07:5a:89:08:7d:d7:b0:91:ee:cb:19:7a:
a0:a6:c6:b1:66:cd:83:32:3f:fb:d1:d9:cf:04:7c:
d2:26:bb:e6:94:5a:c4:06:cc:5e:89:cb:a7:aa:ba:
c2:f5:ae:3b:0e:d2:d3:72:1e:f4:92:eb:a5:b3:0e:
7b:89:02:8d:88:d2:5a:05:50:45:5e:63:26:8c:97:
46:93:55:0a:f2:3f:01:01:c1:11:73:f3:f2:62:dc:
d1:4e:3e:43:11:55:b1:76:fe:a3:ca:71:4e:a6:78:
71:d1:ec:34:fb:d0:10:f9:57:2f:7f:33:fe:d8:d3:
dc:fa:cd:1c:b5:7a:d4:de:d5:d3:5b:a1:38:a5:8a:
f5:f7:28:2e:4c:8e:eb:35:6d:b0:ed:69:45:48:75:
b4:48:90:92:32:83:ce:df:0b:dd:2c:b4:f7:12:ee:
ce:af:b3:83:3d:91:5e:4f:35:87:7f:45:f6:cd:f5:
35:be:5f:78:40:ad:0f:05:3f:df:63:ae:ac:02:28:
78:b5:f5:30:43:31:ea:28:fb:cc:ce:5a:d3:1c:05:
ce:69:fb:55:4f:39:68:d0:e6:ec:08:28:b9:ed:54:
66:ff:f9:95:11:27:c9:47:db:19:c6:90:fe:0a:d9:
4b:cd:44:f4:1e:51:9d:9c:bf:07:52:68:6f:c5:4d:
69:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:7A:7F:99:D5:89:04:38:3A:42:18:6E:AB:F5:AA:50:23:2E:0A:3B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xHp_mdWJBDg6Qhhuq_WqUCMuCjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4f:b3:29:4c:85:51:cd:e5:b5:5c:e4:e4:df:d5:b2:1b:e9:84:
94:04:db:00:ca:37:99:21:44:e7:40:cf:ce:a1:09:91:f8:78:
aa:05:cc:8a:71:79:f4:f4:32:63:d7:10:4d:32:19:5e:21:46:
a4:76:3b:65:c5:cf:e4:54:04:e3:5a:40:0d:c6:b7:36:c0:6a:
c3:1c:38:ef:a8:b4:00:0f:6e:a3:9e:b6:62:dc:a4:80:0c:4a:
19:b6:2c:34:d2:14:6c:fa:6c:eb:94:a2:3a:cb:60:35:d3:5e:
e9:50:42:0c:be:ef:4c:aa:8c:c3:c2:af:49:d6:2a:82:75:cd:
5e:f7:38:d7:df:34:7a:56:01:4a:4a:5c:fe:fa:b9:b3:1a:55:
4a:59:61:fb:a0:88:96:dc:b6:a9:5e:ee:de:2c:e8:87:b3:55:
eb:d0:07:6c:8e:a9:89:b0:0e:f7:59:b2:e2:b1:08:85:7c:62:
a6:7e:07:7e:96:33:29:86:b1:b2:0d:dd:88:3e:82:e9:6b:5f:
eb:e0:89:8a:56:bf:04:41:c4:6d:74:de:64:af:31:9c:9a:4e:
02:8a:06:76:10:29:4a:72:7f:1e:82:46:c7:65:d6:2c:27:17:
b7:8a:67:66:b0:94:c5:d1:b2:1d:e5:94:26:c3:96:a4:fb:a2:
90:82:54:e3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsxUo83VnXZJsz/nG6J0FFOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE1MDMxMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDdhN2Y5OWQ1ODkwNDM4M2E0MjE4NmVhYmY1YWE1MDIzMmUwYTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkw8HWokIfdewke7LGXqgpsaxZs2D
Mj/70dnPBHzSJrvmlFrEBsxeicunqrrC9a47DtLTch70kuulsw57iQKNiNJaBVBF
XmMmjJdGk1UK8j8BAcERc/PyYtzRTj5DEVWxdv6jynFOpnhx0ew0+9AQ+VcvfzP+
2NPc+s0ctXrU3tXTW6E4pYr19yguTI7rNW2w7WlFSHW0SJCSMoPO3wvdLLT3Eu7O
r7ODPZFeTzWHf0X2zfU1vl94QK0PBT/fY66sAih4tfUwQzHqKPvMzlrTHAXOaftV
Tzlo0ObsCCi57VRm//mVESfJR9sZxpD+CtlLzUT0HlGdnL8HUmhvxU1p5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMR6f5nViQQ4OkIYbqv1qlAjLgo7MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveEhwX21kV0pCRGc2UWhodXFfV3FVQ011Q2pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE+zKUyFUc3ltVzk5N/V
shvphJQE2wDKN5khROdAz86hCZH4eKoFzIpxefT0MmPXEE0yGV4hRqR2O2XFz+RU
BONaQA3GtzbAasMcOO+otAAPbqOetmLcpIAMShm2LDTSFGz6bOuUojrLYDXTXulQ
Qgy+70yqjMPCr0nWKoJ1zV73ONffNHpWAUpKXP76ubMaVUpZYfugiJbctqle7t4s
6IezVevQB2yOqYmwDvdZsuKxCIV8YqZ+B36WMymGsbIN3Yg+gulrX+vgiYpWvwRB
xG103mSvMZyaTgKKBnYQKUpyfx6CRsdl1iwnF7eKZ2awlMXRsh3llCbDlqT7opCC
VOM=
-----END CERTIFICATE-----
Generated at Sat May 10 17:10:19 2025 by rpki-client