Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xJSUJQ5zf9bBLazuN2xSn7wKToY.roa
File: xJSUJQ5zf9bBLazuN2xSn7wKToY.roa (raw, json)
Hash identifier: mH163qX/zfKFWRreHPZwdI3HbrixH7V1a9+1JebZ+zs=
Subject key identifier: C4:94:94:25:0E:73:7F:D6:C1:2D:AC:EE:37:6C:52:9F:BC:0A:4E:86
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B566F4A5CCE12176450F319117E4322A5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xJSUJQ5zf9bBLazuN2xSn7wKToY.roa
Signing time: Sun 22 Oct 2023 08:10:15 +0000
ROA not before: Sun 22 Oct 2023 08:10:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:56:6f:4a:5c:ce:12:17:64:50:f3:19:11:7e:43:22:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 22 08:10:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c49494250e737fd6c12dacee376c529fbc0a4e86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:05:0d:f0:bd:d8:25:9c:d3:98:19:62:13:ac:
fb:be:a2:6b:7b:48:b6:a1:68:f4:53:2b:10:e6:c2:
9d:54:e0:e8:39:68:2a:97:0f:6a:44:c7:83:97:46:
3a:1e:12:04:1c:73:ce:71:d5:ff:50:11:ed:2d:d2:
37:eb:ea:37:91:22:0d:fc:f1:d7:fb:d7:1e:33:91:
01:b5:41:bb:6a:bb:36:9b:19:f6:3b:f9:34:1d:cc:
7b:2d:46:85:d9:fd:fc:7f:1f:8e:e6:3c:4d:b8:4f:
ad:46:50:49:19:41:25:e0:cf:a4:89:f9:31:05:5d:
8b:be:4d:9d:3d:98:c3:2d:a4:88:ae:d3:74:b1:fb:
69:44:93:4e:7b:08:b8:75:c7:db:0c:da:72:84:01:
97:d7:4e:58:fd:b0:2f:51:c8:a8:6e:9a:fc:11:27:
d9:53:86:9b:00:99:00:98:86:b1:16:e4:bb:a7:29:
94:05:7a:d1:66:3b:e6:e4:71:59:47:00:c7:34:49:
f4:bc:c2:1c:3a:0d:72:22:bd:8b:69:6e:3a:b3:65:
70:7a:d2:fe:3e:56:d3:39:fe:ec:af:d4:a0:2b:22:
68:7d:e3:8b:a5:42:4c:61:bd:a3:7a:0b:81:b0:8c:
8f:ce:78:f1:8f:d9:41:24:74:7a:a4:4e:ec:7d:fe:
e1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:94:94:25:0E:73:7F:D6:C1:2D:AC:EE:37:6C:52:9F:BC:0A:4E:86
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xJSUJQ5zf9bBLazuN2xSn7wKToY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
cc:b5:29:63:b4:32:c1:b4:f4:cb:12:ef:bb:b5:b9:4a:ee:95:
bd:e3:be:94:39:18:4c:61:b3:be:c1:0a:f9:93:c8:10:b9:19:
15:83:ca:81:fb:2a:b9:8d:19:85:52:0e:02:98:d9:ef:ec:a2:
e8:bd:fa:69:65:fe:ee:f8:9d:f8:dc:d9:9b:df:42:6f:05:c6:
6d:23:b3:cd:4f:da:25:2f:4d:3c:2f:71:50:a2:ed:97:1b:2e:
77:e5:57:60:2d:9a:55:0f:20:32:92:cf:13:40:8a:c8:01:3a:
88:32:29:96:95:16:8c:b9:0a:00:a6:dd:58:b1:dd:67:85:f4:
4a:0c:86:1f:e2:d2:b5:a7:fc:e3:18:5c:62:6d:ad:cf:9c:19:
7d:33:c8:b8:88:0c:bf:22:51:29:a6:a2:3b:65:6b:9d:5d:1e:
6d:04:08:6e:40:b0:31:df:94:c3:4b:7e:b6:6b:09:37:ca:5e:
dc:ee:8d:1c:f3:47:a1:fb:07:46:5a:20:d1:13:ed:c3:25:34:
6d:82:71:37:d8:da:50:83:97:59:16:7a:4d:7c:ce:e0:06:cb:
bb:50:ab:41:a0:09:14:2c:87:1f:7c:f1:1a:63:3c:3a:67:80:
fe:c0:07:ca:43:c8:7c:17:3f:00:a5:11:fb:af:9d:4e:3a:54:
aa:56:12:99
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtWb0pczhIXZFDzGRF+QyKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIyMDgxMDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDk0OTQyNTBlNzM3ZmQ2YzEyZGFjZWUzNzZjNTI5ZmJjMGE0ZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwUN8L3YJZzTmBliE6z7vqJre0i2
oWj0UysQ5sKdVODoOWgqlw9qRMeDl0Y6HhIEHHPOcdX/UBHtLdI36+o3kSIN/PHX
+9ceM5EBtUG7ars2mxn2O/k0Hcx7LUaF2f38fx+O5jxNuE+tRlBJGUEl4M+kifkx
BV2Lvk2dPZjDLaSIrtN0sftpRJNOewi4dcfbDNpyhAGX105Y/bAvUciobpr8ESfZ
U4abAJkAmIaxFuS7pymUBXrRZjvm5HFZRwDHNEn0vMIcOg1yIr2LaW46s2VwetL+
PlbTOf7sr9SgKyJofeOLpUJMYb2jeguBsIyPznjxj9lBJHR6pE7sff7hGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMSUlCUOc3/WwS2s7jdsUp+8Ck6GMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveEpTVUpRNXpmOWJCTGF6dU4yeFNuN3dLVG9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMy1KWO0MsG09MsS77u1
uUrulb3jvpQ5GExhs77BCvmTyBC5GRWDyoH7KrmNGYVSDgKY2e/soui9+mll/u74
nfjc2ZvfQm8Fxm0js81P2iUvTTwvcVCi7ZcbLnflV2AtmlUPIDKSzxNAisgBOogy
KZaVFoy5CgCm3Vix3WeF9EoMhh/i0rWn/OMYXGJtrc+cGX0zyLiIDL8iUSmmojtl
a51dHm0ECG5AsDHflMNLfrZrCTfKXtzujRzzR6H7B0ZaINET7cMlNG2CcTfY2lCD
l1kWek18zuAGy7tQq0GgCRQshx988RpjPDpngP7AB8pDyHwXPwClEfuvnU46VKpW
Epk=
-----END CERTIFICATE-----
Generated at Tue May 13 19:17:48 2025 by rpki-client