Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xW53nANKQIpOklUam1WF8tybMTU.roa
File: xW53nANKQIpOklUam1WF8tybMTU.roa (raw, json)
Hash identifier: 3zsu+jKyV/4OsUycbBGCTlQ4TrexJg6E5pV1W2qOkSw=
Subject key identifier: C5:6E:77:9C:03:4A:40:8A:4E:92:55:1A:9B:55:85:F2:DC:9B:31:35
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B958531EFC6BA08DBBCC10989C6CB20CB
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xW53nANKQIpOklUam1WF8tybMTU.roa
Signing time: Fri 03 Nov 2023 14:10:16 +0000
ROA not before: Fri 03 Nov 2023 14:10:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:95:85:31:ef:c6:ba:08:db:bc:c1:09:89:c6:cb:20:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 3 14:10:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c56e779c034a408a4e92551a9b5585f2dc9b3135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e1:c7:8c:e2:49:7c:71:62:19:02:fd:00:48:
9f:b1:5d:d4:5c:73:c1:c7:e3:7f:72:ce:5c:cd:7d:
b0:5e:0f:71:a3:a9:b2:74:ea:c0:f8:cb:bf:82:68:
58:6a:69:95:f8:18:f5:ad:36:8b:45:e5:a3:67:1a:
01:53:bb:80:5e:1c:08:64:a5:30:f4:5e:2f:aa:f0:
21:6b:fd:34:af:d9:5f:a3:76:c0:2a:68:d4:c5:48:
30:68:f7:58:e6:42:1d:8e:72:c7:08:d5:83:d2:b6:
b5:ed:2f:d5:25:69:49:5f:91:a7:47:bd:a3:c7:5d:
2a:98:c7:5f:2e:39:b3:1e:6b:12:9d:09:0b:2b:df:
b8:6f:81:39:b4:db:15:3b:26:aa:63:b1:d3:93:81:
09:79:a4:1b:b7:a9:41:80:85:99:93:27:54:fb:95:
1a:6b:62:34:6e:0c:c3:9c:69:8f:4d:cc:e0:44:fd:
f5:08:23:d4:84:3d:4e:4e:c4:ea:c8:7f:4d:c2:16:
6a:57:60:a2:03:1f:71:b5:86:6d:10:7e:b1:bd:8a:
0b:73:77:8c:72:d1:19:88:9d:e0:6a:d0:ad:97:90:
c8:21:e9:6d:49:c8:ec:3e:50:e6:bc:96:89:a3:2a:
6d:28:05:25:76:29:63:51:fe:b0:25:57:e0:dd:be:
83:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:6E:77:9C:03:4A:40:8A:4E:92:55:1A:9B:55:85:F2:DC:9B:31:35
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xW53nANKQIpOklUam1WF8tybMTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
57:c7:79:39:7d:09:34:23:f7:4c:26:4d:f6:c1:97:40:83:3b:
58:58:8c:99:d3:78:f6:06:f7:af:66:cc:f9:df:e9:90:09:34:
43:0c:e4:d7:27:a1:c7:0c:87:e8:f9:a8:c0:c0:5a:c5:93:60:
5b:70:8c:35:34:d5:34:c2:c0:6e:fb:48:31:45:a5:d4:61:0b:
cc:d3:92:6e:d2:5a:0e:c9:32:ea:9e:73:24:3c:35:dd:46:7b:
6c:48:03:c5:b6:37:6e:97:d7:1d:ff:fb:ab:ea:4d:7d:08:bd:
f3:67:ab:28:28:d5:59:69:0f:05:e1:98:f1:20:03:99:03:a7:
98:23:96:37:30:e9:98:2b:5e:6b:eb:3a:6c:d3:b7:2c:4a:03:
43:30:d2:a8:9d:1f:7a:e5:81:b5:2f:fb:d7:9d:52:da:9a:c3:
98:32:77:1b:ef:1c:35:bb:66:ec:8f:1c:0e:dc:50:ac:6e:9b:
d3:79:25:b6:f4:b6:6b:69:ed:23:5b:45:9e:7d:f1:38:66:c8:
3d:84:53:f6:2e:3e:7b:26:07:1c:46:a9:d0:e8:75:8c:e1:dc:
bd:c6:c7:a7:ff:ec:aa:b0:94:6e:bf:04:e3:c0:b3:4d:3c:ff:
9c:41:b7:89:e2:b3:08:65:6c:88:ac:73:64:5d:a7:bb:7c:28:
37:9e:e1:e8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuVhTHvxroI27zBCYnGyyDLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAzMTQxMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTZlNzc5YzAzNGE0MDhhNGU5MjU1MWE5YjU1ODVmMmRjOWIzMTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOHHjOJJfHFiGQL9AEifsV3UXHPB
x+N/cs5czX2wXg9xo6mydOrA+Mu/gmhYammV+Bj1rTaLReWjZxoBU7uAXhwIZKUw
9F4vqvAha/00r9lfo3bAKmjUxUgwaPdY5kIdjnLHCNWD0ra17S/VJWlJX5GnR72j
x10qmMdfLjmzHmsSnQkLK9+4b4E5tNsVOyaqY7HTk4EJeaQbt6lBgIWZkydU+5Ua
a2I0bgzDnGmPTczgRP31CCPUhD1OTsTqyH9NwhZqV2CiAx9xtYZtEH6xvYoLc3eM
ctEZiJ3gatCtl5DIIeltScjsPlDmvJaJoyptKAUldiljUf6wJVfg3b6DoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMVud5wDSkCKTpJVGptVhfLcmzE1MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveFc1M25BTktRSXBPa2xVYW0xV0Y4dHliTVRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFfHeTl9CTQj90wmTfbB
l0CDO1hYjJnTePYG969mzPnf6ZAJNEMM5NcnoccMh+j5qMDAWsWTYFtwjDU01TTC
wG77SDFFpdRhC8zTkm7SWg7JMuqecyQ8Nd1Ge2xIA8W2N26X1x3/+6vqTX0IvfNn
qygo1VlpDwXhmPEgA5kDp5gjljcw6ZgrXmvrOmzTtyxKA0Mw0qidH3rlgbUv+9ed
Utqaw5gydxvvHDW7ZuyPHA7cUKxum9N5Jbb0tmtp7SNbRZ598ThmyD2EU/YuPnsm
BxxGqdDodYzh3L3Gx6f/7KqwlG6/BOPAs008/5xBt4niswhlbIisc2Rdp7t8KDee
4eg=
-----END CERTIFICATE-----
Generated at Sun May 11 22:34:09 2025 by rpki-client