Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xXVnDDYO58HDQzfFs04cVQrOMBo.roa
File: xXVnDDYO58HDQzfFs04cVQrOMBo.roa (raw, json)
Hash identifier: 5WE4KM9xnSDN7iE3pCsWDYyd7+ZfVwd9C1ZoKS0kqVo=
Subject key identifier: C5:75:67:0C:36:0E:E7:C1:C3:43:37:C5:B3:4E:1C:55:0A:CE:30:1A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C7140E0596C22B086C30CD872187F3162
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xXVnDDYO58HDQzfFs04cVQrOMBo.roa
Signing time: Sat 16 Dec 2023 06:12:06 +0000
ROA not before: Sat 16 Dec 2023 06:12:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:71:40:e0:59:6c:22:b0:86:c3:0c:d8:72:18:7f:31:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 16 06:12:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c575670c360ee7c1c34337c5b34e1c550ace301a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5f:35:5e:66:b2:90:94:52:c2:4c:5b:65:47:
68:9c:a4:ce:2d:26:e6:42:d3:76:a4:74:3b:2d:42:
8f:8c:33:af:5e:1e:2a:ef:34:65:f7:3f:8d:07:f2:
f9:a5:bf:22:28:38:94:4a:b0:79:26:c6:17:c8:5c:
b7:3d:10:b4:74:dd:82:35:55:03:22:98:c6:45:d7:
78:c2:96:47:67:f3:75:51:9e:74:50:0f:d5:ba:12:
73:43:f2:86:e0:1d:e6:19:f4:0a:7c:ca:6e:c7:90:
df:67:49:bc:2f:40:4a:92:1a:53:90:e1:99:c6:60:
0c:48:8a:59:9e:2a:61:35:65:ee:5d:b5:fd:a4:1b:
55:2f:79:80:be:8e:68:88:5a:9e:63:68:34:8f:cf:
69:b4:d8:0e:28:82:1b:83:83:f8:46:af:bf:1f:dc:
e8:a3:ac:22:ec:e5:d1:4b:e6:ac:c9:13:ff:bf:a3:
2f:c1:68:05:37:79:94:52:0a:a3:38:a4:3c:40:a6:
b2:97:25:3d:55:49:f2:27:17:d0:57:1c:f3:71:5a:
8b:15:06:37:b8:f2:53:fd:91:c4:16:92:08:85:fa:
ca:67:4f:ff:af:46:e9:37:bd:e5:dc:67:32:44:43:
8f:cf:80:1c:e2:91:ad:f8:fb:b3:1a:e7:a3:5e:53:
ef:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:75:67:0C:36:0E:E7:C1:C3:43:37:C5:B3:4E:1C:55:0A:CE:30:1A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xXVnDDYO58HDQzfFs04cVQrOMBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8a:65:88:05:2a:7d:2e:bb:f7:0d:40:87:f2:dd:7c:c8:96:86:
62:ae:11:0a:87:7f:dc:2b:6d:5c:0a:ef:92:04:8a:76:99:3d:
e1:d9:5c:1f:9e:45:f9:a0:8c:3b:14:26:a8:47:0d:4e:59:e9:
69:31:f7:f9:f0:f5:36:26:dd:ff:7a:af:47:eb:78:5e:ee:93:
5f:d7:20:37:b5:01:a3:4a:dc:58:87:b1:99:38:cd:a1:b8:d5:
d6:5d:41:57:5a:4c:ef:e1:a3:6f:fc:2d:63:f2:c3:bb:0b:11:
20:0f:f4:4f:fc:14:ba:be:8d:74:44:df:6a:68:ce:b5:b3:2b:
34:e7:65:ae:28:04:d2:75:20:9e:fc:73:4a:6f:71:7e:bd:80:
f0:fe:7b:67:a6:1a:38:1d:ea:dc:94:ce:97:43:ff:e1:68:83:
38:f5:c7:b8:ef:d8:b8:37:b1:59:16:2d:45:b6:90:f7:a0:f6:
0b:ae:ee:f6:14:0e:0d:ca:a5:3d:36:cc:2b:be:63:a0:84:79:
cb:fb:d6:d2:b0:cc:dd:78:1b:cd:c1:3c:b9:48:7d:13:df:8c:
b2:f4:be:86:e8:f6:b2:ef:c8:4d:6e:d3:29:ee:22:93:23:78:
ac:ea:a5:cb:06:95:57:45:55:5d:cf:0d:cc:26:57:94:5c:2d:
be:41:8b:61
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxxQOBZbCKwhsMM2HIYfzFiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE2MDYxMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTc1NjcwYzM2MGVlN2MxYzM0MzM3YzViMzRlMWM1NTBhY2UzMDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp181XmaykJRSwkxbZUdonKTOLSbm
QtN2pHQ7LUKPjDOvXh4q7zRl9z+NB/L5pb8iKDiUSrB5JsYXyFy3PRC0dN2CNVUD
IpjGRdd4wpZHZ/N1UZ50UA/VuhJzQ/KG4B3mGfQKfMpux5DfZ0m8L0BKkhpTkOGZ
xmAMSIpZniphNWXuXbX9pBtVL3mAvo5oiFqeY2g0j89ptNgOKIIbg4P4Rq+/H9zo
o6wi7OXRS+asyRP/v6MvwWgFN3mUUgqjOKQ8QKaylyU9VUnyJxfQVxzzcVqLFQY3
uPJT/ZHEFpIIhfrKZ0//r0bpN73l3GcyREOPz4Ac4pGt+PuzGuejXlPvzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMV1Zww2DufBw0M3xbNOHFUKzjAaMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveFhWbkREWU81OEhEUXpmRnMwNGNWUXJPTUJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIpliAUqfS679w1Ah/Ld
fMiWhmKuEQqHf9wrbVwK75IEinaZPeHZXB+eRfmgjDsUJqhHDU5Z6Wkx9/nw9TYm
3f96r0freF7uk1/XIDe1AaNK3FiHsZk4zaG41dZdQVdaTO/ho2/8LWPyw7sLESAP
9E/8FLq+jXRE32pozrWzKzTnZa4oBNJ1IJ78c0pvcX69gPD+e2emGjgd6tyUzpdD
/+Fogzj1x7jv2Lg3sVkWLUW2kPeg9guu7vYUDg3KpT02zCu+Y6CEecv71tKwzN14
G83BPLlIfRPfjLL0vobo9rLvyE1u0ynuIpMjeKzqpcsGlVdFVV3PDcwmV5RcLb5B
i2E=
-----END CERTIFICATE-----
Generated at Sun May 11 01:57:50 2025 by rpki-client