Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xn8g9sQfeOIsblodoEuINUZuThY.roa
File: xn8g9sQfeOIsblodoEuINUZuThY.roa (raw, json)
Hash identifier: lMlcfbk7SSeZKVQLo8gFfWgijY6dKwyyGomLL1EJZEA=
Subject key identifier: C6:7F:20:F6:C4:1F:78:E2:2C:6E:5A:1D:A0:4B:88:35:46:6E:4E:16
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C3B278493B18F093FB7E51F551AEC206B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xn8g9sQfeOIsblodoEuINUZuThY.roa
Signing time: Tue 05 Dec 2023 18:04:54 +0000
ROA not before: Tue 05 Dec 2023 18:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:3b27:1ade/128 maxlen: 128
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3b:27:84:93:b1:8f:09:3f:b7:e5:1f:55:1a:ec:20:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 5 18:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c67f20f6c41f78e22c6e5a1da04b8835466e4e16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:02:c6:ca:ea:a4:28:37:b6:6d:ba:c3:98:69:
e2:7d:01:69:e3:6e:d8:be:fe:a4:a3:c5:aa:86:4d:
f8:05:23:3d:59:de:e5:4b:0f:4f:ac:36:7f:c0:73:
f5:08:bc:95:ed:99:61:9b:fa:53:29:0d:e8:1c:38:
69:39:4f:e1:db:a5:2e:9c:03:7f:bc:f8:3e:82:f6:
88:24:59:a0:86:55:14:25:61:ee:a0:e0:d8:3b:f1:
31:2a:d2:ad:f2:f5:34:c9:6a:75:77:89:30:77:f3:
eb:65:f2:fc:b5:3e:b1:b4:90:c8:c9:11:6f:8c:79:
a1:0c:bd:0b:9f:83:09:2c:c2:6a:9a:af:0c:52:35:
21:a6:ee:4d:06:42:fd:a5:d4:28:c9:3b:db:7d:0f:
db:78:e9:48:5b:8f:51:26:4a:23:e1:f9:03:fa:9e:
a9:8f:f8:c7:0f:34:69:e2:60:bd:2a:a3:2f:a6:0c:
1e:0b:f7:52:0a:ee:35:c0:15:4e:14:8e:a1:e7:cd:
61:23:76:9b:fb:0d:02:71:69:87:5d:f4:cb:24:d2:
4d:29:52:8e:e1:36:b5:58:cc:4c:14:6c:3e:95:5f:
c8:95:18:a0:2d:ca:c4:ea:0a:a8:e1:82:92:2e:99:
c4:c5:0e:2a:7b:9a:b2:e2:da:d6:13:1d:9a:ba:4c:
89:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:7F:20:F6:C4:1F:78:E2:2C:6E:5A:1D:A0:4B:88:35:46:6E:4E:16
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xn8g9sQfeOIsblodoEuINUZuThY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:11:45:26:ed:67:20:14:3c:1c:96:7d:08:3f:52:e2:99:81:
2a:b6:0a:79:d7:6c:49:7e:45:79:98:80:d7:1f:44:97:47:33:
af:d0:e5:52:d0:a4:0a:b0:88:20:b8:0b:98:88:57:15:b3:3a:
26:79:84:a8:a0:d0:41:17:26:01:b3:f4:1b:23:42:09:fe:ed:
9d:fc:06:73:50:1e:1b:4c:0a:eb:66:fa:53:a3:6b:67:3a:fa:
5b:86:9e:92:57:3f:c7:85:50:74:24:bd:d5:d8:48:b8:1d:44:
b0:f9:fc:35:8b:a8:ec:01:a6:7d:b1:27:36:ca:03:4d:6b:eb:
ae:f1:08:43:76:48:e0:91:f1:7f:74:d5:91:61:ab:bb:b7:2c:
e8:12:1b:8a:09:64:b6:ff:52:03:f1:01:97:c9:3e:32:53:93:
b7:3f:02:72:f6:fd:06:5e:c9:9d:50:e6:70:90:82:91:12:17:
ff:64:a6:9c:a3:79:ef:f1:45:b2:28:dd:fb:0a:42:eb:0a:78:
9c:36:2a:23:76:b2:7a:83:cb:e2:33:9f:f6:f1:fd:1a:0c:d2:
0b:ba:76:15:90:6c:4e:e7:cf:3f:65:78:6a:74:ef:c7:c0:5b:
3a:ab:ed:57:39:0e:83:65:f1:40:cd:16:8a:42:ad:8c:17:1c:
68:62:5b:14
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw7J4STsY8JP7flH1Ua7CBrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA1MTgwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjdmMjBmNmM0MWY3OGUyMmM2ZTVhMWRhMDRiODgzNTQ2NmU0ZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wLGyuqkKDe2bbrDmGnifQFp427Y
vv6ko8Wqhk34BSM9Wd7lSw9PrDZ/wHP1CLyV7Zlhm/pTKQ3oHDhpOU/h26UunAN/
vPg+gvaIJFmghlUUJWHuoODYO/ExKtKt8vU0yWp1d4kwd/PrZfL8tT6xtJDIyRFv
jHmhDL0Ln4MJLMJqmq8MUjUhpu5NBkL9pdQoyTvbfQ/beOlIW49RJkoj4fkD+p6p
j/jHDzRp4mC9KqMvpgweC/dSCu41wBVOFI6h581hI3ab+w0CcWmHXfTLJNJNKVKO
4Ta1WMxMFGw+lV/IlRigLcrE6gqo4YKSLpnExQ4qe5qy4trWEx2aukyJMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMZ/IPbEH3jiLG5aHaBLiDVGbk4WMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveG44ZzlzUWZlT0lzYmxvZG9FdUlOVVp1VGhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADsRRSbtZyAUPByWfQg/
UuKZgSq2CnnXbEl+RXmYgNcfRJdHM6/Q5VLQpAqwiCC4C5iIVxWzOiZ5hKig0EEX
JgGz9BsjQgn+7Z38BnNQHhtMCutm+lOja2c6+luGnpJXP8eFUHQkvdXYSLgdRLD5
/DWLqOwBpn2xJzbKA01r667xCEN2SOCR8X901ZFhq7u3LOgSG4oJZLb/UgPxAZfJ
PjJTk7c/AnL2/QZeyZ1Q5nCQgpESF/9kppyjee/xRbIo3fsKQusKeJw2KiN2snqD
y+Izn/bx/RoM0gu6dhWQbE7nzz9leGp078fAWzqr7Vc5DoNl8UDNFopCrYwXHGhi
WxQ=
-----END CERTIFICATE-----
Generated at Tue May 13 02:19:21 2025 by rpki-client