Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xu4dDj_Rbbig0iqxKlcyd-ADD-Q.roa
File: xu4dDj_Rbbig0iqxKlcyd-ADD-Q.roa (raw, json)
Hash identifier: YJYPdGtBZ9S9mfy5YGHrO7yr8mFx5mfRPieFBGIM3eM=
Subject key identifier: C6:EE:1D:0E:3F:D1:6D:B8:A0:D2:2A:B1:2A:57:32:77:E0:03:0F:E4
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C5EFD47F0E2F647770BABFE1963221E43
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xu4dDj_Rbbig0iqxKlcyd-ADD-Q.roa
Signing time: Tue 12 Dec 2023 17:05:06 +0000
ROA not before: Tue 12 Dec 2023 17:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18c:5efc:638c/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5e:fd:47:f0:e2:f6:47:77:0b:ab:fe:19:63:22:1e:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 12 17:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6ee1d0e3fd16db8a0d22ab12a573277e0030fe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c3:29:98:06:7e:d4:8b:61:4a:cc:19:24:5d:
7a:00:88:78:ee:c1:97:22:de:a6:63:18:8b:68:40:
08:1c:41:ff:28:0a:48:a3:8c:ce:20:3a:74:45:66:
f3:b4:98:24:cb:c6:a4:e8:13:e5:aa:1b:ab:ec:00:
46:54:25:e3:93:dc:f9:06:83:dd:d2:c4:00:0a:cd:
65:5c:8a:1e:f7:f6:1b:61:cc:31:a8:0c:39:f7:49:
ef:23:e8:e6:8b:1d:06:bb:22:85:28:9f:ca:5a:36:
bf:83:7a:ef:0a:d8:bf:3d:5a:6e:4d:7d:07:56:77:
ed:da:ca:4f:99:68:d7:24:a7:23:23:f9:02:33:f0:
84:54:d4:40:f7:8a:65:94:6e:fc:2f:7c:f9:07:54:
82:e7:c2:63:8e:e3:bc:5e:d9:38:ed:97:d3:bc:7d:
06:26:58:17:1a:42:9e:09:a1:a1:8d:63:08:a4:e2:
17:98:f7:b1:73:ad:ce:c8:b0:a4:91:a1:1b:6a:03:
ec:a7:ff:81:d1:ae:9e:30:59:5c:3c:81:92:b0:b7:
37:c8:12:9d:40:c1:87:47:ca:b1:94:9a:e8:76:20:
a3:9b:05:13:c5:e3:00:f7:01:34:13:e3:8b:ce:c1:
58:52:fb:11:7d:b9:60:ce:16:b7:90:f5:f3:6c:83:
43:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:EE:1D:0E:3F:D1:6D:B8:A0:D2:2A:B1:2A:57:32:77:E0:03:0F:E4
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xu4dDj_Rbbig0iqxKlcyd-ADD-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
96:51:04:8a:fa:d2:b7:58:b4:dc:b2:9e:fa:67:d7:53:01:42:
a3:f4:70:f6:ef:84:1b:5d:a4:b6:79:40:01:d1:94:54:54:4e:
75:f3:7b:7d:87:ee:cb:a9:dc:12:4e:df:6c:ce:6b:e9:e9:1d:
5f:83:98:f5:a6:d1:dc:b0:13:38:52:1f:93:00:8e:c9:74:c9:
08:db:5b:02:a4:b4:0c:1e:7d:3e:23:98:48:98:80:70:97:82:
73:1f:07:94:b5:fa:d9:a8:de:6e:10:8c:14:e1:27:2f:bd:51:
de:e4:3c:87:63:db:fd:7a:33:b1:89:f9:0c:7e:1f:54:b0:fd:
ac:69:72:20:57:48:24:98:17:20:1a:ec:cc:07:64:2a:30:85:
e3:9f:07:ea:ba:5b:f2:48:10:6d:da:64:1d:a9:27:75:79:fb:
bc:db:b3:28:40:01:6d:f6:12:49:76:d5:ec:2b:54:e3:56:0a:
da:fa:1e:c8:f7:17:c4:b6:88:2d:f6:0e:f7:5f:8c:5a:f8:aa:
9b:d6:05:8c:60:68:af:32:36:4a:c0:ad:2a:a5:bc:49:5c:4d:
ea:92:03:3c:0f:c0:45:6f:0d:2a:85:8a:61:fc:34:32:8f:f0:
45:33:1c:a7:a2:60:5a:44:0c:9d:ec:fa:d3:6c:f8:04:b1:23:
63:30:78:d9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxe/Ufw4vZHdwur/hljIh5DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEyMTcwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmVlMWQwZTNmZDE2ZGI4YTBkMjJhYjEyYTU3MzI3N2UwMDMwZmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8MpmAZ+1IthSswZJF16AIh47sGX
It6mYxiLaEAIHEH/KApIo4zOIDp0RWbztJgky8ak6BPlqhur7ABGVCXjk9z5BoPd
0sQACs1lXIoe9/YbYcwxqAw590nvI+jmix0GuyKFKJ/KWja/g3rvCti/PVpuTX0H
Vnft2spPmWjXJKcjI/kCM/CEVNRA94pllG78L3z5B1SC58JjjuO8Xtk47ZfTvH0G
JlgXGkKeCaGhjWMIpOIXmPexc63OyLCkkaEbagPsp/+B0a6eMFlcPIGSsLc3yBKd
QMGHR8qxlJrodiCjmwUTxeMA9wE0E+OLzsFYUvsRfblgzha3kPXzbINDOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMbuHQ4/0W24oNIqsSpXMnfgAw/kMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveHU0ZERqX1JiYmlnMGlxeEtsY3lkLUFERC1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJZRBIr60rdYtNyynvpn
11MBQqP0cPbvhBtdpLZ5QAHRlFRUTnXze32H7sup3BJO32zOa+npHV+DmPWm0dyw
EzhSH5MAjsl0yQjbWwKktAwefT4jmEiYgHCXgnMfB5S1+tmo3m4QjBThJy+9Ud7k
PIdj2/16M7GJ+Qx+H1Sw/axpciBXSCSYFyAa7MwHZCowheOfB+q6W/JIEG3aZB2p
J3V5+7zbsyhAAW32Ekl21ewrVONWCtr6Hsj3F8S2iC32DvdfjFr4qpvWBYxgaK8y
NkrArSqlvElcTeqSAzwPwEVvDSqFimH8NDKP8EUzHKeiYFpEDJ3s+tNs+ASxI2Mw
eNk=
-----END CERTIFICATE-----
Generated at Mon May 12 22:00:37 2025 by rpki-client