Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xzkZ405wAUL2txfmjCMMDhQs1c0.roa
File: xzkZ405wAUL2txfmjCMMDhQs1c0.roa (raw, json)
Hash identifier: aJtQWGIHv0aFmeJbtC184/phzlA85d9KXIXP26AiP+4=
Subject key identifier: C7:39:19:E3:4E:70:01:42:F6:B7:17:E6:8C:23:0C:0E:14:2C:D5:CD
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AC7F98501CED34A43FD2214C84114C792
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xzkZ405wAUL2txfmjCMMDhQs1c0.roa
Signing time: Sun 24 Sep 2023 16:15:33 +0000
ROA not before: Sun 24 Sep 2023 16:15:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c7:f9:85:01:ce:d3:4a:43:fd:22:14:c8:41:14:c7:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 24 16:15:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c73919e34e700142f6b717e68c230c0e142cd5cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8a:43:52:33:31:a6:5f:d2:84:e0:f6:c7:b7:
dc:3d:7e:81:81:11:9f:d3:65:fc:d2:6b:13:da:ee:
a3:4b:61:a9:58:37:48:bb:c0:66:54:e6:e1:40:b4:
95:aa:e8:bc:92:c5:26:3a:4b:f4:6a:8c:81:da:53:
6e:a3:46:52:3b:2b:f0:78:7f:72:ba:47:fc:10:fc:
46:0b:a7:fd:84:cb:3d:9e:67:e0:e2:ca:0b:19:74:
5e:70:b7:fe:5d:69:39:77:76:7b:4e:de:f8:64:82:
c9:81:65:f9:f9:58:5a:f7:6b:dd:9b:c7:1e:54:1f:
8f:53:31:48:e7:ba:90:06:00:ee:14:83:8e:e1:4f:
58:9d:30:6a:13:53:eb:9c:e1:3d:73:3c:90:c6:59:
a8:da:3a:74:3d:7a:c4:bb:8f:2d:a3:fc:89:7f:d8:
67:d5:82:02:e0:d0:db:e7:06:5c:38:8c:59:2c:b9:
21:ea:bb:a9:08:86:c8:b4:d0:db:31:c2:89:28:bf:
10:14:d0:74:e0:03:4c:00:68:8c:cb:5c:d3:eb:03:
d2:20:b5:95:c2:9f:cd:7b:c4:c5:7c:02:ff:16:a1:
90:15:32:91:8c:56:1e:9a:78:2e:5a:c4:f3:d4:f3:
85:af:d2:ce:96:be:93:cb:62:d6:db:fd:88:14:52:
b3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:39:19:E3:4E:70:01:42:F6:B7:17:E6:8C:23:0C:0E:14:2C:D5:CD
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xzkZ405wAUL2txfmjCMMDhQs1c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
bd:e0:0f:b3:65:d9:85:fe:ee:b2:40:db:68:1f:3f:6b:31:81:
34:85:53:f3:8c:8f:b5:c7:c6:a5:08:29:97:c2:98:85:a2:00:
e2:96:ec:56:6f:78:5b:8a:70:4f:5d:fd:e4:e5:aa:38:aa:1b:
82:ca:6c:8d:48:28:aa:62:f6:01:14:b4:de:24:80:74:ab:cc:
73:57:0d:06:34:be:47:65:51:56:6c:e6:54:bf:88:dd:b3:de:
6a:ee:4f:69:a4:b4:a0:e0:19:b5:ea:0c:47:00:dd:83:b2:04:
36:35:b4:e2:4b:c5:86:04:68:b5:76:68:d1:79:ec:20:4e:80:
3f:c7:dc:84:43:1f:bf:49:bf:ef:27:53:96:67:f2:af:b2:2b:
50:fc:38:cd:ef:a7:f8:0e:26:a9:a7:de:48:5e:94:93:00:16:
e2:83:f7:22:36:fa:03:25:95:7f:a9:b9:7f:2d:c0:75:f5:49:
a2:83:d8:7e:0b:67:37:2b:48:4a:12:06:ec:ba:0a:1a:a4:94:
99:8e:fc:18:39:46:5f:1b:7f:17:bb:37:11:04:4d:b3:54:27:
e3:17:3d:a7:54:29:9e:97:1b:79:1f:9d:f7:33:82:df:05:f8:
f2:27:6d:77:ab:27:f7:7b:7d:c1:94:b4:21:df:be:0b:6e:da:
c0:86:2d:15
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrH+YUBztNKQ/0iFMhBFMeSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI0MTYxNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzM5MTllMzRlNzAwMTQyZjZiNzE3ZTY4YzIzMGMwZTE0MmNkNWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4pDUjMxpl/ShOD2x7fcPX6BgRGf
02X80msT2u6jS2GpWDdIu8BmVObhQLSVqui8ksUmOkv0aoyB2lNuo0ZSOyvweH9y
ukf8EPxGC6f9hMs9nmfg4soLGXRecLf+XWk5d3Z7Tt74ZILJgWX5+Vha92vdm8ce
VB+PUzFI57qQBgDuFIOO4U9YnTBqE1PrnOE9czyQxlmo2jp0PXrEu48to/yJf9hn
1YIC4NDb5wZcOIxZLLkh6rupCIbItNDbMcKJKL8QFNB04ANMAGiMy1zT6wPSILWV
wp/Ne8TFfAL/FqGQFTKRjFYemnguWsTz1POFr9LOlr6Ty2LW2/2IFFKzEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMc5GeNOcAFC9rcX5owjDA4ULNXNMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveHprWjQwNXdBVUwydHhmbWpDTU1EaFFzMWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAL3gD7Nl2YX+7rJA22gf
P2sxgTSFU/OMj7XHxqUIKZfCmIWiAOKW7FZveFuKcE9d/eTlqjiqG4LKbI1IKKpi
9gEUtN4kgHSrzHNXDQY0vkdlUVZs5lS/iN2z3mruT2mktKDgGbXqDEcA3YOyBDY1
tOJLxYYEaLV2aNF57CBOgD/H3IRDH79Jv+8nU5Zn8q+yK1D8OM3vp/gOJqmn3khe
lJMAFuKD9yI2+gMllX+puX8twHX1SaKD2H4LZzcrSEoSBuy6ChqklJmO/Bg5Rl8b
fxe7NxEETbNUJ+MXPadUKZ6XG3kfnfczgt8F+PInbXerJ/d7fcGUtCHfvgtu2sCG
LRU=
-----END CERTIFICATE-----
Generated at Sun May 11 10:21:12 2025 by rpki-client