Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XGo54CSM8X7UjQZGo4e6yGl3Ag0.roa
File: XGo54CSM8X7UjQZGo4e6yGl3Ag0.roa (raw, json)
Hash identifier: dIK1+dkytp/+66GYtTA5+DVt50n1z+WXR4/ECMoZz/Q=
Subject key identifier: 5C:6A:39:E0:24:8C:F1:7E:D4:8D:06:46:A3:87:BA:C8:69:77:02:0D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C72840E5C2CCE2A07A9CA396F8C6E1580
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XGo54CSM8X7UjQZGo4e6yGl3Ag0.roa
Signing time: Sat 16 Dec 2023 12:05:06 +0000
ROA not before: Sat 16 Dec 2023 12:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:7283:408a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:72:84:0e:5c:2c:ce:2a:07:a9:ca:39:6f:8c:6e:15:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 16 12:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c6a39e0248cf17ed48d0646a387bac86977020d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:04:6a:f1:8f:b4:b0:51:b2:3b:1f:ed:eb:ed:
8f:0b:a2:54:c9:00:ac:b6:21:33:f9:ca:31:00:c8:
5f:26:80:98:c1:21:1a:28:66:f9:3e:af:24:0c:00:
c4:30:19:d8:cd:1e:b1:30:be:3e:ea:5c:33:38:27:
45:3b:d8:a5:71:87:33:16:71:6e:46:32:0d:e9:09:
b3:07:b7:4b:3c:1c:92:6f:44:30:a4:2d:9e:5e:5c:
b5:bd:9f:63:ab:e6:28:b7:7f:25:26:0d:fb:0c:5c:
46:79:5e:a1:b6:25:7f:1e:e5:45:34:e1:52:70:f4:
a5:70:c4:25:d1:3f:22:4c:35:78:b4:c5:2e:a5:5b:
33:02:5a:be:6f:b0:de:d5:55:b2:bb:ff:72:1a:62:
c9:a6:ff:78:a6:4e:f1:a5:89:13:ed:fe:f4:35:75:
36:2e:63:e1:44:fa:28:5a:16:79:cf:fd:49:ad:a6:
ec:47:97:71:2d:7e:0e:b4:09:2e:4b:72:17:64:5e:
2a:7e:f6:40:0b:cb:6b:00:89:a9:93:8b:f6:93:43:
a9:0d:03:39:2b:72:7b:47:c1:26:08:f7:f2:5f:57:
5f:6b:16:68:7d:9b:47:86:d2:23:ea:6e:4e:41:ae:
da:18:09:7f:75:9c:a2:75:e1:6a:7e:4c:78:3d:f9:
94:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:6A:39:E0:24:8C:F1:7E:D4:8D:06:46:A3:87:BA:C8:69:77:02:0D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XGo54CSM8X7UjQZGo4e6yGl3Ag0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
97:99:ae:c0:19:02:5d:5d:9b:60:42:e1:b5:9d:cd:3b:6e:f6:
df:11:67:3e:8c:37:2d:e1:d0:c5:e8:34:90:08:65:70:05:95:
2c:c2:b9:53:a3:da:35:f6:d5:15:94:f0:6d:81:fa:fb:43:d0:
d2:07:72:a4:c1:3e:e2:3a:e6:7a:71:e4:ba:c2:08:9c:ef:ff:
81:d1:bc:de:ab:20:72:8e:f2:8f:fa:a5:7f:7a:ce:b9:e1:e2:
16:ee:d4:bf:a6:d3:aa:22:a8:d7:75:7b:67:99:ce:0c:d6:94:
ae:da:01:a9:7b:03:19:9a:c3:3d:8f:0c:1c:0f:43:98:c8:47:
1d:e0:56:e8:19:f6:0a:f2:ca:78:2f:a7:dd:32:b1:ff:68:57:
62:e2:c1:11:f1:5f:d5:e8:ed:24:9a:73:22:59:da:83:7f:6d:
46:a5:d7:e3:97:84:a1:df:dc:6e:1c:85:33:3a:ad:c5:91:de:
d9:1c:7f:69:1c:8e:6e:e5:be:21:53:11:d3:07:16:4e:59:72:
76:64:5b:fb:0f:c3:3b:61:5e:83:7c:40:fb:a9:5a:22:2a:64:
eb:47:d7:6f:09:f3:df:0b:7e:88:49:9d:99:38:9f:58:8f:47:
5f:ce:b9:1f:af:52:c4:3a:8b:2d:ab:d2:b6:e9:47:0c:c6:98:
46:6c:2a:93
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxyhA5cLM4qB6nKOW+MbhWAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE2MTIwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzZhMzllMDI0OGNmMTdlZDQ4ZDA2NDZhMzg3YmFjODY5NzcwMjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgRq8Y+0sFGyOx/t6+2PC6JUyQCs
tiEz+coxAMhfJoCYwSEaKGb5Pq8kDADEMBnYzR6xML4+6lwzOCdFO9ilcYczFnFu
RjIN6QmzB7dLPBySb0QwpC2eXly1vZ9jq+Yot38lJg37DFxGeV6htiV/HuVFNOFS
cPSlcMQl0T8iTDV4tMUupVszAlq+b7De1VWyu/9yGmLJpv94pk7xpYkT7f70NXU2
LmPhRPooWhZ5z/1JrabsR5dxLX4OtAkuS3IXZF4qfvZAC8trAImpk4v2k0OpDQM5
K3J7R8EmCPfyX1dfaxZofZtHhtIj6m5OQa7aGAl/dZyideFqfkx4PfmU+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFxqOeAkjPF+1I0GRqOHushpdwINMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWEdvNTRDU004WDdValFaR280ZTZ5R2wzQWcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJeZrsAZAl1dm2BC4bWd
zTtu9t8RZz6MNy3h0MXoNJAIZXAFlSzCuVOj2jX21RWU8G2B+vtD0NIHcqTBPuI6
5npx5LrCCJzv/4HRvN6rIHKO8o/6pX96zrnh4hbu1L+m06oiqNd1e2eZzgzWlK7a
Aal7Axmawz2PDBwPQ5jIRx3gVugZ9gryyngvp90ysf9oV2LiwRHxX9Xo7SSacyJZ
2oN/bUal1+OXhKHf3G4chTM6rcWR3tkcf2kcjm7lviFTEdMHFk5ZcnZkW/sPwzth
XoN8QPupWiIqZOtH128J898LfohJnZk4n1iPR1/OuR+vUsQ6iy2r0rbpRwzGmEZs
KpM=
-----END CERTIFICATE-----
Generated at Mon Jul 28 21:48:48 2025 by rpki-client