Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/5XgYQnDD6M7mxqM1mHTJdsdDa7I.roa
File: 5XgYQnDD6M7mxqM1mHTJdsdDa7I.roa (raw, json)
Hash identifier: t7qfOIYep01UvmcM1CNcyopKMpdpr/dWu5sklDKrU6s=
Subject key identifier: E5:78:18:42:70:C3:E8:CE:E6:C6:A3:35:98:74:C9:76:C7:43:6B:B2
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BBC9276D2B246828A497CA412F9294A36
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/5XgYQnDD6M7mxqM1mHTJdsdDa7I.roa
Signing time: Sat 11 Nov 2023 04:09:57 +0000
ROA not before: Sat 11 Nov 2023 04:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bc:92:76:d2:b2:46:82:8a:49:7c:a4:12:f9:29:4a:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 11 04:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e578184270c3e8cee6c6a3359874c976c7436bb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f9:28:a0:e0:6f:30:00:e8:2b:9a:61:17:fc:
11:29:9d:93:c4:71:fa:14:61:fb:59:34:82:0c:22:
83:2c:2d:27:5b:1d:a4:47:4b:43:e3:e1:07:1f:f2:
1d:98:bc:3b:80:fd:8c:07:0c:80:e8:c5:48:f3:c7:
15:b2:13:65:62:10:58:3f:34:c4:7c:4f:59:24:fc:
cc:f9:a1:cc:7b:db:4d:99:3f:ee:2a:21:d8:57:d5:
97:30:5c:76:e0:34:98:5b:60:4e:79:50:7c:db:61:
c7:06:b2:e4:49:24:4d:ba:62:98:b3:b3:83:0a:4d:
96:1d:2a:87:72:35:18:fa:26:4e:a9:a5:09:0e:5f:
65:3a:13:c3:fb:47:a1:c1:65:c3:14:ce:a0:d6:98:
2b:66:2e:a7:25:10:e8:8b:93:6b:9d:6e:17:62:38:
42:7b:bc:54:a2:1d:82:52:6d:17:19:fe:0b:1d:c0:
86:43:84:a0:27:f7:9a:46:df:2e:77:35:0f:82:62:
8e:a6:1a:6b:7d:a2:61:7e:05:f5:64:64:42:8b:61:
1d:00:52:c8:ac:7f:31:07:23:c1:eb:91:e5:78:b8:
56:1c:8c:4e:c7:9d:d8:4e:e9:9a:b5:93:b4:7b:c0:
90:4d:52:89:a7:e2:e6:eb:16:fe:ac:52:19:49:ee:
99:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:78:18:42:70:C3:E8:CE:E6:C6:A3:35:98:74:C9:76:C7:43:6B:B2
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/5XgYQnDD6M7mxqM1mHTJdsdDa7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:b0:fb:4d:a4:b3:44:49:7c:07:9d:f8:3f:08:9a:e0:74:ef:
90:53:f6:4d:f3:fc:ab:5b:1c:55:29:cf:84:83:82:cf:da:6d:
84:f9:8d:64:33:24:8b:3a:c2:38:e4:f0:68:04:3c:9a:e3:dc:
07:da:e6:1e:d4:07:9e:92:bd:cc:e7:14:2e:e6:31:ca:64:93:
8f:fb:dc:f7:61:27:86:0b:28:70:d6:73:61:b7:a3:f0:8e:a8:
0f:b4:1d:0b:39:39:6c:af:f2:b9:ec:36:58:a1:52:4c:c0:d7:
dd:ad:6e:b7:9d:4e:7d:ae:b3:67:41:54:3e:fe:8e:9b:24:78:
5b:58:5f:96:35:4f:83:19:6a:1d:54:ab:f9:5a:20:a1:52:0c:
ce:54:28:59:44:47:0e:d0:64:10:1c:ef:bb:59:19:fa:3f:f5:
50:89:02:e1:ff:4e:7d:c9:72:2f:47:5b:58:c3:1e:ef:8c:3b:
4d:c7:3e:e5:b9:e3:4d:9a:40:ca:13:3b:ab:bd:91:db:e2:33:
da:8d:56:24:b6:2c:f8:72:34:58:ff:30:11:9f:a4:f8:a5:22:
a5:b8:35:6e:cc:43:cb:2f:69:14:07:24:9d:c6:74:16:bb:5c:
03:e9:f4:18:b7:3d:02:7e:f9:e0:f2:16:8f:a0:af:5e:de:c3:
ac:02:23:32
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu8knbSskaCikl8pBL5KUo2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTExMDQwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTc4MTg0MjcwYzNlOGNlZTZjNmEzMzU5ODc0Yzk3NmM3NDM2YmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPkooOBvMADoK5phF/wRKZ2TxHH6
FGH7WTSCDCKDLC0nWx2kR0tD4+EHH/IdmLw7gP2MBwyA6MVI88cVshNlYhBYPzTE
fE9ZJPzM+aHMe9tNmT/uKiHYV9WXMFx24DSYW2BOeVB822HHBrLkSSRNumKYs7OD
Ck2WHSqHcjUY+iZOqaUJDl9lOhPD+0ehwWXDFM6g1pgrZi6nJRDoi5NrnW4XYjhC
e7xUoh2CUm0XGf4LHcCGQ4SgJ/eaRt8udzUPgmKOphprfaJhfgX1ZGRCi2EdAFLI
rH8xByPB65HleLhWHIxOx53YTumatZO0e8CQTVKJp+Lm6xb+rFIZSe6ZyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOV4GEJww+jO5sajNZh0yXbHQ2uyMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNVhnWVFuREQ2TTdteHFNMW1IVEpkc2REYTdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAByw+02ks0RJfAed+D8I
muB075BT9k3z/KtbHFUpz4SDgs/abYT5jWQzJIs6wjjk8GgEPJrj3Afa5h7UB56S
vcznFC7mMcpkk4/73PdhJ4YLKHDWc2G3o/COqA+0HQs5OWyv8rnsNlihUkzA192t
bredTn2us2dBVD7+jpskeFtYX5Y1T4MZah1Uq/laIKFSDM5UKFlERw7QZBAc77tZ
Gfo/9VCJAuH/Tn3Jci9HW1jDHu+MO03HPuW5402aQMoTO6u9kdviM9qNViS2LPhy
NFj/MBGfpPilIqW4NW7MQ8svaRQHJJ3GdBa7XAPp9Bi3PQJ++eDyFo+gr17ew6wC
IzI=
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:40:26 2025 by rpki-client