Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/X2T6xbImgn3xBKb9G9Vd6TApw4w.roa
File: X2T6xbImgn3xBKb9G9Vd6TApw4w.roa (raw, json)
Hash identifier: PjXWe8PSR/jQaCBLUuIs2W9x1hBNXh7gdZq2U1AIe5c=
Subject key identifier: 5F:64:FA:C5:B2:26:82:7D:F1:04:A6:FD:1B:D5:5D:E9:30:29:C3:8C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C7DEE6BD8A47C25502E251BB062C4B82F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/X2T6xbImgn3xBKb9G9Vd6TApw4w.roa
Signing time: Mon 18 Dec 2023 17:17:06 +0000
ROA not before: Mon 18 Dec 2023 17:17:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7d:ee:6b:d8:a4:7c:25:50:2e:25:1b:b0:62:c4:b8:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 18 17:17:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f64fac5b226827df104a6fd1bd55de93029c38c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ba:61:19:02:fe:79:07:a7:e2:72:a8:df:ab:
5f:9f:6b:e7:fe:0d:b2:ad:fe:52:10:90:fe:0d:de:
61:ba:c2:ee:a8:19:12:14:38:87:17:7b:cd:8f:23:
e1:8b:0b:10:c2:c0:6e:0d:ab:41:52:33:44:fe:5e:
a8:8b:2a:ea:bf:44:e0:0b:d9:7c:0c:d3:8f:f8:7b:
16:ba:46:ea:32:18:5d:17:69:5a:c4:ff:11:05:3b:
3a:ad:cd:02:6f:fa:ae:8f:8b:6f:f3:83:60:c3:a2:
d3:97:f7:40:4f:dd:08:b1:44:20:70:7a:4d:d2:45:
63:8d:36:94:b6:23:e7:7f:fe:aa:1b:a2:2f:02:56:
4c:25:11:5b:5d:ad:ac:33:8b:ed:f1:92:01:f7:6e:
96:36:93:ad:7e:dd:18:9e:28:0e:40:0a:17:ef:9a:
b7:af:5b:f3:5e:26:cf:ca:6d:62:73:ef:df:74:fd:
3a:55:01:f0:e8:cb:ca:87:79:7d:93:40:ce:18:fe:
ab:f8:63:f7:f6:0b:02:47:0a:a0:72:e2:be:f1:6a:
85:70:a8:ea:bc:c4:4e:0f:f7:ed:6c:0f:fa:5a:92:
04:af:52:07:f9:5d:90:53:82:8f:d5:9e:c4:a7:8a:
9d:6c:ce:67:29:09:e8:67:f4:a0:8a:bc:f1:f6:26:
01:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:64:FA:C5:B2:26:82:7D:F1:04:A6:FD:1B:D5:5D:E9:30:29:C3:8C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/X2T6xbImgn3xBKb9G9Vd6TApw4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9c:1b:b4:fa:ef:96:2e:e2:ee:18:ee:1e:61:98:3c:43:4a:34:
39:01:16:ca:2d:a0:6d:a0:9e:86:31:14:6b:7d:cf:49:9b:03:
31:e9:38:94:79:e4:97:d1:c7:40:f6:63:29:cc:95:90:7c:bd:
de:79:f9:2a:14:b5:d4:b5:3b:46:a8:c2:b6:91:c9:4e:1d:48:
0d:ba:26:e2:bd:de:37:f0:87:b0:f5:65:44:1f:16:e0:7a:c2:
30:4c:4d:15:d1:d7:e1:c8:c6:1f:79:05:0a:56:74:f7:b0:6b:
23:6f:ea:a7:d4:82:56:e7:7d:c0:9e:d6:24:80:6f:c3:ef:97:
3f:28:47:61:f4:68:cf:50:b2:09:33:36:d9:b9:d4:64:68:c0:
5f:14:a9:ac:5f:50:53:c7:43:93:b0:dc:b8:78:df:9f:98:e6:
7c:f1:8b:cd:7c:0d:ed:74:3b:a5:9b:41:1d:27:f3:14:46:c4:
1a:0f:d6:dc:b6:72:b6:80:46:d0:d4:25:13:5a:0f:04:06:0f:
8f:de:32:13:40:f4:ed:77:f0:8e:49:e7:90:2f:f0:b9:3d:33:
49:4f:d8:61:df:67:1c:1e:8f:a1:b6:83:39:51:31:6d:43:57:
30:08:ce:b4:49:25:a1:72:20:42:03:ee:ff:f0:9d:30:92:78:
09:42:f5:61
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx97mvYpHwlUC4lG7BixLgvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE4MTcxNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjY0ZmFjNWIyMjY4MjdkZjEwNGE2ZmQxYmQ1NWRlOTMwMjljMzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7phGQL+eQen4nKo36tfn2vn/g2y
rf5SEJD+Dd5husLuqBkSFDiHF3vNjyPhiwsQwsBuDatBUjNE/l6oiyrqv0TgC9l8
DNOP+HsWukbqMhhdF2laxP8RBTs6rc0Cb/quj4tv84Ngw6LTl/dAT90IsUQgcHpN
0kVjjTaUtiPnf/6qG6IvAlZMJRFbXa2sM4vt8ZIB926WNpOtft0YnigOQAoX75q3
r1vzXibPym1ic+/fdP06VQHw6MvKh3l9k0DOGP6r+GP39gsCRwqgcuK+8WqFcKjq
vMROD/ftbA/6WpIEr1IH+V2QU4KP1Z7Ep4qdbM5nKQnoZ/Sgirzx9iYBDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF9k+sWyJoJ98QSm/RvVXekwKcOMMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWDJUNnhiSW1nbjN4QktiOUc5VmQ2VEFwdzR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJwbtPrvli7i7hjuHmGY
PENKNDkBFsotoG2gnoYxFGt9z0mbAzHpOJR55JfRx0D2YynMlZB8vd55+SoUtdS1
O0aowraRyU4dSA26JuK93jfwh7D1ZUQfFuB6wjBMTRXR1+HIxh95BQpWdPewayNv
6qfUglbnfcCe1iSAb8Pvlz8oR2H0aM9QsgkzNtm51GRowF8UqaxfUFPHQ5Ow3Lh4
35+Y5nzxi818De10O6WbQR0n8xRGxBoP1ty2craARtDUJRNaDwQGD4/eMhNA9O13
8I5J55Av8Lk9M0lP2GHfZxwej6G2gzlRMW1DVzAIzrRJJaFyIEID7v/wnTCSeAlC
9WE=
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:51:05 2025 by rpki-client