Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XCjByfMFHM28PGnqDIFj80EsOI0.roa
File: XCjByfMFHM28PGnqDIFj80EsOI0.roa (raw, json)
Hash identifier: XHt1E0NtqQK73Oz0mSZUSHwOTjSP6LCu+BJV4yf9KKQ=
Subject key identifier: 5C:28:C1:C9:F3:05:1C:CD:BC:3C:69:EA:0C:81:63:F3:41:2C:38:8D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BBD6F1B1F2290AD615D24AF8159B0E788
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XCjByfMFHM28PGnqDIFj80EsOI0.roa
Signing time: Sat 11 Nov 2023 08:10:57 +0000
ROA not before: Sat 11 Nov 2023 08:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bd:6f:1b:1f:22:90:ad:61:5d:24:af:81:59:b0:e7:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 11 08:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c28c1c9f3051ccdbc3c69ea0c8163f3412c388d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:21:ed:8b:b4:f1:28:99:af:6b:0b:30:aa:17:
7f:2a:de:1f:b0:6a:ee:d9:df:fc:64:ba:02:ab:9c:
0f:b7:2f:47:03:f0:33:42:78:19:d3:8d:93:38:05:
61:7b:ff:b6:5b:5d:90:13:1b:3a:e3:b3:ec:39:4e:
9b:ec:de:57:87:31:70:38:66:67:d9:1b:24:1d:61:
64:50:38:1d:5d:82:fd:0e:3f:81:1b:63:7c:45:36:
2f:24:b6:b1:d2:5c:88:58:23:bb:86:b9:e1:b3:fb:
bb:45:c0:b6:1f:21:3a:69:91:71:e3:13:e0:69:cd:
2f:39:d4:e9:8f:f6:0f:fa:9d:8c:af:7e:3c:1c:d4:
ff:5b:0d:ca:0f:2b:b5:59:e2:b1:05:5f:6a:e0:25:
75:26:86:d5:55:7e:3f:b0:d4:f8:13:7a:98:aa:dc:
5f:f6:32:9f:0a:27:dc:cf:f7:09:79:61:1e:62:07:
cc:c9:35:61:43:b7:d8:00:6e:28:a7:d3:bb:72:a4:
5f:58:9f:6b:c7:47:fd:fe:3c:7d:1c:ba:f5:d0:c6:
2c:c2:ba:14:59:9a:4d:d4:b5:b6:e5:91:65:f4:7e:
a6:02:cd:0f:2b:58:af:8c:20:4a:18:39:29:f6:97:
55:ea:34:b5:99:1e:c5:f7:89:8e:4e:c1:95:24:da:
09:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:28:C1:C9:F3:05:1C:CD:BC:3C:69:EA:0C:81:63:F3:41:2C:38:8D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XCjByfMFHM28PGnqDIFj80EsOI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0a:92:89:a6:96:f5:fa:bc:82:a3:19:75:a9:5a:fb:d7:c7:84:
13:40:5f:9e:70:98:38:72:87:1c:64:a5:37:ab:05:cf:97:dc:
df:8a:a8:0c:19:51:68:82:ce:29:57:94:95:1b:03:c5:67:b2:
ef:13:93:85:4f:12:60:49:58:fa:01:75:46:ca:d7:75:74:06:
24:27:7b:56:82:b3:ad:fc:e6:72:8a:13:9b:43:23:65:89:f0:
f4:8b:fe:ed:94:36:5e:91:99:ea:be:e4:c1:d1:11:3a:fd:62:
42:1d:fd:2e:4c:bf:ed:f5:b2:7e:93:0b:dc:74:e6:24:af:c1:
c4:ec:cf:f8:26:c6:99:20:b0:70:42:be:4e:bd:bf:21:a7:69:
67:2b:8b:ec:a0:05:c6:85:e3:15:84:fa:52:84:23:6c:cb:21:
55:de:ef:e9:5c:7f:3c:4e:cc:4c:6a:e6:5a:37:98:7b:3a:2f:
09:35:1b:8b:a1:42:34:1b:f6:aa:a0:4f:72:4b:27:7d:a1:19:
75:6b:34:d2:5f:ab:11:00:75:39:bd:7a:76:4b:ad:39:da:a3:
c9:69:a5:5f:0b:9e:8b:12:93:77:9a:98:94:57:07:0b:91:e6:
7b:2f:75:82:11:6f:e2:2f:15:a2:03:c7:0a:98:32:23:9b:e4:
fb:25:1d:33
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu9bxsfIpCtYV0kr4FZsOeIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTExMDgxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzI4YzFjOWYzMDUxY2NkYmMzYzY5ZWEwYzgxNjNmMzQxMmMzODhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiHti7TxKJmvawswqhd/Kt4fsGru
2d/8ZLoCq5wPty9HA/AzQngZ042TOAVhe/+2W12QExs647PsOU6b7N5XhzFwOGZn
2RskHWFkUDgdXYL9Dj+BG2N8RTYvJLax0lyIWCO7hrnhs/u7RcC2HyE6aZFx4xPg
ac0vOdTpj/YP+p2Mr348HNT/Ww3KDyu1WeKxBV9q4CV1JobVVX4/sNT4E3qYqtxf
9jKfCifcz/cJeWEeYgfMyTVhQ7fYAG4op9O7cqRfWJ9rx0f9/jx9HLr10MYswroU
WZpN1LW25ZFl9H6mAs0PK1ivjCBKGDkp9pdV6jS1mR7F94mOTsGVJNoJzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFwowcnzBRzNvDxp6gyBY/NBLDiNMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWENqQnlmTUZITTI4UEducURJRmo4MEVzT0kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAqSiaaW9fq8gqMZdala
+9fHhBNAX55wmDhyhxxkpTerBc+X3N+KqAwZUWiCzilXlJUbA8Vnsu8Tk4VPEmBJ
WPoBdUbK13V0BiQne1aCs6385nKKE5tDI2WJ8PSL/u2UNl6Rmeq+5MHRETr9YkId
/S5Mv+31sn6TC9x05iSvwcTsz/gmxpkgsHBCvk69vyGnaWcri+ygBcaF4xWE+lKE
I2zLIVXe7+lcfzxOzExq5lo3mHs6Lwk1G4uhQjQb9qqgT3JLJ32hGXVrNNJfqxEA
dTm9enZLrTnao8lppV8LnosSk3eamJRXBwuR5nsvdYIRb+IvFaIDxwqYMiOb5Psl
HTM=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:11:14 2025 by rpki-client