Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XJZMnRgtO8tnyDBz6I4pTAhSy28.roa
File: XJZMnRgtO8tnyDBz6I4pTAhSy28.roa (raw, json)
Hash identifier: Oa2+n05eChpdCAC104r6nJk0SHHl2AHxNJk3pIQ7mmk=
Subject key identifier: 5C:96:4C:9D:18:2D:3B:CB:67:C8:30:73:E8:8E:29:4C:08:52:CB:6F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B739C298D86075AFB6E93FFEA39FFF660
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XJZMnRgtO8tnyDBz6I4pTAhSy28.roa
Signing time: Sat 28 Oct 2023 00:08:15 +0000
ROA not before: Sat 28 Oct 2023 00:08:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:739b:529c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:73:9c:29:8d:86:07:5a:fb:6e:93:ff:ea:39:ff:f6:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 28 00:08:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c964c9d182d3bcb67c83073e88e294c0852cb6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:47:94:ca:bf:5b:31:52:e6:b7:06:58:04:62:
29:dd:3e:f2:cf:f7:ba:79:af:7a:f3:0e:7f:6a:5c:
1f:d1:6a:1d:03:80:33:ab:9a:dd:2a:3a:60:47:62:
28:83:b9:21:23:bf:cc:e6:c1:2d:63:c4:24:85:71:
33:ae:7a:71:e1:bb:7a:ec:b9:1c:46:70:57:a2:ee:
61:5e:65:d4:51:de:70:24:67:f3:d6:3a:25:46:c5:
d6:0d:47:4f:9e:72:fc:a0:6b:2a:9c:c1:fd:b7:66:
31:e2:c6:30:02:54:60:4a:b5:ea:03:ef:ee:fd:b3:
7e:92:95:67:61:d5:2a:92:7c:79:d4:9f:e5:6e:7f:
dd:71:e9:54:6b:17:51:c7:96:86:e0:e9:86:c8:dd:
5a:65:d1:7d:65:4f:83:38:35:c2:52:42:0d:ef:a0:
96:05:77:ae:6e:ab:5c:79:ca:2c:10:94:55:f2:44:
00:2f:2f:97:6b:f4:3d:06:3f:14:49:8c:d0:cd:c4:
d7:59:f7:3a:e2:97:5f:9c:2b:ac:6a:16:7d:7a:1c:
b7:ae:0e:97:1e:30:a9:ac:70:b0:14:b3:2b:c7:4c:
b1:c4:30:ae:b1:42:4b:be:5d:65:dd:59:79:ff:6e:
ec:38:7b:3a:51:02:9d:45:aa:4b:cd:73:b7:6a:b8:
03:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:96:4C:9D:18:2D:3B:CB:67:C8:30:73:E8:8E:29:4C:08:52:CB:6F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XJZMnRgtO8tnyDBz6I4pTAhSy28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
50:68:4e:4c:b0:c2:9b:de:6e:c0:a0:6a:e6:d2:40:07:b3:e8:
c7:59:8f:06:06:aa:07:74:12:2c:cf:06:fa:9f:b1:43:28:d7:
9d:c4:51:23:ad:42:d3:9f:a2:2b:5b:3d:1c:03:38:17:78:2c:
a4:18:f0:2f:73:a0:0f:fe:4b:96:0b:cd:dd:b3:6d:13:09:2d:
99:a4:f2:54:66:c6:76:56:c2:76:bf:b4:29:40:8f:7f:aa:8c:
ec:a4:b4:51:bf:01:22:24:2c:a7:a6:8e:7b:fe:36:50:cd:9d:
fb:0f:95:f4:54:f1:d1:e3:30:d2:ce:93:ac:fb:39:17:73:34:
6d:57:d9:9c:22:67:db:3d:3d:93:44:51:5f:0e:17:1d:92:24:
87:a9:58:c5:fc:24:9e:f1:4d:18:2c:8c:bc:f0:aa:17:d7:21:
11:af:ba:74:bd:4b:56:64:82:b9:cf:39:ab:e9:2b:cc:15:16:
5f:5d:00:f8:cc:c8:f1:47:e2:ff:9f:72:ac:a5:34:26:99:b4:
37:63:2b:2d:57:9e:cd:20:7f:ac:0b:7b:d7:a4:da:53:bb:60:
e3:97:a0:cb:79:4b:7e:32:a7:bc:8c:af:79:4d:3d:3f:e5:a5:
ca:ca:fb:c6:0c:3c:22:fb:f4:28:a1:02:92:26:a8:90:2d:32:
6c:22:52:bd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtznCmNhgda+26T/+o5//ZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI4MDAwODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzk2NGM5ZDE4MmQzYmNiNjdjODMwNzNlODhlMjk0YzA4NTJjYjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEeUyr9bMVLmtwZYBGIp3T7yz/e6
ea968w5/alwf0WodA4Azq5rdKjpgR2Iog7khI7/M5sEtY8QkhXEzrnpx4bt67Lkc
RnBXou5hXmXUUd5wJGfz1jolRsXWDUdPnnL8oGsqnMH9t2Yx4sYwAlRgSrXqA+/u
/bN+kpVnYdUqknx51J/lbn/dcelUaxdRx5aG4OmGyN1aZdF9ZU+DODXCUkIN76CW
BXeubqtcecosEJRV8kQALy+Xa/Q9Bj8USYzQzcTXWfc64pdfnCusahZ9ehy3rg6X
HjCprHCwFLMrx0yxxDCusUJLvl1l3Vl5/27sOHs6UQKdRapLzXO3argDnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFyWTJ0YLTvLZ8gwc+iOKUwIUstvMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWEpaTW5SZ3RPOHRueURCejZJNHBUQWhTeTI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFBoTkywwpvebsCgaubS
QAez6MdZjwYGqgd0EizPBvqfsUMo153EUSOtQtOfoitbPRwDOBd4LKQY8C9zoA/+
S5YLzd2zbRMJLZmk8lRmxnZWwna/tClAj3+qjOyktFG/ASIkLKemjnv+NlDNnfsP
lfRU8dHjMNLOk6z7ORdzNG1X2ZwiZ9s9PZNEUV8OFx2SJIepWMX8JJ7xTRgsjLzw
qhfXIRGvunS9S1ZkgrnPOavpK8wVFl9dAPjMyPFH4v+fcqylNCaZtDdjKy1Xns0g
f6wLe9ek2lO7YOOXoMt5S34yp7yMr3lNPT/lpcrK+8YMPCL79CihApImqJAtMmwi
Ur0=
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:33:17 2025 by rpki-client