Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XKf3vF6gZBBmD9d2w2GUdWMjBSI.roa
File: XKf3vF6gZBBmD9d2w2GUdWMjBSI.roa (raw, json)
Hash identifier: lVovBm6PcPp2hquiZQ861FLhGfPrg8nDcB5q2VzBG4U=
Subject key identifier: 5C:A7:F7:BC:5E:A0:64:10:66:0F:D7:76:C3:61:94:75:63:23:05:22
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B86121DB9EA487A39D2DA63343B2DF409
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XKf3vF6gZBBmD9d2w2GUdWMjBSI.roa
Signing time: Tue 31 Oct 2023 14:10:16 +0000
ROA not before: Tue 31 Oct 2023 14:10:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:86:12:1d:b9:ea:48:7a:39:d2:da:63:34:3b:2d:f4:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 31 14:10:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ca7f7bc5ea06410660fd776c361947563230522
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:67:85:2a:71:0b:08:57:3a:d9:57:67:a4:7a:
9a:92:6d:e1:52:86:98:85:8d:06:ad:30:2b:b5:7e:
aa:d0:b8:a0:b1:e0:ac:42:0a:0b:aa:4e:c2:82:0a:
82:e0:e2:46:22:c8:cb:9f:1c:e9:ec:8b:3e:e9:a3:
c9:bd:0f:bb:f4:c8:0e:7e:40:c6:45:52:05:37:4d:
ec:e4:6a:21:93:1c:2c:34:b5:cd:49:65:f0:06:0b:
5b:26:c2:76:b7:88:4a:3f:4a:d3:62:72:db:71:a5:
31:77:27:37:1b:86:68:b1:b9:f0:69:2f:40:37:fb:
f8:21:2d:86:28:fc:f6:fc:fc:d7:4f:5d:6f:2a:1f:
a5:05:d0:d8:21:8e:77:99:49:05:03:2f:28:67:e0:
cb:d8:e7:4e:ce:55:b9:71:ac:04:83:6a:e7:32:4f:
53:d8:a3:f2:25:3e:06:79:de:31:0f:d9:2f:a0:c9:
08:bd:68:d5:f0:c8:de:b2:8b:1f:7e:2b:86:8a:9d:
e5:5d:d8:3f:c6:02:8a:85:a0:2b:45:d1:61:7b:6c:
47:68:bf:2c:84:79:8e:bc:76:ff:2a:24:fd:52:fa:
79:0e:f3:5e:64:36:b7:d9:d0:a2:37:cf:ea:54:be:
e6:2a:68:15:5a:37:39:96:9c:0d:36:79:30:81:60:
73:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A7:F7:BC:5E:A0:64:10:66:0F:D7:76:C3:61:94:75:63:23:05:22
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XKf3vF6gZBBmD9d2w2GUdWMjBSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:0e:55:4a:bf:70:76:c7:17:44:f0:59:e7:e0:54:44:f0:4a:
b0:80:42:f4:b7:42:72:27:6c:0d:e3:63:cb:21:8f:f3:17:98:
6a:a1:77:37:a1:7d:a5:2a:ff:40:68:60:12:a8:b6:4e:47:71:
a4:73:0e:ae:32:d7:e1:bd:7c:24:44:a0:07:80:e5:9b:ca:03:
05:85:51:c4:5e:13:c8:71:c4:04:54:00:c5:f7:02:d6:b2:9b:
20:15:42:ae:6b:d8:4f:34:46:75:a9:c7:a7:eb:91:f2:13:4f:
9e:1d:0c:f1:a1:b0:ce:7e:64:3a:63:fa:aa:c5:b4:5d:1b:ed:
85:20:07:34:b0:de:04:ff:0d:d2:e9:23:42:af:66:2e:63:32:
4c:67:3c:ad:32:b2:7b:89:0c:b9:c4:38:58:d6:6b:76:dd:b1:
43:37:da:d3:c8:58:7f:17:94:9e:87:5f:4c:a4:86:df:b1:97:
83:f3:3d:5c:19:87:80:dd:13:af:ad:a2:35:11:5f:ed:78:1d:
33:d0:ce:0c:d9:24:ea:0c:06:1c:52:ef:61:97:98:d2:b6:61:
d3:18:ca:fe:d2:81:0d:7c:38:e1:3c:f8:8a:d8:08:c1:29:f8:
f6:5a:4a:39:67:2a:36:3d:53:87:88:d4:86:de:8f:ac:59:04:
52:f9:eb:e9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuGEh256kh6OdLaYzQ7LfQJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDMxMTQxMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2E3ZjdiYzVlYTA2NDEwNjYwZmQ3NzZjMzYxOTQ3NTYzMjMwNTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWeFKnELCFc62VdnpHqakm3hUoaY
hY0GrTArtX6q0LigseCsQgoLqk7CggqC4OJGIsjLnxzp7Is+6aPJvQ+79MgOfkDG
RVIFN03s5GohkxwsNLXNSWXwBgtbJsJ2t4hKP0rTYnLbcaUxdyc3G4ZosbnwaS9A
N/v4IS2GKPz2/PzXT11vKh+lBdDYIY53mUkFAy8oZ+DL2OdOzlW5cawEg2rnMk9T
2KPyJT4Ged4xD9kvoMkIvWjV8MjesosffiuGip3lXdg/xgKKhaArRdFhe2xHaL8s
hHmOvHb/KiT9Uvp5DvNeZDa32dCiN8/qVL7mKmgVWjc5lpwNNnkwgWBziQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFyn97xeoGQQZg/XdsNhlHVjIwUiMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWEtmM3ZGNmdaQkJtRDlkMncyR1VkV01qQlNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGEOVUq/cHbHF0TwWefg
VETwSrCAQvS3QnInbA3jY8shj/MXmGqhdzehfaUq/0BoYBKotk5HcaRzDq4y1+G9
fCREoAeA5ZvKAwWFUcReE8hxxARUAMX3AtaymyAVQq5r2E80RnWpx6frkfITT54d
DPGhsM5+ZDpj+qrFtF0b7YUgBzSw3gT/DdLpI0KvZi5jMkxnPK0ysnuJDLnEOFjW
a3bdsUM32tPIWH8XlJ6HX0ykht+xl4PzPVwZh4DdE6+tojURX+14HTPQzgzZJOoM
BhxS72GXmNK2YdMYyv7SgQ18OOE8+IrYCMEp+PZaSjlnKjY9U4eI1Ibej6xZBFL5
6+k=
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:49:58 2025 by rpki-client