Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XKwCtCqWSGxUL_V_nVL_o1f0EGU.roa
File: XKwCtCqWSGxUL_V_nVL_o1f0EGU.roa (raw, json)
Hash identifier: aqUknio29Dye3RDwNvy+0INeJyE3OsUK7DPRvIH//5I=
Subject key identifier: 5C:AC:02:B4:2A:96:48:6C:54:2F:F5:7F:9D:52:FF:A3:57:F4:10:65
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B77B81B196879B2819A260C0DBDB4D52B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XKwCtCqWSGxUL_V_nVL_o1f0EGU.roa
Signing time: Sat 28 Oct 2023 19:17:16 +0000
ROA not before: Sat 28 Oct 2023 19:17:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:77:b8:1b:19:68:79:b2:81:9a:26:0c:0d:bd:b4:d5:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 28 19:17:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cac02b42a96486c542ff57f9d52ffa357f41065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:73:a5:3a:ad:5d:3a:ac:93:de:14:af:ed:d5:
dd:c2:64:e9:92:8d:e4:e5:f3:fe:4e:a8:f7:f2:8c:
f5:a0:57:43:9b:09:7e:33:05:3a:21:a1:04:b0:1e:
bb:cb:fc:6b:43:48:f4:a1:f2:28:85:2a:92:91:99:
16:a4:48:ca:9c:e0:f7:44:76:1c:1c:d0:5f:d5:bb:
ad:f6:4e:53:4e:1c:16:cc:2a:fc:35:b1:eb:93:d5:
32:08:b3:77:d8:50:47:65:4d:80:43:0c:be:fd:4e:
b6:88:a7:ae:22:12:03:84:b3:bc:8d:b3:35:c8:12:
64:05:12:a6:70:40:b0:5c:be:33:bb:42:d5:53:57:
41:ec:5c:fc:9f:a2:ea:b6:53:43:f4:cd:28:87:72:
2e:2d:b9:63:76:75:95:3e:c0:e9:7c:25:78:61:4d:
6f:c2:a6:e6:73:85:0f:0c:73:07:59:8a:d7:7a:d3:
ed:6f:60:6b:3a:7e:4c:e2:0a:3e:30:1b:88:63:3d:
1f:79:8d:c7:69:e4:dd:23:aa:81:ec:8c:d5:a7:61:
f8:6c:6d:d9:39:26:6c:44:fb:08:8f:65:c0:d0:c5:
4f:8b:f9:bf:2f:5d:76:29:26:22:f0:df:45:47:b2:
22:00:89:54:ea:8d:41:81:89:49:bd:27:12:e7:4c:
36:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:AC:02:B4:2A:96:48:6C:54:2F:F5:7F:9D:52:FF:A3:57:F4:10:65
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XKwCtCqWSGxUL_V_nVL_o1f0EGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c2:e5:ed:28:1d:72:a0:27:8d:5c:e4:3b:1b:3c:42:21:56:e3:
4a:b9:69:61:8c:29:7d:dd:c1:49:79:9e:2b:d5:3b:5d:ce:f4:
8f:5e:4f:e8:0a:88:2f:17:82:e2:e9:09:57:6c:c4:6d:29:f1:
63:f2:29:bb:7b:ac:39:b1:e6:bd:8f:65:9d:98:46:0c:2b:a0:
30:c2:35:b2:ff:f1:0c:e2:f3:32:a8:78:41:f9:e2:2b:54:16:
c8:1a:90:96:bb:c7:c5:88:88:b1:67:5d:de:db:1e:e3:3a:03:
fd:68:82:5a:22:62:68:46:c8:2a:a8:41:91:ee:d8:da:d6:f0:
57:5e:c7:19:48:aa:20:8b:d5:74:d0:88:ec:f6:0c:52:4b:bd:
cc:19:ba:85:d2:be:dd:4b:d5:e1:62:35:31:00:a4:22:2a:c8:
0a:c3:c5:b5:eb:72:c4:4a:a8:11:13:5b:2d:58:49:f7:c9:2f:
65:cd:ff:d0:3c:47:3e:66:37:ca:82:cd:57:43:7b:ad:c8:de:
26:f5:b7:e3:b3:15:5b:1b:1b:d9:fe:8b:3c:bb:9b:ca:b7:37:
6e:dc:84:04:2c:e7:20:ff:f9:75:53:91:3d:ea:56:d2:ba:50:
a4:6e:81:2e:e2:76:63:db:3d:ff:99:a5:a6:31:e1:73:ba:92:
62:18:a2:8a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYt3uBsZaHmygZomDA29tNUrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI4MTkxNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2FjMDJiNDJhOTY0ODZjNTQyZmY1N2Y5ZDUyZmZhMzU3ZjQxMDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXOlOq1dOqyT3hSv7dXdwmTpko3k
5fP+Tqj38oz1oFdDmwl+MwU6IaEEsB67y/xrQ0j0ofIohSqSkZkWpEjKnOD3RHYc
HNBf1but9k5TThwWzCr8NbHrk9UyCLN32FBHZU2AQwy+/U62iKeuIhIDhLO8jbM1
yBJkBRKmcECwXL4zu0LVU1dB7Fz8n6LqtlND9M0oh3IuLbljdnWVPsDpfCV4YU1v
wqbmc4UPDHMHWYrXetPtb2BrOn5M4go+MBuIYz0feY3HaeTdI6qB7IzVp2H4bG3Z
OSZsRPsIj2XA0MVPi/m/L112KSYi8N9FR7IiAIlU6o1BgYlJvScS50w2qQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFysArQqlkhsVC/1f51S/6NX9BBlMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWEt3Q3RDcVdTR3hVTF9WX25WTF9vMWYwRUdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMLl7SgdcqAnjVzkOxs8
QiFW40q5aWGMKX3dwUl5nivVO13O9I9eT+gKiC8XguLpCVdsxG0p8WPyKbt7rDmx
5r2PZZ2YRgwroDDCNbL/8Qzi8zKoeEH54itUFsgakJa7x8WIiLFnXd7bHuM6A/1o
gloiYmhGyCqoQZHu2NrW8FdexxlIqiCL1XTQiOz2DFJLvcwZuoXSvt1L1eFiNTEA
pCIqyArDxbXrcsRKqBETWy1YSffJL2XN/9A8Rz5mN8qCzVdDe63I3ib1t+OzFVsb
G9n+izy7m8q3N27chAQs5yD/+XVTkT3qVtK6UKRugS7idmPbPf+ZpaYx4XO6kmIY
ooo=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:36:41 2025 by rpki-client