Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XLvqn7j5-IfdIX7yl-SyWfamI00.roa
File: XLvqn7j5-IfdIX7yl-SyWfamI00.roa (raw, json)
Hash identifier: bFW8lP/43s1goqLhjnJxAGm+NqUX80CpTT/AI7GvCIc=
Subject key identifier: 5C:BB:EA:9F:B8:F9:F8:87:DD:21:7E:F2:97:E4:B2:59:F6:A6:23:4D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ABD0552F4D0363EBCB5888B58D607BA6A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XLvqn7j5-IfdIX7yl-SyWfamI00.roa
Signing time: Fri 22 Sep 2023 13:12:37 +0000
ROA not before: Fri 22 Sep 2023 13:12:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bd:05:52:f4:d0:36:3e:bc:b5:88:8b:58:d6:07:ba:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 22 13:12:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cbbea9fb8f9f887dd217ef297e4b259f6a6234d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e6:7b:93:66:4a:65:d1:f8:ad:9b:b8:64:11:
11:b8:b6:e8:e3:fc:52:e5:6b:d9:2a:29:36:c1:82:
9e:f6:34:47:e5:d7:8d:6d:63:99:db:f7:40:a7:fe:
0c:fc:b7:5d:f9:6f:b2:bd:eb:6f:96:4a:f8:1c:d2:
52:0d:9a:20:e3:7f:e2:88:76:9d:9b:ce:4c:dd:ff:
17:93:7b:0f:f1:28:57:7d:21:7a:21:1c:19:64:44:
f1:89:39:de:4d:67:aa:de:44:69:81:84:72:e1:61:
40:ae:09:df:77:73:bc:48:9e:bb:61:e2:9c:01:0b:
47:3c:52:de:d3:28:2e:6c:ed:fe:e3:f9:95:09:44:
00:83:c0:ba:88:a6:e8:69:53:b7:44:9d:81:f3:fc:
8c:5f:c5:71:07:09:42:64:8d:3c:7c:62:fa:af:45:
59:b8:d3:7a:23:40:74:2c:07:8d:25:b1:b1:de:e1:
b0:1e:97:84:c9:cc:0f:52:5f:71:df:00:e0:83:23:
3a:6e:39:81:d3:51:81:12:bb:37:9b:71:23:2a:be:
d7:a3:23:04:2b:bc:40:d4:7b:df:11:fa:7a:9b:24:
c0:fe:eb:9b:82:6f:7a:54:4e:ea:06:63:2f:13:2e:
fe:d1:06:96:2f:fa:aa:a5:a8:d2:0b:61:d2:5c:7f:
47:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:BB:EA:9F:B8:F9:F8:87:DD:21:7E:F2:97:E4:B2:59:F6:A6:23:4D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XLvqn7j5-IfdIX7yl-SyWfamI00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2b:a4:62:be:a7:53:da:b3:91:05:03:9d:2f:ce:53:8d:3f:db:
e5:2c:14:11:0e:3a:ee:3f:61:37:d6:fa:3d:df:67:04:10:a5:
e2:f7:2e:c3:de:b6:c3:85:34:fb:ea:18:bf:6c:8c:a0:05:27:
de:a6:cd:57:44:b6:06:a9:57:85:85:c0:bb:c0:8b:51:6f:26:
7d:0a:d8:12:34:64:70:81:b4:11:81:4e:6b:40:52:ea:62:b5:
f8:ae:48:ab:07:5a:06:dd:5b:06:61:5c:f2:c4:e6:dd:67:b9:
49:20:0d:e9:1e:f1:ea:73:c5:ee:c2:84:a0:fb:f0:59:a9:a8:
be:1b:db:19:db:35:b5:aa:36:3d:0a:3f:61:3f:91:35:8a:f0:
52:97:dd:3f:b8:f9:7d:03:d0:57:9f:cc:d5:03:83:9d:71:78:
6d:7b:c2:30:b3:36:ef:9b:f6:ee:79:b4:28:fb:5b:57:3d:3e:
d8:38:f6:48:d0:81:45:b3:4a:b1:e7:71:f3:e3:62:9d:f3:97:
a5:0b:cd:1b:e8:76:50:ef:e0:ff:8c:df:d2:c0:80:3c:69:c3:
de:da:c1:c6:18:20:85:2b:b0:37:cc:75:90:d9:40:2e:7d:10:
2b:2d:91:92:25:bd:53:8d:ca:45:54:0c:fd:48:2c:9e:6c:b3:
05:a3:de:50
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq9BVL00DY+vLWIi1jWB7pqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIyMTMxMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2JiZWE5ZmI4ZjlmODg3ZGQyMTdlZjI5N2U0YjI1OWY2YTYyMzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOZ7k2ZKZdH4rZu4ZBERuLbo4/xS
5WvZKik2wYKe9jRH5deNbWOZ2/dAp/4M/Ldd+W+yvetvlkr4HNJSDZog43/iiHad
m85M3f8Xk3sP8ShXfSF6IRwZZETxiTneTWeq3kRpgYRy4WFArgnfd3O8SJ67YeKc
AQtHPFLe0ygubO3+4/mVCUQAg8C6iKboaVO3RJ2B8/yMX8VxBwlCZI08fGL6r0VZ
uNN6I0B0LAeNJbGx3uGwHpeEycwPUl9x3wDggyM6bjmB01GBErs3m3EjKr7XoyME
K7xA1HvfEfp6myTA/uubgm96VE7qBmMvEy7+0QaWL/qqpajSC2HSXH9HLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFy76p+4+fiH3SF+8pfksln2piNNMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWEx2cW43ajUtSWZkSVg3eWwtU3lXZmFtSTAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACukYr6nU9qzkQUDnS/O
U40/2+UsFBEOOu4/YTfW+j3fZwQQpeL3LsPetsOFNPvqGL9sjKAFJ96mzVdEtgap
V4WFwLvAi1FvJn0K2BI0ZHCBtBGBTmtAUupitfiuSKsHWgbdWwZhXPLE5t1nuUkg
Deke8epzxe7ChKD78FmpqL4b2xnbNbWqNj0KP2E/kTWK8FKX3T+4+X0D0FefzNUD
g51xeG17wjCzNu+b9u55tCj7W1c9Ptg49kjQgUWzSrHncfPjYp3zl6ULzRvodlDv
4P+M39LAgDxpw97awcYYIIUrsDfMdZDZQC59ECstkZIlvVONykVUDP1ILJ5sswWj
3lA=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:27:03 2025 by rpki-client