Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XPyXWq2Y79zAIV8K_h-tEJsUPy4.roa
File: XPyXWq2Y79zAIV8K_h-tEJsUPy4.roa (raw, json)
Hash identifier: BjmEU4jH8ltA+Ko03umA+f2iJoUE34M0yJPgb6LCVN0=
Subject key identifier: 5C:FC:97:5A:AD:98:EF:DC:C0:21:5F:0A:FE:1F:AD:10:9B:14:3F:2E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B36AEEE825BD4B0776B968BC8AE88FDA2
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XPyXWq2Y79zAIV8K_h-tEJsUPy4.roa
Signing time: Mon 16 Oct 2023 04:11:55 +0000
ROA not before: Mon 16 Oct 2023 04:11:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:36:ae:ee:82:5b:d4:b0:77:6b:96:8b:c8:ae:88:fd:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 16 04:11:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cfc975aad98efdcc0215f0afe1fad109b143f2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:79:12:a3:bf:07:b6:45:96:47:dd:6e:1d:b7:
46:59:6e:07:a9:2f:0e:11:d1:8b:01:e8:15:0f:4b:
12:64:78:3e:95:5b:4e:f8:69:62:01:3c:91:b3:42:
2e:7c:48:55:49:1a:e9:63:2e:33:dd:5a:af:3c:b2:
cf:ed:03:f0:21:16:d6:7c:ec:55:24:f7:bc:0e:3a:
58:6b:63:03:44:8b:27:ed:ba:53:4f:bf:e2:55:d8:
0c:13:a2:56:a9:91:12:92:f4:89:d6:8f:cd:9f:da:
6e:65:44:74:33:2d:1a:7a:53:47:38:f7:56:ed:6f:
e4:24:7a:fc:10:ee:fc:e5:64:81:3d:38:41:7c:c7:
44:8c:a8:4b:f8:35:31:77:3e:ba:5c:53:61:65:27:
39:f3:03:13:44:f3:19:f2:aa:c8:42:fd:6d:20:08:
03:7e:be:74:9b:13:70:43:64:69:72:f9:2e:29:2e:
52:f8:d3:27:cb:17:12:a2:d8:35:16:28:de:0f:bc:
85:ad:a9:b2:0a:1a:4a:14:37:de:11:65:59:58:52:
ee:74:8b:ad:27:d7:bf:87:17:4e:47:ec:5d:bd:7b:
a3:56:52:93:b8:26:2c:a3:29:0f:42:35:39:6f:35:
38:c2:6a:5b:18:53:d6:78:a0:dd:b6:bd:82:9b:af:
5a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:FC:97:5A:AD:98:EF:DC:C0:21:5F:0A:FE:1F:AD:10:9B:14:3F:2E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XPyXWq2Y79zAIV8K_h-tEJsUPy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
55:e5:23:d4:2c:56:19:21:c9:9f:04:a9:e8:0a:73:41:47:a9:
29:9c:51:67:f3:8a:a7:c3:eb:43:76:8d:ea:2b:5b:cb:73:5f:
00:bd:51:8a:d5:72:17:4c:e5:8b:b4:d9:24:29:42:c7:d9:99:
99:7d:b3:78:6a:c7:3b:5a:19:5e:12:03:7f:4c:e6:31:94:19:
38:77:40:ae:ad:4d:fc:eb:ec:1b:93:7e:e0:54:18:9b:fb:ce:
a1:1d:5d:ff:b0:06:3b:c9:a2:1e:4e:b7:3c:57:91:5c:85:fa:
6d:66:eb:a0:d6:fb:ea:66:32:01:42:75:af:bf:24:d0:7f:09:
c4:dc:4a:7a:c1:77:33:6e:f1:48:ab:3f:61:50:a0:98:ce:b5:
56:f9:f8:ca:57:12:7d:f8:d6:b4:34:30:5f:3d:51:2a:65:47:
8b:36:95:c2:3d:3b:23:04:28:21:ed:6c:d1:c4:f0:79:65:b5:
ef:78:5f:cc:44:e0:69:af:be:54:22:da:60:d3:03:43:b5:3d:
ba:bd:31:63:8f:cf:03:a2:bb:71:e4:84:ec:40:c0:79:37:71:
bb:77:87:1b:7a:db:b7:f9:c6:fd:03:a7:79:ab:8e:8b:fa:79:
49:09:2f:ca:f7:8e:f4:c5:3e:4b:e8:a3:dc:08:47:2f:86:0e:
3f:8c:0e:ab
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYs2ru6CW9Swd2uWi8iuiP2iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE2MDQxMTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2ZjOTc1YWFkOThlZmRjYzAyMTVmMGFmZTFmYWQxMDliMTQzZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3kSo78HtkWWR91uHbdGWW4HqS8O
EdGLAegVD0sSZHg+lVtO+GliATyRs0IufEhVSRrpYy4z3VqvPLLP7QPwIRbWfOxV
JPe8DjpYa2MDRIsn7bpTT7/iVdgME6JWqZESkvSJ1o/Nn9puZUR0My0aelNHOPdW
7W/kJHr8EO785WSBPThBfMdEjKhL+DUxdz66XFNhZSc58wMTRPMZ8qrIQv1tIAgD
fr50mxNwQ2RpcvkuKS5S+NMnyxcSotg1FijeD7yFramyChpKFDfeEWVZWFLudIut
J9e/hxdOR+xdvXujVlKTuCYsoykPQjU5bzU4wmpbGFPWeKDdtr2Cm69aiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFz8l1qtmO/cwCFfCv4frRCbFD8uMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWFB5WFdxMlk3OXpBSVY4S19oLXRFSnNVUHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFXlI9QsVhkhyZ8EqegK
c0FHqSmcUWfziqfD60N2jeorW8tzXwC9UYrVchdM5Yu02SQpQsfZmZl9s3hqxzta
GV4SA39M5jGUGTh3QK6tTfzr7BuTfuBUGJv7zqEdXf+wBjvJoh5OtzxXkVyF+m1m
66DW++pmMgFCda+/JNB/CcTcSnrBdzNu8UirP2FQoJjOtVb5+MpXEn341rQ0MF89
USplR4s2lcI9OyMEKCHtbNHE8Hllte94X8xE4GmvvlQi2mDTA0O1Pbq9MWOPzwOi
u3HkhOxAwHk3cbt3hxt627f5xv0Dp3mrjov6eUkJL8r3jvTFPkvoo9wIRy+GDj+M
Dqs=
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:39:24 2025 by rpki-client