Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XQkOq3AymB1qfXqKq6_HC01wzQI.roa
File: XQkOq3AymB1qfXqKq6_HC01wzQI.roa (raw, json)
Hash identifier: sdW6n214makjfSqHP8rClYCwe8+yOGO9Z0TvhnoYJJU=
Subject key identifier: 5D:09:0E:AB:70:32:98:1D:6A:7D:7A:8A:AB:AF:C7:0B:4D:70:CD:02
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B3CEBC6072E3727441CB151FDBDE72A01
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XQkOq3AymB1qfXqKq6_HC01wzQI.roa
Signing time: Tue 17 Oct 2023 09:16:06 +0000
ROA not before: Tue 17 Oct 2023 09:16:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3c:eb:c6:07:2e:37:27:44:1c:b1:51:fd:bd:e7:2a:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 17 09:16:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d090eab7032981d6a7d7a8aabafc70b4d70cd02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:41:00:4d:09:4b:38:84:12:e3:61:34:18:65:
71:85:ff:ad:4b:12:2e:cc:7f:62:1e:42:76:a9:0f:
c2:25:0f:92:ee:b3:43:c5:15:93:87:05:28:4e:d5:
f0:3b:f0:61:67:d2:4b:b7:14:e6:e4:a0:55:84:45:
01:eb:27:a7:3e:5d:0b:5d:07:ec:73:e5:b3:23:ec:
3d:a3:dc:ca:8c:3d:7c:c2:91:2e:c4:c8:0a:9f:06:
71:41:62:6c:39:a6:54:75:ec:0a:af:10:20:d5:46:
00:ff:1d:d0:a9:06:18:a5:64:60:c9:22:b0:f5:e9:
d0:01:57:bb:35:d8:89:8c:35:4a:58:73:35:69:29:
ac:b7:a5:88:c6:68:01:af:45:98:7a:db:4f:7e:85:
e8:0e:77:e1:a7:fd:9e:9a:ab:2d:8e:e5:6a:34:2c:
ba:22:b1:06:46:d4:6b:aa:3e:bb:0b:2b:82:0c:88:
0b:33:6b:c0:fb:8b:b0:25:b0:35:aa:30:70:95:51:
0a:06:18:c2:d6:4c:90:bd:fc:86:c6:01:4e:ee:60:
89:02:80:3e:4b:b4:ea:40:d3:f6:d6:9d:d0:dd:81:
06:6a:fc:97:51:a8:c3:27:7d:29:ed:84:09:85:48:
79:16:f1:e8:71:88:33:ea:c7:4e:0e:07:56:0c:d4:
bd:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:09:0E:AB:70:32:98:1D:6A:7D:7A:8A:AB:AF:C7:0B:4D:70:CD:02
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XQkOq3AymB1qfXqKq6_HC01wzQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
24:f7:cd:ac:64:39:c1:39:23:43:41:d8:f0:e2:97:f2:77:50:
97:43:fd:da:bb:52:f9:01:9a:2d:ff:c0:cc:e1:7d:0c:22:e2:
92:39:c1:28:f0:03:a0:28:c2:31:5e:bf:c1:30:06:9c:b2:6a:
b3:15:99:ae:df:83:95:27:81:c7:ac:70:aa:93:0f:48:c4:fb:
ee:3d:fb:8a:46:f9:ac:c6:27:9d:df:0e:4a:89:3b:15:bf:84:
c0:4e:3a:02:ca:27:40:d9:45:b7:37:a4:87:f0:90:34:eb:34:
41:6d:67:bf:ba:ad:be:a8:42:a5:bc:c5:89:0a:d1:85:8e:2b:
f6:59:9f:56:b0:ff:6f:f5:08:e4:e5:1b:4d:58:a3:13:fd:dc:
70:fb:35:7a:41:97:d0:6c:1a:71:09:95:fe:2b:1b:af:1e:44:
b5:02:1f:f7:36:20:d0:c9:7e:af:b3:b5:00:29:96:50:29:af:
8d:98:ef:aa:38:74:04:34:0b:a5:32:1e:81:c7:04:13:0d:ed:
ed:eb:3a:8e:79:74:cf:27:15:4a:6b:1d:6e:f0:63:e4:c2:9c:
75:66:c6:38:5a:47:38:37:cc:0b:1d:ff:f6:0f:0d:ef:7b:9d:
e9:ba:9f:1a:2d:a7:f5:4d:77:5d:67:8a:21:7b:ee:c8:ad:71:
a0:51:32:fb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYs868YHLjcnRByxUf295yoBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE3MDkxNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDA5MGVhYjcwMzI5ODFkNmE3ZDdhOGFhYmFmYzcwYjRkNzBjZDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUEATQlLOIQS42E0GGVxhf+tSxIu
zH9iHkJ2qQ/CJQ+S7rNDxRWThwUoTtXwO/BhZ9JLtxTm5KBVhEUB6yenPl0LXQfs
c+WzI+w9o9zKjD18wpEuxMgKnwZxQWJsOaZUdewKrxAg1UYA/x3QqQYYpWRgySKw
9enQAVe7NdiJjDVKWHM1aSmst6WIxmgBr0WYettPfoXoDnfhp/2emqstjuVqNCy6
IrEGRtRrqj67CyuCDIgLM2vA+4uwJbA1qjBwlVEKBhjC1kyQvfyGxgFO7mCJAoA+
S7TqQNP21p3Q3YEGavyXUajDJ30p7YQJhUh5FvHocYgz6sdODgdWDNS9rQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF0JDqtwMpgdan16iquvxwtNcM0CMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWFFrT3EzQXltQjFxZlhxS3E2X0hDMDF3elFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACT3zaxkOcE5I0NB2PDi
l/J3UJdD/dq7UvkBmi3/wMzhfQwi4pI5wSjwA6AowjFev8EwBpyyarMVma7fg5Un
gcescKqTD0jE++49+4pG+azGJ53fDkqJOxW/hMBOOgLKJ0DZRbc3pIfwkDTrNEFt
Z7+6rb6oQqW8xYkK0YWOK/ZZn1aw/2/1COTlG01YoxP93HD7NXpBl9BsGnEJlf4r
G68eRLUCH/c2INDJfq+ztQApllApr42Y76o4dAQ0C6UyHoHHBBMN7e3rOo55dM8n
FUprHW7wY+TCnHVmxjhaRzg3zAsd//YPDe97nem6nxotp/VNd11niiF77sitcaBR
Mvs=
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:15:17 2025 by rpki-client