Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XUarvhCiGVyZFC1kN7jiV2YlGBk.roa
File: XUarvhCiGVyZFC1kN7jiV2YlGBk.roa (raw, json)
Hash identifier: 0NemqlVd1s1gGpvekniBLFYHZUSQs9A7mvP8bm33m7M=
Subject key identifier: 5D:46:AB:BE:10:A2:19:5C:99:14:2D:64:37:B8:E2:57:66:25:18:19
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B5890080F08C0D954B4F2CC48412BF811
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XUarvhCiGVyZFC1kN7jiV2YlGBk.roa
Signing time: Sun 22 Oct 2023 18:05:16 +0000
ROA not before: Sun 22 Oct 2023 18:05:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64:ffff:0:18b:588f:1d98/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:58:90:08:0f:08:c0:d9:54:b4:f2:cc:48:41:2b:f8:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 22 18:05:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d46abbe10a2195c99142d6437b8e25766251819
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:6e:2f:56:1a:76:80:91:2a:9c:f1:44:5b:a7:
67:d9:39:09:e6:d2:43:32:ce:1f:31:bc:61:7d:aa:
bc:9c:e8:1e:11:35:ab:80:f7:b4:02:28:64:0d:a2:
5e:4c:00:a9:11:ae:27:1f:1e:f2:23:88:13:59:99:
a9:5c:c1:3c:37:e1:a1:d6:6e:76:72:26:96:e8:71:
b9:59:e7:b4:70:a4:ad:2b:a2:c9:81:f8:48:be:2a:
7e:97:de:a0:c3:ea:de:59:42:d0:1b:94:c5:55:b1:
c8:d4:df:78:75:86:0d:cb:e8:42:15:8a:ef:da:51:
76:5a:b8:26:35:d0:39:9f:45:48:a0:a8:e4:df:c2:
ec:af:b2:90:b4:fc:ad:fd:22:46:05:fc:03:9c:40:
aa:1e:20:64:0c:c0:35:63:ae:b8:77:12:1d:4e:fc:
43:4c:ba:a7:4a:43:a2:61:3d:76:e3:18:d3:c3:19:
7a:97:cf:56:eb:86:54:36:28:30:09:a5:10:b2:20:
b3:9a:b2:fe:61:72:9e:46:42:63:1f:40:f6:1f:d9:
1a:70:b1:1e:d2:7b:36:a9:5f:11:b3:7c:5b:f9:64:
91:a0:b1:a9:ae:56:3a:4e:33:49:9c:dc:62:e1:50:
48:ab:b4:5b:aa:5d:09:c2:0d:f5:70:e6:dc:63:2b:
35:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:46:AB:BE:10:A2:19:5C:99:14:2D:64:37:B8:E2:57:66:25:18:19
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XUarvhCiGVyZFC1kN7jiV2YlGBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
80:83:d5:a6:ae:b2:be:58:ac:86:6e:06:29:61:f3:1e:57:a5:
72:db:8b:68:26:40:27:69:54:5c:df:d0:8a:7d:3f:23:b5:5e:
1d:58:fa:62:a1:cd:4d:f2:52:18:e7:af:6d:f1:e3:0a:ac:f9:
c0:c0:8e:b3:46:bf:2c:3a:70:d1:fb:40:c2:f5:23:34:16:d2:
d8:11:d7:bf:3c:1c:88:e9:0c:88:e5:4c:f0:0a:75:fe:18:c8:
56:b5:17:f1:15:f4:ed:fa:b4:2f:78:e9:44:bc:11:46:c6:89:
57:49:8c:a6:aa:e8:2f:ee:4b:c7:5c:08:17:91:e6:b2:3c:48:
17:76:e6:1e:a4:48:2c:7a:b7:a7:9d:31:1e:94:c0:ee:5f:21:
54:b1:1d:24:22:41:d7:62:76:d2:eb:27:ef:df:56:00:1e:c9:
e1:3c:22:5f:6d:a3:b6:26:41:6c:a1:67:15:9f:f4:8a:3f:46:
bf:a4:a1:6c:73:cd:f1:ef:eb:4e:a3:bc:af:91:9c:72:26:7b:
93:c4:5c:80:f1:dc:9d:a3:56:d5:cc:8b:d5:c2:f3:1d:d2:7f:
e6:00:03:57:e5:99:0e:5b:7e:10:52:20:e6:c5:f1:f9:4a:84:
cc:7a:22:57:60:23:8e:4c:ef:7d:04:a7:24:f3:ff:85:b0:89:
eb:63:96:52
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtYkAgPCMDZVLTyzEhBK/gRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIyMTgwNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDQ2YWJiZTEwYTIxOTVjOTkxNDJkNjQzN2I4ZTI1NzY2MjUxODE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh24vVhp2gJEqnPFEW6dn2TkJ5tJD
Ms4fMbxhfaq8nOgeETWrgPe0AihkDaJeTACpEa4nHx7yI4gTWZmpXME8N+Gh1m52
ciaW6HG5Wee0cKStK6LJgfhIvip+l96gw+reWULQG5TFVbHI1N94dYYNy+hCFYrv
2lF2WrgmNdA5n0VIoKjk38Lsr7KQtPyt/SJGBfwDnECqHiBkDMA1Y664dxIdTvxD
TLqnSkOiYT124xjTwxl6l89W64ZUNigwCaUQsiCzmrL+YXKeRkJjH0D2H9kacLEe
0ns2qV8Rs3xb+WSRoLGprlY6TjNJnNxi4VBIq7Rbql0Jwg31cObcYys1KQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF1Gq74QohlcmRQtZDe44ldmJRgZMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWFVhcnZoQ2lHVnlaRkMxa043amlWMllsR0JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAICD1aausr5YrIZuBilh
8x5XpXLbi2gmQCdpVFzf0Ip9PyO1Xh1Y+mKhzU3yUhjnr23x4wqs+cDAjrNGvyw6
cNH7QML1IzQW0tgR1788HIjpDIjlTPAKdf4YyFa1F/EV9O36tC946US8EUbGiVdJ
jKaq6C/uS8dcCBeR5rI8SBd25h6kSCx6t6edMR6UwO5fIVSxHSQiQddidtLrJ+/f
VgAeyeE8Il9to7YmQWyhZxWf9Io/Rr+koWxzzfHv606jvK+RnHIme5PEXIDx3J2j
VtXMi9XC8x3Sf+YAA1flmQ5bfhBSIObF8flKhMx6IldgI45M730EpyTz/4Wwietj
llI=
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:14:26 2025 by rpki-client