Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Xf_mz_nW_ZNydPB_r-5CFktzliQ.roa
File: Xf_mz_nW_ZNydPB_r-5CFktzliQ.roa (raw, json)
Hash identifier: y9NXbpSDO9LHutNdVLz3qRB/1+a1CQlSpctNyIi4wPk=
Subject key identifier: 5D:FF:E6:CF:F9:D6:FD:93:72:74:F0:7F:AF:EE:42:16:4B:73:96:24
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BCA4F0336BBC702422C34FCC264340E83
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Xf_mz_nW_ZNydPB_r-5CFktzliQ.roa
Signing time: Mon 13 Nov 2023 20:10:57 +0000
ROA not before: Mon 13 Nov 2023 20:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ca:4f:03:36:bb:c7:02:42:2c:34:fc:c2:64:34:0e:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 13 20:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dffe6cff9d6fd937274f07fafee42164b739624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b5:94:1d:bf:5b:b9:62:9f:50:74:c6:69:79:
50:7b:6b:73:ba:40:c0:a0:4e:3b:23:1b:9a:2c:40:
41:f7:e9:8d:26:55:6a:20:18:21:69:2e:c6:33:ba:
92:96:6e:8c:d3:59:a3:ed:e2:f4:71:b9:5b:0c:ae:
9d:78:46:4a:a4:6c:8a:8a:48:e7:95:3a:f4:05:0c:
32:a3:bc:02:6f:42:63:c2:71:41:a2:56:25:7d:79:
55:16:85:d3:3c:b2:91:29:35:60:df:93:74:a1:e8:
5f:c0:33:e8:73:ce:8c:50:b6:c2:e6:89:5e:b4:90:
6e:d4:98:b1:1f:72:36:56:69:41:dd:70:bc:ec:9c:
a0:dd:72:49:e8:86:fb:91:f2:6a:ae:fd:50:cc:d6:
f8:7d:40:2b:32:25:bc:60:57:3d:6c:65:76:66:b4:
27:dd:c7:32:5f:d4:58:8e:c1:67:50:55:07:bf:fe:
c3:4d:e8:40:f7:ec:b7:7c:75:7c:08:13:f5:ad:aa:
45:03:d3:45:52:9c:47:6b:8c:93:d6:af:ee:c7:89:
27:df:24:c5:dd:d8:99:5b:82:52:36:75:f0:af:48:
e7:0f:8d:fc:8e:1d:02:69:ec:36:f7:ca:49:05:c7:
71:10:85:f3:cd:7c:2a:7f:16:2d:71:ae:4f:aa:47:
39:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:FF:E6:CF:F9:D6:FD:93:72:74:F0:7F:AF:EE:42:16:4B:73:96:24
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Xf_mz_nW_ZNydPB_r-5CFktzliQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
28:fc:90:72:e4:e7:1e:e2:a0:a1:af:72:49:9e:d0:3c:b2:28:
0d:69:85:77:a1:56:ca:8d:21:1d:0c:28:43:0a:90:a7:0d:50:
5a:e4:4c:0c:d3:f5:b6:34:1a:df:5d:4f:25:e6:3b:22:02:82:
a7:e8:bd:82:95:32:8b:70:79:e9:9c:90:a6:a4:63:22:60:01:
96:09:ec:57:7a:9a:80:2b:ba:98:82:d3:55:e8:70:d5:51:ed:
de:86:8b:5c:d1:d7:f2:2b:27:34:b2:48:92:15:e7:d1:cf:49:
0f:f1:86:4f:4d:9d:ea:bc:76:a1:9f:7b:e7:ba:a4:e8:90:d1:
ee:ac:a6:a2:aa:ab:8d:8b:0d:ca:f3:f0:8f:d4:0c:33:15:bd:
87:3e:aa:5c:82:38:c4:ab:7f:96:fe:bd:81:87:b5:0b:ea:46:
48:3d:5a:9e:78:af:17:3d:56:bd:df:e2:49:0d:d5:71:3a:b6:
b4:50:68:6e:da:84:5b:9f:91:36:9a:ee:e8:91:3a:7d:88:96:
13:87:bb:3a:7b:98:56:ec:51:51:1e:75:ce:f7:72:a8:46:59:
bc:32:7f:b6:3c:85:3c:a8:44:3f:87:cd:cb:73:29:3e:99:54:
08:c1:41:07:07:a3:b6:dd:f0:47:9b:91:c6:cd:04:42:6e:52:
7a:c6:d8:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvKTwM2u8cCQiw0/MJkNA6DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEzMjAxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGZmZTZjZmY5ZDZmZDkzNzI3NGYwN2ZhZmVlNDIxNjRiNzM5NjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrWUHb9buWKfUHTGaXlQe2tzukDA
oE47IxuaLEBB9+mNJlVqIBghaS7GM7qSlm6M01mj7eL0cblbDK6deEZKpGyKikjn
lTr0BQwyo7wCb0JjwnFBolYlfXlVFoXTPLKRKTVg35N0oehfwDPoc86MULbC5ole
tJBu1JixH3I2VmlB3XC87Jyg3XJJ6Ib7kfJqrv1QzNb4fUArMiW8YFc9bGV2ZrQn
3ccyX9RYjsFnUFUHv/7DTehA9+y3fHV8CBP1rapFA9NFUpxHa4yT1q/ux4kn3yTF
3diZW4JSNnXwr0jnD438jh0Caew298pJBcdxEIXzzXwqfxYtca5Pqkc5ywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF3/5s/51v2TcnTwf6/uQhZLc5YkMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWGZfbXpfbldfWk55ZFBCX3ItNUNGa3R6bGlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACj8kHLk5x7ioKGvckme
0DyyKA1phXehVsqNIR0MKEMKkKcNUFrkTAzT9bY0Gt9dTyXmOyICgqfovYKVMotw
eemckKakYyJgAZYJ7Fd6moArupiC01XocNVR7d6Gi1zR1/IrJzSySJIV59HPSQ/x
hk9Nneq8dqGfe+e6pOiQ0e6spqKqq42LDcrz8I/UDDMVvYc+qlyCOMSrf5b+vYGH
tQvqRkg9Wp54rxc9Vr3f4kkN1XE6trRQaG7ahFufkTaa7uiROn2IlhOHuzp7mFbs
UVEedc73cqhGWbwyf7Y8hTyoRD+HzctzKT6ZVAjBQQcHo7bd8EebkcbNBEJuUnrG
2AI=
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:21:01 2025 by rpki-client