Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XffcGwWTvVY3VCNbFWQJlYVSH0s.roa
File: XffcGwWTvVY3VCNbFWQJlYVSH0s.roa (raw, json)
Hash identifier: 7qHUw2tGdAiAS3CI3TjXXBBDp4zCBCYFZG2mp84eZiI=
Subject key identifier: 5D:F7:DC:1B:05:93:BD:56:37:54:23:5B:15:64:09:95:85:52:1F:4B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AB7DEF63C3402FA65CE94671A20FD7FA1
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XffcGwWTvVY3VCNbFWQJlYVSH0s.roa
Signing time: Thu 21 Sep 2023 13:12:37 +0000
ROA not before: Thu 21 Sep 2023 13:12:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b7:de:f6:3c:34:02:fa:65:ce:94:67:1a:20:fd:7f:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 21 13:12:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5df7dc1b0593bd563754235b1564099585521f4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:7c:55:0b:0e:11:44:7e:7b:ff:5e:32:b5:84:
c5:0c:52:15:5a:40:cf:38:45:e4:30:62:e8:42:8e:
bd:fc:ec:f9:ae:69:cf:91:5c:32:9e:bd:4d:8a:29:
dd:69:35:7b:fa:e7:6f:81:3b:66:19:45:b9:e2:eb:
a0:36:ee:e4:30:7f:75:f2:f7:b3:f7:c0:d0:b9:57:
ae:fe:1e:97:7d:2e:f2:7b:a4:d6:50:b8:ea:7d:69:
d6:61:3e:f7:a1:fc:5d:9f:c9:2c:78:32:46:fb:2c:
94:77:0c:57:f3:db:bc:c7:01:e6:09:7f:9c:21:a8:
fe:fc:04:f4:34:6d:04:ac:b1:8e:36:80:82:2a:52:
16:d4:47:5b:cd:c8:bb:5f:9f:66:34:53:c7:48:cd:
f8:be:75:43:95:60:90:2d:8b:90:69:15:50:6c:d6:
c6:02:21:72:c9:b2:33:52:22:ce:7c:dc:7e:5e:fe:
6d:87:a6:1e:a2:00:f2:c2:a1:b5:d1:d6:ef:3c:d8:
83:40:2e:eb:18:40:dd:15:59:dd:f0:49:14:cd:f9:
70:04:d5:ce:b0:e7:f4:84:9e:16:b2:8b:d4:ab:5a:
37:3e:6e:87:1a:1b:0e:1f:0f:c3:c9:bd:9b:4b:0a:
9b:00:fd:71:60:0d:39:13:7b:f3:94:b6:14:81:f2:
c6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:F7:DC:1B:05:93:BD:56:37:54:23:5B:15:64:09:95:85:52:1F:4B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XffcGwWTvVY3VCNbFWQJlYVSH0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
96:f3:4f:ae:01:9c:45:8f:88:67:e3:c9:9d:6e:5e:86:ef:a5:
d6:81:d3:9d:cb:45:a1:51:63:17:4b:f9:30:ed:46:9b:22:e8:
50:1d:e6:5d:8b:3b:18:60:55:a6:01:97:38:5a:ef:4b:e6:85:
dc:5f:a3:dd:17:37:62:12:24:ce:07:e9:da:36:77:f6:f9:d3:
df:6b:92:2c:bb:6e:f8:a8:30:8f:6d:61:75:c6:be:98:73:40:
3a:7e:20:ce:2b:07:0b:6a:a5:27:2f:18:28:f0:c9:9c:0f:36:
43:78:92:25:16:36:86:1b:43:2a:ac:4d:be:62:82:14:6c:bd:
33:a1:51:61:1b:4f:be:59:27:11:10:1c:07:12:f6:f7:b5:d1:
a2:08:bc:33:61:b4:61:34:20:2b:2f:5c:f9:58:d3:9a:66:25:
f4:9c:65:46:4f:bb:b5:03:ca:b6:d9:16:27:48:31:f7:8b:4d:
f0:4c:f8:c3:2b:2c:c4:95:a4:df:7c:0e:30:09:fe:5b:34:58:
29:98:4c:fd:9f:af:e7:62:fe:0b:be:77:cf:7d:ed:9e:e0:40:
36:75:97:1b:38:d9:53:93:7d:b7:65:d3:48:2a:37:4e:d1:cd:
03:1d:a5:f8:d4:1c:a8:01:92:33:11:4c:d6:92:f9:ab:61:3a:
56:af:d9:0f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq33vY8NAL6Zc6UZxog/X+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIxMTMxMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGY3ZGMxYjA1OTNiZDU2Mzc1NDIzNWIxNTY0MDk5NTg1NTIxZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXxVCw4RRH57/14ytYTFDFIVWkDP
OEXkMGLoQo69/Oz5rmnPkVwynr1NiindaTV7+udvgTtmGUW54uugNu7kMH918vez
98DQuVeu/h6XfS7ye6TWULjqfWnWYT73ofxdn8kseDJG+yyUdwxX89u8xwHmCX+c
Iaj+/AT0NG0ErLGONoCCKlIW1Edbzci7X59mNFPHSM34vnVDlWCQLYuQaRVQbNbG
AiFyybIzUiLOfNx+Xv5th6YeogDywqG10dbvPNiDQC7rGEDdFVnd8EkUzflwBNXO
sOf0hJ4WsovUq1o3Pm6HGhsOHw/Dyb2bSwqbAP1xYA05E3vzlLYUgfLGrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF333BsFk71WN1QjWxVkCZWFUh9LMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWGZmY0d3V1R2VlkzVkNOYkZXUUpsWVZTSDBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJbzT64BnEWPiGfjyZ1u
XobvpdaB053LRaFRYxdL+TDtRpsi6FAd5l2LOxhgVaYBlzha70vmhdxfo90XN2IS
JM4H6do2d/b5099rkiy7bvioMI9tYXXGvphzQDp+IM4rBwtqpScvGCjwyZwPNkN4
kiUWNoYbQyqsTb5ighRsvTOhUWEbT75ZJxEQHAcS9ve10aIIvDNhtGE0ICsvXPlY
05pmJfScZUZPu7UDyrbZFidIMfeLTfBM+MMrLMSVpN98DjAJ/ls0WCmYTP2fr+di
/gu+d8997Z7gQDZ1lxs42VOTfbdl00gqN07RzQMdpfjUHKgBkjMRTNaS+athOlav
2Q8=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:20:20 2025 by rpki-client