Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XlmgTInLslbT_rAvqzbBioN4VPo.roa
File: XlmgTInLslbT_rAvqzbBioN4VPo.roa (raw, json)
Hash identifier: T5TflNVS17PyLq8l9bAddMnW9ZeQxGSsZObgF6PEYiw=
Subject key identifier: 5E:59:A0:4C:89:CB:B2:56:D3:FE:B0:2F:AB:36:C1:8A:83:78:54:FA
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C1B366FE5CEEFB4F97F355D39451A0583
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XlmgTInLslbT_rAvqzbBioN4VPo.roa
Signing time: Wed 29 Nov 2023 13:13:21 +0000
ROA not before: Wed 29 Nov 2023 13:13:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1b:36:6f:e5:ce:ef:b4:f9:7f:35:5d:39:45:1a:05:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 29 13:13:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e59a04c89cbb256d3feb02fab36c18a837854fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:50:63:64:4f:14:57:25:b7:b1:5c:4f:55:f7:
c9:80:cc:44:fd:18:0c:ce:ab:1f:36:72:44:99:06:
48:2c:d8:42:49:b4:d2:82:35:ca:cb:db:d8:13:9b:
15:7f:96:b6:87:ed:07:f5:49:fb:21:dd:ca:8d:30:
e2:c6:35:88:3e:0e:10:8c:71:41:da:24:2c:b9:27:
e5:e0:54:bb:35:ab:b4:a0:be:60:76:89:6f:15:e7:
35:f6:0c:5a:b7:7a:f1:f1:5c:46:ed:c6:99:f3:15:
42:9e:b5:25:fb:83:00:f6:80:a7:fe:dc:a5:6d:03:
d6:52:ee:c3:1e:83:e4:6f:84:c7:1d:4e:29:12:19:
69:d2:3e:a3:89:8f:44:47:4b:28:c9:c4:67:32:30:
2d:6e:dd:e1:71:25:1e:fc:8c:61:8c:6c:eb:b1:88:
f9:1d:f4:1e:a6:60:e8:7e:11:29:eb:6e:1a:23:e4:
a1:57:2d:d5:dd:0e:4e:7c:0e:e8:ac:02:c7:43:1c:
16:c8:ea:26:27:64:be:c6:18:54:b5:9a:79:89:f0:
f8:22:79:73:1a:66:38:3a:5d:2b:7e:49:f2:71:51:
fc:01:80:c9:72:16:8d:d4:4d:a8:5b:53:0e:28:48:
7a:05:91:7b:dd:19:98:0d:26:df:fc:47:e3:df:5e:
0b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:59:A0:4C:89:CB:B2:56:D3:FE:B0:2F:AB:36:C1:8A:83:78:54:FA
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XlmgTInLslbT_rAvqzbBioN4VPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
32:67:84:3f:a9:0f:f9:b2:4f:97:b6:8f:fe:01:4a:0b:6a:6c:
66:17:c2:ba:43:4a:b5:ea:d7:19:99:e0:1d:67:e9:f1:4b:43:
ab:24:43:f5:28:4b:54:0c:31:16:e3:d6:1e:72:aa:b3:aa:70:
19:82:5d:47:93:76:49:da:4c:a1:37:75:fa:30:0d:ba:b5:20:
38:ab:56:ba:aa:6b:38:d6:65:11:8d:d4:fb:a5:9a:f0:db:11:
52:1b:af:90:f3:08:f0:36:6a:47:da:07:6b:c8:6b:02:52:71:
39:9f:91:ae:76:ec:d0:c3:03:d5:74:2e:a7:ae:93:bc:3e:63:
e1:39:8b:4f:82:39:94:5b:5e:3c:e3:54:84:c9:50:51:61:72:
5d:4a:c7:12:9f:d6:db:20:37:dc:c9:80:8d:11:2c:a8:aa:4c:
73:d4:4a:05:64:87:47:f7:6e:f3:dd:c7:58:35:6f:58:64:8c:
5f:fa:14:80:f2:f5:17:c0:47:5a:af:c2:7e:67:83:f5:8f:fb:
44:07:42:e0:4e:fd:71:3c:47:04:c9:10:33:1e:61:99:51:3e:
20:36:89:44:8a:f0:35:5e:8c:37:8c:75:23:9b:20:ae:da:35:
2d:77:bb:44:a7:f4:0c:9a:ab:3a:fb:00:ea:7f:9c:0a:62:31:
24:f5:0a:2c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwbNm/lzu+0+X81XTlFGgWDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI5MTMxMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTU5YTA0Yzg5Y2JiMjU2ZDNmZWIwMmZhYjM2YzE4YTgzNzg1NGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1BjZE8UVyW3sVxPVffJgMxE/RgM
zqsfNnJEmQZILNhCSbTSgjXKy9vYE5sVf5a2h+0H9Un7Id3KjTDixjWIPg4QjHFB
2iQsuSfl4FS7Nau0oL5gdolvFec19gxat3rx8VxG7caZ8xVCnrUl+4MA9oCn/tyl
bQPWUu7DHoPkb4THHU4pEhlp0j6jiY9ER0soycRnMjAtbt3hcSUe/IxhjGzrsYj5
HfQepmDofhEp624aI+ShVy3V3Q5OfA7orALHQxwWyOomJ2S+xhhUtZp5ifD4Inlz
GmY4Ol0rfknycVH8AYDJchaN1E2oW1MOKEh6BZF73RmYDSbf/Efj314LAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF5ZoEyJy7JW0/6wL6s2wYqDeFT6MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWGxtZ1RJbkxzbGJUX3JBdnF6YkJpb040VlBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADJnhD+pD/myT5e2j/4B
SgtqbGYXwrpDSrXq1xmZ4B1n6fFLQ6skQ/UoS1QMMRbj1h5yqrOqcBmCXUeTdkna
TKE3dfowDbq1IDirVrqqazjWZRGN1PulmvDbEVIbr5DzCPA2akfaB2vIawJScTmf
ka527NDDA9V0Lqeuk7w+Y+E5i0+COZRbXjzjVITJUFFhcl1KxxKf1tsgN9zJgI0R
LKiqTHPUSgVkh0f3bvPdx1g1b1hkjF/6FIDy9RfAR1qvwn5ng/WP+0QHQuBO/XE8
RwTJEDMeYZlRPiA2iUSK8DVejDeMdSObIK7aNS13u0Sn9Ayaqzr7AOp/nApiMST1
Ciw=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:05:46 2025 by rpki-client