Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XoOfgnKn02ZbzOVOPPC2B6G3gGA.roa
File: XoOfgnKn02ZbzOVOPPC2B6G3gGA.roa (raw, json)
Hash identifier: xrUbnBe9UUxuc3k9OEya2dnaTPIyBRNLSHUC7KqT9fg=
Subject key identifier: 5E:83:9F:82:72:A7:D3:66:5B:CC:E5:4E:3C:F0:B6:07:A1:B7:80:60
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AEB97AA8BB06E9CBC5C96E3A0F540E3D6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XoOfgnKn02ZbzOVOPPC2B6G3gGA.roa
Signing time: Sun 01 Oct 2023 14:14:59 +0000
ROA not before: Sun 01 Oct 2023 14:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:eb:97:aa:8b:b0:6e:9c:bc:5c:96:e3:a0:f5:40:e3:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 1 14:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e839f8272a7d3665bcce54e3cf0b607a1b78060
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b6:78:85:12:69:75:86:e7:6d:71:aa:ae:1d:
b2:12:9e:bd:a6:d4:eb:03:6b:20:27:d4:fb:bf:c9:
6a:b7:bb:8c:33:2b:a5:c6:1f:b5:60:76:df:2f:c6:
78:4f:6e:07:92:75:bd:74:b7:00:ec:6f:de:99:46:
65:3d:0f:68:ff:78:fe:5e:85:ec:5d:3b:6a:f0:ad:
d4:e8:78:16:bf:ad:6f:17:6a:50:71:49:d1:c8:37:
fa:c1:72:ff:d9:d6:2a:ea:9e:66:61:db:57:d3:42:
e2:79:fd:d4:4a:5d:39:b0:b8:70:43:39:b8:0b:1b:
fd:f3:9a:58:91:f9:c4:4f:18:cd:ab:fb:87:d4:96:
e7:d9:97:9b:2b:b6:1c:10:fc:6f:a8:7a:1c:b1:f3:
7f:4b:c7:bb:b8:f5:18:34:6b:e1:a4:1e:f2:fe:cc:
22:0a:71:9e:6a:70:69:58:17:9c:e7:68:83:42:ef:
1b:06:a6:ba:af:c9:35:6f:02:7c:85:ee:52:59:c9:
68:88:23:1b:23:bb:91:d0:f0:f9:ff:fd:b6:16:58:
bb:74:a6:52:66:51:c5:92:e0:91:e8:69:90:82:5e:
22:2e:e1:f4:e5:f3:7b:20:2a:7b:40:4d:b6:b7:c8:
8f:1b:f6:35:d3:e5:18:b8:6a:c4:16:12:0c:70:8b:
ab:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:83:9F:82:72:A7:D3:66:5B:CC:E5:4E:3C:F0:B6:07:A1:B7:80:60
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/XoOfgnKn02ZbzOVOPPC2B6G3gGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
91:bc:3d:39:55:0a:27:84:59:8a:78:1f:51:c8:e1:17:18:21:
2c:46:ea:a8:e6:aa:7e:65:50:ef:c0:ad:ad:a9:bf:9e:55:36:
dc:85:db:98:29:e2:71:e2:a6:e7:3e:b5:6c:7b:43:99:22:89:
5d:da:03:58:f4:4e:22:a6:7c:c1:9c:b5:11:65:fd:e8:36:45:
83:83:a8:2f:e9:0e:97:c3:93:a9:8a:4f:31:bd:ed:b2:16:a8:
85:95:c0:f1:cb:44:5c:7e:51:1c:31:68:b0:65:db:1b:f3:f8:
1e:5a:a5:cd:a6:b5:22:ff:7d:28:8d:56:ea:d3:dd:e6:c3:5a:
0a:4d:0e:66:49:c0:60:4a:e3:90:6d:1d:24:a0:56:57:ff:28:
82:9a:23:5f:ec:94:1a:e3:1e:a5:dc:3c:3d:02:e7:a0:75:f1:
11:2a:fd:3f:00:68:01:1c:f8:45:2e:8f:67:f5:6a:2e:c9:31:
ae:93:58:75:76:fb:c2:a7:2d:74:e0:b9:cd:76:51:96:c3:0b:
b4:00:36:5f:7e:c5:ec:34:88:3b:ec:34:b9:48:89:f2:a1:11:
d5:67:f0:c1:b6:58:0c:c3:a8:f1:5d:c4:3b:a1:16:2c:f1:50:
13:68:85:76:d8:a5:ee:a4:16:fe:90:30:bf:c8:38:17:3f:37:
c8:8e:f1:a0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrrl6qLsG6cvFyW46D1QOPWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAxMTQxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTgzOWY4MjcyYTdkMzY2NWJjY2U1NGUzY2YwYjYwN2ExYjc4MDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorZ4hRJpdYbnbXGqrh2yEp69ptTr
A2sgJ9T7v8lqt7uMMyulxh+1YHbfL8Z4T24HknW9dLcA7G/emUZlPQ9o/3j+XoXs
XTtq8K3U6HgWv61vF2pQcUnRyDf6wXL/2dYq6p5mYdtX00Lief3USl05sLhwQzm4
Cxv985pYkfnETxjNq/uH1Jbn2ZebK7YcEPxvqHocsfN/S8e7uPUYNGvhpB7y/swi
CnGeanBpWBec52iDQu8bBqa6r8k1bwJ8he5SWcloiCMbI7uR0PD5//22Fli7dKZS
ZlHFkuCR6GmQgl4iLuH05fN7ICp7QE22t8iPG/Y10+UYuGrEFhIMcIurEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF6Dn4Jyp9NmW8zlTjzwtgeht4BgMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvWG9PZmduS24wMlpiek9WT1BQQzJCNkczZ0dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJG8PTlVCieEWYp4H1HI
4RcYISxG6qjmqn5lUO/Ara2pv55VNtyF25gp4nHipuc+tWx7Q5kiiV3aA1j0TiKm
fMGctRFl/eg2RYODqC/pDpfDk6mKTzG97bIWqIWVwPHLRFx+URwxaLBl2xvz+B5a
pc2mtSL/fSiNVurT3ebDWgpNDmZJwGBK45BtHSSgVlf/KIKaI1/slBrjHqXcPD0C
56B18REq/T8AaAEc+EUuj2f1ai7JMa6TWHV2+8KnLXTguc12UZbDC7QANl9+xew0
iDvsNLlIifKhEdVn8MG2WAzDqPFdxDuhFizxUBNohXbYpe6kFv6QML/IOBc/N8iO
8aA=
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:06:28 2025 by rpki-client