Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rXCOQyrVSiR0-MPMo_VUjFSLOI0.roa
File: rXCOQyrVSiR0-MPMo_VUjFSLOI0.roa (raw, json)
Hash identifier: SKUB0QWTLNOtzEWK+Hu7oWbCBeolItUa/GToBSdRAlU=
Subject key identifier: AD:70:8E:43:2A:D5:4A:24:74:F8:C3:CC:A3:F5:54:8C:54:8B:38:8D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BC5CD717179AC0C6EC7C343199BFD77EA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rXCOQyrVSiR0-MPMo_VUjFSLOI0.roa
Signing time: Sun 12 Nov 2023 23:10:57 +0000
ROA not before: Sun 12 Nov 2023 23:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c5:cd:71:71:79:ac:0c:6e:c7:c3:43:19:9b:fd:77:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 12 23:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ad708e432ad54a2474f8c3cca3f5548c548b388d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:c1:fc:ce:09:ba:54:1c:20:bc:2a:81:9c:f0:
81:9f:4c:4a:06:08:29:77:54:ca:be:a8:f8:70:97:
13:8c:c1:40:18:30:29:cd:34:e3:f5:b0:3f:96:f9:
45:51:92:aa:e2:aa:37:c5:41:55:15:57:e7:00:02:
4a:2e:35:6f:c0:ac:df:5f:b9:25:74:9d:de:70:2e:
81:74:71:ff:93:b3:f9:e6:7c:82:55:76:f7:3f:f8:
84:43:b3:9d:cf:a5:2f:f3:22:5a:e4:4a:58:11:64:
99:1d:61:aa:b6:c3:cf:7e:2f:5e:ef:c1:a6:a1:fa:
03:9a:96:8d:ea:02:fa:ee:20:cf:bd:1c:77:d8:d9:
1d:d2:ba:a6:5a:c3:e6:ef:c7:9d:d1:40:a5:a2:e9:
ff:28:9c:fa:81:c5:ad:df:fa:70:95:52:02:14:aa:
b5:0d:20:c4:29:51:ce:b4:fc:1b:b7:2f:25:07:ce:
b1:b6:68:e7:c6:59:8e:bc:bd:05:79:11:c2:40:07:
89:a1:67:26:9b:e8:d0:81:b1:ce:f8:d4:67:48:ba:
bd:f0:18:db:be:dd:ea:35:2e:32:bf:9c:5a:5e:a1:
6f:be:c7:03:19:3a:2f:10:30:8b:7f:57:f3:8f:ba:
35:fd:a3:fe:ab:eb:3c:b0:ab:40:15:50:e6:e4:92:
4a:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:70:8E:43:2A:D5:4A:24:74:F8:C3:CC:A3:F5:54:8C:54:8B:38:8D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rXCOQyrVSiR0-MPMo_VUjFSLOI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:c1:79:52:a6:11:91:44:28:aa:4a:ea:aa:0b:80:31:a2:cf:
5a:53:c8:b1:5f:b9:38:03:06:03:98:34:f1:f6:77:c0:4e:d0:
34:4c:b2:70:2c:49:a8:98:7e:de:7c:17:53:39:f2:63:be:c7:
cd:7a:a9:31:3c:c2:32:bd:5c:c6:a2:39:04:2f:4a:70:6f:66:
ae:ab:14:f7:63:d9:38:3e:ca:b3:30:13:36:28:79:0e:4a:c2:
6b:9e:03:18:5c:68:29:ae:38:10:9e:aa:f6:25:87:1a:cf:fd:
e9:11:dc:a0:06:b5:b5:dd:e2:e8:20:75:44:bd:bc:9b:e6:13:
a9:ba:9e:b6:f4:41:86:46:1a:c4:70:0b:57:23:3d:73:88:ca:
5d:78:2a:55:5e:4b:2c:19:9a:10:a3:ac:17:5e:bd:58:57:71:
cb:5d:a3:a6:0a:32:a8:41:13:38:5c:b1:5b:31:5d:d7:2c:6a:
0e:79:0b:41:b3:a5:dc:28:60:9a:e0:f3:7d:64:97:bf:45:52:
0e:8e:e1:9d:6f:84:d3:94:c2:25:33:91:80:5a:28:e9:fe:93:
ce:b7:80:31:36:4d:d2:82:46:83:56:bb:63:13:89:d5:82:cf:
9a:22:d5:ac:0b:00:c8:92:a1:62:c9:f3:28:b3:3e:3b:8a:e5:
99:70:16:83
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvFzXFxeawMbsfDQxmb/XfqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEyMjMxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDcwOGU0MzJhZDU0YTI0NzRmOGMzY2NhM2Y1NTQ4YzU0OGIzODhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMH8zgm6VBwgvCqBnPCBn0xKBggp
d1TKvqj4cJcTjMFAGDApzTTj9bA/lvlFUZKq4qo3xUFVFVfnAAJKLjVvwKzfX7kl
dJ3ecC6BdHH/k7P55nyCVXb3P/iEQ7Odz6Uv8yJa5EpYEWSZHWGqtsPPfi9e78Gm
ofoDmpaN6gL67iDPvRx32Nkd0rqmWsPm78ed0UCloun/KJz6gcWt3/pwlVICFKq1
DSDEKVHOtPwbty8lB86xtmjnxlmOvL0FeRHCQAeJoWcmm+jQgbHO+NRnSLq98Bjb
vt3qNS4yv5xaXqFvvscDGTovEDCLf1fzj7o1/aP+q+s8sKtAFVDm5JJKJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK1wjkMq1UokdPjDzKP1VIxUiziNMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvclhDT1F5clZTaVIwLU1QTW9fVlVqRlNMT0kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADPBeVKmEZFEKKpK6qoL
gDGiz1pTyLFfuTgDBgOYNPH2d8BO0DRMsnAsSaiYft58F1M58mO+x816qTE8wjK9
XMaiOQQvSnBvZq6rFPdj2Tg+yrMwEzYoeQ5KwmueAxhcaCmuOBCeqvYlhxrP/ekR
3KAGtbXd4uggdUS9vJvmE6m6nrb0QYZGGsRwC1cjPXOIyl14KlVeSywZmhCjrBde
vVhXcctdo6YKMqhBEzhcsVsxXdcsag55C0GzpdwoYJrg831kl79FUg6O4Z1vhNOU
wiUzkYBaKOn+k863gDE2TdKCRoNWu2MTidWCz5oi1awLAMiSoWLJ8yizPjuK5Zlw
FoM=
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:06:53 2025 by rpki-client