Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xEBBAYXxsyAH60A9uv1J8yGJKUE.roa
File: xEBBAYXxsyAH60A9uv1J8yGJKUE.roa (raw, json)
Hash identifier: UMiz0F45RyNjZBIraV+PmPzr7JAhi7Q4nwWAl6gOMS4=
Subject key identifier: C4:40:41:01:85:F1:B3:20:07:EB:40:3D:BA:FD:49:F3:21:89:29:41
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B30B5731CF7434FCF186EC987EC37C87B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xEBBAYXxsyAH60A9uv1J8yGJKUE.roa
Signing time: Sun 15 Oct 2023 00:21:19 +0000
ROA not before: Sun 15 Oct 2023 00:21:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:30:b5:73:1c:f7:43:4f:cf:18:6e:c9:87:ec:37:c8:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 15 00:21:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c440410185f1b32007eb403dbafd49f321892941
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:cb:52:08:87:1e:dd:5f:18:dd:d0:64:5a:36:
84:a3:08:de:04:a1:46:c5:15:07:d7:3c:a2:97:69:
85:d3:d3:ea:19:88:84:40:3c:12:90:22:29:b1:8b:
45:2e:8f:2e:08:cf:4a:ef:fc:60:b1:10:35:a6:07:
c3:84:6d:24:86:a5:e9:a8:eb:ad:57:b7:d2:e9:ef:
8c:15:99:1c:b0:96:0d:3e:68:47:4d:25:48:87:c9:
42:fc:7d:48:8e:e5:35:25:ee:69:e4:5e:1e:e3:11:
8d:b6:0b:f3:58:c7:a0:a4:39:1e:ce:bc:a5:ec:19:
c1:0e:98:65:f5:f2:bc:26:67:01:65:d1:41:ef:85:
88:30:cc:53:b4:e2:9d:af:3c:61:2c:c2:b8:fb:a3:
65:91:db:e4:b6:48:c6:5f:2b:8c:c0:83:1b:c3:d6:
ed:25:33:7e:13:16:ea:0c:19:5f:65:36:6b:43:67:
41:ec:a9:4b:7d:2d:c5:e9:b8:bd:26:5b:94:08:32:
6a:9f:8e:ea:2d:2c:23:f5:bf:f9:0d:cd:34:f2:45:
2a:ca:25:39:18:29:4a:69:89:d7:c6:ab:1e:a8:c8:
0f:6e:cd:85:03:bc:25:5c:76:70:0d:d0:2e:e6:1d:
1d:8a:ac:e0:0b:f0:8e:51:5a:3c:8b:f5:c7:64:c5:
58:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:40:41:01:85:F1:B3:20:07:EB:40:3D:BA:FD:49:F3:21:89:29:41
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xEBBAYXxsyAH60A9uv1J8yGJKUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2f:4a:41:19:3a:0a:9a:48:e3:42:fa:a3:83:bb:33:e3:8e:93:
da:88:b4:c0:61:cc:24:9b:17:bf:e5:71:5a:9b:87:b4:a8:81:
88:72:de:ad:d7:29:f3:2e:63:9c:6b:c6:8c:35:d1:4f:12:fd:
72:51:91:73:af:70:ef:94:d7:6f:86:ab:cc:4b:38:e0:ed:2a:
ce:57:78:e1:86:00:57:71:7d:80:62:f1:da:b9:6e:56:69:cb:
b4:87:e6:60:dc:e7:22:f9:b7:9c:02:16:85:6c:dd:3b:a9:62:
f9:15:83:f8:f1:52:74:c1:8f:5d:ad:19:7a:11:dc:0a:ff:cc:
4e:63:48:38:a1:f3:e4:88:e7:b2:e0:78:bc:d7:85:39:6e:b0:
69:6d:fc:ff:5b:65:b8:66:75:24:ff:ed:2a:ee:3f:6c:71:4a:
35:39:00:ff:b8:09:b5:56:a4:ef:ec:e8:58:bc:0c:42:fc:1d:
1e:12:81:a8:5a:7f:87:c7:a4:6d:66:1c:a3:e8:98:a9:92:7d:
76:37:a3:11:95:ce:2f:16:69:4b:69:b8:6a:83:b0:2d:22:28:
39:df:aa:ea:e7:f0:54:18:54:46:7b:94:55:af:63:4f:88:84:
7d:31:d5:fc:23:36:2a:cd:f5:07:c5:22:1f:e4:07:4a:29:06:
97:19:6c:82
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYswtXMc90NPzxhuyYfsN8h7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE1MDAyMTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDQwNDEwMTg1ZjFiMzIwMDdlYjQwM2RiYWZkNDlmMzIxODkyOTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8tSCIce3V8Y3dBkWjaEowjeBKFG
xRUH1zyil2mF09PqGYiEQDwSkCIpsYtFLo8uCM9K7/xgsRA1pgfDhG0khqXpqOut
V7fS6e+MFZkcsJYNPmhHTSVIh8lC/H1IjuU1Je5p5F4e4xGNtgvzWMegpDkezryl
7BnBDphl9fK8JmcBZdFB74WIMMxTtOKdrzxhLMK4+6NlkdvktkjGXyuMwIMbw9bt
JTN+ExbqDBlfZTZrQ2dB7KlLfS3F6bi9JluUCDJqn47qLSwj9b/5Dc008kUqyiU5
GClKaYnXxqseqMgPbs2FA7wlXHZwDdAu5h0diqzgC/COUVo8i/XHZMVYvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMRAQQGF8bMgB+tAPbr9SfMhiSlBMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveEVCQkFZWHhzeUFINjBBOXV2MUo4eUdKS1VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC9KQRk6CppI40L6o4O7
M+OOk9qItMBhzCSbF7/lcVqbh7SogYhy3q3XKfMuY5xrxow10U8S/XJRkXOvcO+U
12+Gq8xLOODtKs5XeOGGAFdxfYBi8dq5blZpy7SH5mDc5yL5t5wCFoVs3TupYvkV
g/jxUnTBj12tGXoR3Ar/zE5jSDih8+SI57LgeLzXhTlusGlt/P9bZbhmdST/7Sru
P2xxSjU5AP+4CbVWpO/s6Fi8DEL8HR4Sgahaf4fHpG1mHKPomKmSfXY3oxGVzi8W
aUtpuGqDsC0iKDnfqurn8FQYVEZ7lFWvY0+IhH0x1fwjNirN9QfFIh/kB0opBpcZ
bII=
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:27:49 2025 by rpki-client