Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xSGgKPL8YOSnLppVdRYHw-EcnZs.roa
File: xSGgKPL8YOSnLppVdRYHw-EcnZs.roa (raw, json)
Hash identifier: 0VpJ1BsSeQnFUd6zlN5Ghje1J2NLIHo8FUbt+sUmobM=
Subject key identifier: C5:21:A0:28:F2:FC:60:E4:A7:2E:9A:55:75:16:07:C3:E1:1C:9D:9B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B82E08CFFAA111F29323F344FE71AB419
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xSGgKPL8YOSnLppVdRYHw-EcnZs.roa
Signing time: Mon 30 Oct 2023 23:17:16 +0000
ROA not before: Mon 30 Oct 2023 23:17:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:82:e0:8c:ff:aa:11:1f:29:32:3f:34:4f:e7:1a:b4:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 30 23:17:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c521a028f2fc60e4a72e9a55751607c3e11c9d9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:83:d8:45:c5:14:bd:56:4e:15:ad:72:88:a0:
89:77:32:64:20:23:cb:0b:10:33:54:0e:b7:51:30:
28:6c:f6:85:53:fc:a0:d8:c3:df:10:0d:94:df:db:
07:c0:34:d4:e4:6b:65:08:0a:33:3b:a9:cf:d1:15:
86:51:24:a8:0b:7f:12:c3:b1:9a:11:8d:87:ef:04:
6f:80:f5:32:38:76:d3:62:ea:01:48:d6:46:26:9b:
ee:fe:31:35:bb:cd:e4:5e:69:85:2b:93:89:af:e9:
02:da:a8:58:77:fe:2d:31:8b:a9:df:af:2e:b1:18:
94:3d:32:a8:f2:fc:ad:03:17:d3:56:20:fb:4e:cf:
29:52:17:cd:a0:e3:71:f6:c6:2c:49:76:d4:55:ff:
8f:10:aa:27:3a:00:d6:e3:ab:a6:09:b3:23:3e:a1:
c4:3d:eb:1a:d8:67:55:c2:81:47:51:72:1e:ff:8e:
7f:bc:72:07:4b:dc:19:6f:54:59:8c:6c:0d:41:74:
6d:74:31:92:69:95:03:4f:7d:e8:6d:c4:b4:a7:50:
92:44:22:49:d5:4f:51:6a:0d:81:ae:f2:f9:cf:d0:
9c:11:60:00:bb:18:eb:d2:17:e1:25:38:d9:2d:9e:
54:d7:c6:91:e4:55:1b:32:b3:c4:9f:1b:b0:87:a1:
b7:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:21:A0:28:F2:FC:60:E4:A7:2E:9A:55:75:16:07:C3:E1:1C:9D:9B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xSGgKPL8YOSnLppVdRYHw-EcnZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
97:dd:67:90:60:f0:23:3d:27:73:16:67:9f:44:10:62:5d:ee:
b5:38:31:0b:54:e0:b9:88:ba:c3:31:c8:78:42:8a:bb:c0:73:
78:5f:50:02:6e:9d:e3:e6:3c:48:76:00:57:99:31:10:17:84:
b3:b8:e3:88:6a:8b:d2:ad:8f:7a:fd:ad:6d:f9:2f:53:da:dc:
f4:c3:96:fb:19:e4:d6:df:95:df:fe:41:cd:1f:19:8b:12:17:
51:15:40:42:7b:b4:e0:ee:da:f6:30:ab:31:77:80:fe:ef:2e:
0f:ca:c8:56:2b:4f:3e:51:0e:95:f9:3e:9c:7f:ce:31:8b:30:
85:32:62:19:4f:33:33:e8:73:7f:07:e1:1b:5e:44:c9:dc:4c:
be:c8:ff:0a:a9:48:1c:b0:a2:1a:cd:15:05:52:b4:d4:c0:ea:
65:b3:ef:42:ed:3b:5f:ef:3c:bc:64:47:4c:79:ca:3e:42:74:
8e:60:ac:fd:68:8d:29:79:a8:66:76:34:cf:2e:7a:92:a6:70:
bc:54:65:cc:05:45:24:59:aa:f0:15:91:4c:b4:bc:62:47:76:
1f:40:10:24:98:c6:88:5c:d4:08:2a:eb:16:81:31:46:91:6a:
56:eb:54:d8:38:c9:38:9f:96:56:22:ae:ab:72:d6:88:76:1f:
05:e4:00:e3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuC4Iz/qhEfKTI/NE/nGrQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDMwMjMxNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTIxYTAyOGYyZmM2MGU0YTcyZTlhNTU3NTE2MDdjM2UxMWM5ZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIPYRcUUvVZOFa1yiKCJdzJkICPL
CxAzVA63UTAobPaFU/yg2MPfEA2U39sHwDTU5GtlCAozO6nP0RWGUSSoC38Sw7Ga
EY2H7wRvgPUyOHbTYuoBSNZGJpvu/jE1u83kXmmFK5OJr+kC2qhYd/4tMYup368u
sRiUPTKo8vytAxfTViD7Ts8pUhfNoONx9sYsSXbUVf+PEKonOgDW46umCbMjPqHE
Pesa2GdVwoFHUXIe/45/vHIHS9wZb1RZjGwNQXRtdDGSaZUDT33obcS0p1CSRCJJ
1U9Rag2BrvL5z9CcEWAAuxjr0hfhJTjZLZ5U18aR5FUbMrPEnxuwh6G3XwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMUhoCjy/GDkpy6aVXUWB8PhHJ2bMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveFNHZ0tQTDhZT1NuTHBwVmRSWUh3LUVjblpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJfdZ5Bg8CM9J3MWZ59E
EGJd7rU4MQtU4LmIusMxyHhCirvAc3hfUAJunePmPEh2AFeZMRAXhLO444hqi9Kt
j3r9rW35L1Pa3PTDlvsZ5Nbfld/+Qc0fGYsSF1EVQEJ7tODu2vYwqzF3gP7vLg/K
yFYrTz5RDpX5Ppx/zjGLMIUyYhlPMzPoc38H4RteRMncTL7I/wqpSBywohrNFQVS
tNTA6mWz70LtO1/vPLxkR0x5yj5CdI5grP1ojSl5qGZ2NM8uepKmcLxUZcwFRSRZ
qvAVkUy0vGJHdh9AECSYxohc1Agq6xaBMUaRalbrVNg4yTifllYirqty1oh2HwXk
AOM=
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:47:07 2025 by rpki-client