Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xgVi6ZoHUYcNOjBWzwoVJezs9pM.roa
File: xgVi6ZoHUYcNOjBWzwoVJezs9pM.roa (raw, json)
Hash identifier: wch2MEfoJn3kfD8CimoaPOYk4pM3O7EU4VxsZpio+kY=
Subject key identifier: C6:05:62:E9:9A:07:51:87:0D:3A:30:56:CF:0A:15:25:EC:EC:F6:93
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B1534AE2E3BE84661B98103C901DA4384
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xgVi6ZoHUYcNOjBWzwoVJezs9pM.roa
Signing time: Mon 09 Oct 2023 16:10:55 +0000
ROA not before: Mon 09 Oct 2023 16:10:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:15:34:ae:2e:3b:e8:46:61:b9:81:03:c9:01:da:43:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 9 16:10:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c60562e99a0751870d3a3056cf0a1525ececf693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:74:10:42:89:c0:ff:71:4f:62:b3:be:e1:c7:
97:86:4e:53:88:6b:f2:f2:eb:f1:30:e0:85:e4:7b:
1b:14:3b:e3:2d:32:dd:87:6e:1e:e5:10:ce:52:b6:
aa:2a:19:d7:e6:bc:5f:d6:31:b7:16:bb:41:56:3e:
0d:a4:ca:bc:f7:ae:36:18:36:d8:13:10:72:37:0d:
21:48:8c:cf:76:cb:6c:8a:f5:28:be:78:6f:80:8b:
bf:ff:30:63:6b:78:23:b9:aa:a5:2e:ed:0c:72:62:
cb:c1:60:1b:6e:8e:d7:36:df:78:cd:33:c4:79:3e:
d7:ee:33:6e:3c:cb:5a:09:7b:36:79:b3:d8:73:25:
0d:77:cc:81:e3:c5:10:4d:36:44:51:79:ea:67:77:
11:c0:5b:02:07:2d:e5:e8:e6:ca:8e:8a:4f:81:83:
24:5b:ca:7c:30:05:f8:6f:d3:56:e4:d3:87:93:a5:
24:d9:ca:81:38:05:76:32:ad:ee:af:48:d1:0c:ce:
00:3d:dc:4f:b2:ac:49:59:de:fb:e2:16:94:2f:ce:
78:f5:2e:35:2f:85:63:f9:73:74:fe:90:15:68:2a:
51:e3:7e:19:30:c3:f8:20:dc:0c:07:e6:39:e6:95:
75:c7:38:fa:a3:ae:5d:cc:27:75:96:71:a2:b6:a9:
9d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:05:62:E9:9A:07:51:87:0D:3A:30:56:CF:0A:15:25:EC:EC:F6:93
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xgVi6ZoHUYcNOjBWzwoVJezs9pM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
65:2e:f2:95:4d:49:2f:52:94:b7:13:55:5f:ea:47:d0:31:8f:
7b:73:77:7a:0f:0f:82:21:3f:3b:90:ba:c1:9c:ad:02:d2:d1:
00:53:91:57:c6:62:f8:95:87:77:68:bf:24:7f:b1:29:43:11:
ad:42:54:c8:b1:dd:23:b2:2d:f7:5c:ae:e6:d1:7e:5a:e7:cd:
85:60:b4:84:35:a4:da:4a:8f:5f:89:8d:50:65:ae:0d:b3:79:
2b:3f:5a:45:7a:6e:3a:20:2d:5b:a5:7c:b1:57:e3:24:b8:12:
7d:10:72:b9:44:a8:88:5e:65:4f:08:53:61:5f:bc:f5:89:d8:
1d:e0:c5:49:d5:2d:a7:e5:58:0d:54:97:5e:75:13:cc:38:3f:
32:be:ff:05:c2:39:19:bc:cf:5b:c6:58:67:5f:5c:8c:09:94:
c0:a6:24:64:9d:64:b6:d3:63:c8:f3:1f:35:b2:fb:a6:c3:7f:
c3:3a:22:82:ec:b0:bf:e5:18:05:92:55:97:aa:cb:ba:46:cd:
8b:f3:cc:9b:e6:1c:14:4b:bb:e2:5e:10:c3:f8:95:c5:da:08:
d2:60:1c:46:87:68:dd:34:25:c9:9a:d6:3c:6b:44:34:aa:a3:
0c:21:5f:31:cc:91:b8:a6:49:86:92:6c:3d:6b:7e:02:1f:33:
c5:af:b6:75
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsVNK4uO+hGYbmBA8kB2kOEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA5MTYxMDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjA1NjJlOTlhMDc1MTg3MGQzYTMwNTZjZjBhMTUyNWVjZWNmNjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13QQQonA/3FPYrO+4ceXhk5TiGvy
8uvxMOCF5HsbFDvjLTLdh24e5RDOUraqKhnX5rxf1jG3FrtBVj4NpMq89642GDbY
ExByNw0hSIzPdstsivUovnhvgIu//zBja3gjuaqlLu0McmLLwWAbbo7XNt94zTPE
eT7X7jNuPMtaCXs2ebPYcyUNd8yB48UQTTZEUXnqZ3cRwFsCBy3l6ObKjopPgYMk
W8p8MAX4b9NW5NOHk6Uk2cqBOAV2Mq3ur0jRDM4APdxPsqxJWd774haUL8549S41
L4Vj+XN0/pAVaCpR434ZMMP4INwMB+Y55pV1xzj6o65dzCd1lnGitqmdSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMYFYumaB1GHDTowVs8KFSXs7PaTMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveGdWaTZab0hVWWNOT2pCV3p3b1ZKZXpzOXBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGUu8pVNSS9SlLcTVV/q
R9Axj3tzd3oPD4IhPzuQusGcrQLS0QBTkVfGYviVh3dovyR/sSlDEa1CVMix3SOy
LfdcrubRflrnzYVgtIQ1pNpKj1+JjVBlrg2zeSs/WkV6bjogLVulfLFX4yS4En0Q
crlEqIheZU8IU2FfvPWJ2B3gxUnVLaflWA1Ul151E8w4PzK+/wXCORm8z1vGWGdf
XIwJlMCmJGSdZLbTY8jzHzWy+6bDf8M6IoLssL/lGAWSVZeqy7pGzYvzzJvmHBRL
u+JeEMP4lcXaCNJgHEaHaN00Jcma1jxrRDSqowwhXzHMkbimSYaSbD1rfgIfM8Wv
tnU=
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:17:09 2025 by rpki-client