Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xhH5nMoJtGsDk-XTRmgUO_7HZds.roa
File: xhH5nMoJtGsDk-XTRmgUO_7HZds.roa (raw, json)
Hash identifier: +Ly9oxOIgCllaESuLlfuzxddTKILGJKKInjLUfajqNU=
Subject key identifier: C6:11:F9:9C:CA:09:B4:6B:03:93:E5:D3:46:68:14:3B:FE:C7:65:DB
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BA37E28F823071E837CEA3D93B22AEB89
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xhH5nMoJtGsDk-XTRmgUO_7HZds.roa
Signing time: Mon 06 Nov 2023 07:17:15 +0000
ROA not before: Mon 06 Nov 2023 07:17:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a3:7e:28:f8:23:07:1e:83:7c:ea:3d:93:b2:2a:eb:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 6 07:17:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c611f99cca09b46b0393e5d34668143bfec765db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:93:85:91:83:5d:b6:f5:6f:93:c9:34:9f:c5:
e6:fa:fa:9b:88:e5:bd:8f:89:fa:c2:0e:bf:37:0d:
41:11:23:6e:6c:93:96:5d:df:9f:da:2d:e9:05:1d:
42:15:6c:0c:01:67:6a:61:89:a4:4e:66:cc:10:d6:
c3:8e:12:9d:81:ba:4d:73:11:e8:62:f3:bf:d7:53:
ec:7d:2e:0c:2d:20:9c:51:2c:a9:2c:ad:c1:bc:13:
8e:a0:d1:39:97:83:c0:3a:1e:49:b2:06:86:2e:f7:
28:36:33:03:c6:9d:e6:fa:4a:df:3e:ab:1e:25:5e:
a8:61:08:be:5f:05:33:4b:c4:70:27:09:70:75:5c:
b1:d9:e2:2e:d3:c5:06:ce:1f:01:8a:44:08:a2:a1:
3e:37:7d:28:ec:4b:a7:99:c8:de:91:42:a9:55:64:
bf:c6:85:c8:c2:9e:32:24:85:82:c2:8e:54:97:45:
9b:40:37:ab:07:3b:15:12:79:1f:57:20:9b:c3:1c:
a7:50:22:bf:b5:cf:f9:dd:72:4b:91:a9:b9:55:dd:
24:c9:07:2a:80:06:69:49:28:9a:3c:5c:bf:82:2c:
0a:9b:c8:02:09:70:3b:4e:18:41:05:70:73:34:b3:
b2:ce:33:90:51:97:7f:a0:4f:5e:86:d9:c8:23:2e:
b3:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:11:F9:9C:CA:09:B4:6B:03:93:E5:D3:46:68:14:3B:FE:C7:65:DB
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xhH5nMoJtGsDk-XTRmgUO_7HZds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5b:24:96:a9:0f:6d:66:56:b2:f0:11:9c:e9:2e:71:13:ed:5f:
12:93:e7:82:8b:e6:eb:6b:19:f3:da:10:e9:2f:05:c5:fe:6e:
81:1e:f1:b4:bd:2e:51:69:cb:20:74:6a:04:3a:db:da:3b:97:
8b:ea:49:70:45:57:18:54:a6:33:93:da:42:a1:79:97:b4:fb:
2e:f6:8d:21:08:3b:e9:86:a0:69:77:03:30:96:6e:09:57:84:
ce:c5:16:09:51:82:ce:a9:dc:6e:51:f3:b0:2f:8d:84:c2:2b:
53:cc:95:62:bc:d9:90:df:ab:38:69:d4:be:25:e9:32:fc:c5:
87:31:fb:e1:2a:ce:f7:75:e4:b6:58:61:03:c4:96:89:61:af:
49:51:af:57:a3:39:eb:c5:3d:ba:3e:34:2c:72:5d:b4:64:6a:
82:83:eb:60:5a:45:e7:f7:58:8d:d9:77:20:e9:8c:4b:55:74:
31:53:97:73:a3:92:fc:ef:4d:a9:ea:f8:8c:e0:6a:a4:1b:a0:
d6:96:c9:38:05:85:52:1e:0e:44:ed:22:71:ec:70:a6:ec:50:
88:23:ae:a4:75:5b:30:15:66:4b:da:ed:1c:15:4a:16:a9:83:
b7:0d:ae:26:fa:f3:ce:74:fc:7b:4f:c9:1b:52:4d:ab:b8:66:
cf:f9:65:30
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYujfij4Iwceg3zqPZOyKuuJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA2MDcxNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjExZjk5Y2NhMDliNDZiMDM5M2U1ZDM0NjY4MTQzYmZlYzc2NWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZOFkYNdtvVvk8k0n8Xm+vqbiOW9
j4n6wg6/Nw1BESNubJOWXd+f2i3pBR1CFWwMAWdqYYmkTmbMENbDjhKdgbpNcxHo
YvO/11PsfS4MLSCcUSypLK3BvBOOoNE5l4PAOh5JsgaGLvcoNjMDxp3m+krfPqse
JV6oYQi+XwUzS8RwJwlwdVyx2eIu08UGzh8BikQIoqE+N30o7EunmcjekUKpVWS/
xoXIwp4yJIWCwo5Ul0WbQDerBzsVEnkfVyCbwxynUCK/tc/53XJLkam5Vd0kyQcq
gAZpSSiaPFy/giwKm8gCCXA7ThhBBXBzNLOyzjOQUZd/oE9ehtnIIy6z/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMYR+ZzKCbRrA5Pl00ZoFDv+x2XbMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveGhINW5Nb0p0R3NEay1YVFJtZ1VPXzdIWmRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFsklqkPbWZWsvARnOku
cRPtXxKT54KL5utrGfPaEOkvBcX+boEe8bS9LlFpyyB0agQ629o7l4vqSXBFVxhU
pjOT2kKheZe0+y72jSEIO+mGoGl3AzCWbglXhM7FFglRgs6p3G5R87AvjYTCK1PM
lWK82ZDfqzhp1L4l6TL8xYcx++Eqzvd15LZYYQPElolhr0lRr1ejOevFPbo+NCxy
XbRkaoKD62BaRef3WI3ZdyDpjEtVdDFTl3OjkvzvTanq+IzgaqQboNaWyTgFhVIe
DkTtInHscKbsUIgjrqR1WzAVZkva7RwVShapg7cNrib68850/HtPyRtSTau4Zs/5
ZTA=
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:32:20 2025 by rpki-client