Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xkgt72T9sP5TSIBMO1ffCLtq288.roa
File: xkgt72T9sP5TSIBMO1ffCLtq288.roa (raw, json)
Hash identifier: GCjS8j/5c8WdD6+P7i96Vz8Z6vYZbi6ZsSjRl2YUHEw=
Subject key identifier: C6:48:2D:EF:64:FD:B0:FE:53:48:80:4C:3B:57:DF:08:BB:6A:DB:CF
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BA8672D76BBAD3CE5EB93147415D46677
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xkgt72T9sP5TSIBMO1ffCLtq288.roa
Signing time: Tue 07 Nov 2023 06:10:15 +0000
ROA not before: Tue 07 Nov 2023 06:10:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a8:67:2d:76:bb:ad:3c:e5:eb:93:14:74:15:d4:66:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 7 06:10:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6482def64fdb0fe5348804c3b57df08bb6adbcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a6:7c:11:02:f5:ef:da:6e:2c:c5:3a:49:f0:
40:6c:b1:9f:c9:11:84:ce:6d:87:24:ee:13:04:aa:
10:00:8d:c8:60:29:33:be:f4:e2:4e:09:a0:de:13:
10:ee:0f:4d:57:33:31:5d:1d:d8:59:76:d5:69:5c:
9a:d9:a1:c9:fb:89:45:ce:56:7d:80:b9:58:a9:82:
f1:86:c4:58:27:ad:7a:97:2b:93:32:5a:e7:d5:ad:
12:61:40:db:b3:ab:c0:5f:2e:14:83:3f:4a:b5:fc:
ef:fb:3c:a0:67:1a:85:d1:1b:31:fc:dd:a9:bc:94:
05:a4:66:f8:e3:ed:1b:e8:1a:ca:0e:03:93:71:36:
97:c8:e4:73:3e:6b:41:28:3c:c2:1a:be:3f:08:4c:
8a:85:84:c3:8e:27:06:66:b6:6c:20:e8:7b:97:29:
23:12:56:4e:33:11:9d:39:70:1d:5f:e1:d8:e5:17:
eb:d5:4c:6b:c9:f8:c6:2f:aa:63:73:93:f1:c6:94:
c9:c4:be:f8:8a:a4:cc:cf:60:ab:48:c7:1a:83:9a:
8f:60:bb:12:ce:14:f0:37:c7:97:f4:3e:25:61:50:
ff:30:dd:10:40:85:b4:84:74:5e:59:4c:5d:7e:4d:
07:7d:69:cd:ec:c3:c0:d8:af:3c:39:78:36:21:ee:
e2:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:48:2D:EF:64:FD:B0:FE:53:48:80:4C:3B:57:DF:08:BB:6A:DB:CF
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xkgt72T9sP5TSIBMO1ffCLtq288.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
83:37:ee:c9:80:56:01:56:54:85:6d:aa:57:17:b6:5e:20:d2:
8a:d1:ed:1b:c9:6e:a7:a5:be:cd:aa:72:0f:92:15:56:56:bb:
ea:74:f9:1b:0e:30:fa:a1:b5:5a:f6:f9:3f:59:55:c4:b2:fd:
2e:ec:68:6c:f9:55:0e:18:bf:7e:e9:3a:4c:a9:ac:01:7f:63:
05:8a:ae:1c:81:88:d4:7d:fe:0e:da:00:04:89:c7:81:21:21:
db:26:1c:3d:bd:2f:01:90:7a:f5:d9:c5:16:f2:f6:81:0f:4a:
c5:19:fb:af:b9:bf:25:fb:dd:70:23:7b:b3:c3:7e:af:82:ed:
67:1d:34:d4:02:5c:0a:42:6e:f8:d1:bf:20:78:4f:ad:91:ba:
c1:25:56:b1:e8:ec:ca:a9:35:1b:51:60:f6:af:7b:26:f4:cd:
02:5a:a2:a8:a8:75:6e:bd:37:37:bc:51:dc:01:aa:58:77:76:
40:95:a6:c3:bf:08:dd:05:63:67:eb:bd:17:66:d3:94:16:b5:
7d:b7:40:c3:71:32:de:d9:d9:35:9b:5e:3c:50:a9:bc:b4:73:
1c:a5:bd:05:bf:84:8d:8f:49:57:41:63:5a:23:04:6e:41:fd:
b7:6f:de:03:3b:3d:77:43:d9:22:64:4b:8d:05:64:3f:05:86:
5d:10:85:1c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuoZy12u6085euTFHQV1GZ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA3MDYxMDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjQ4MmRlZjY0ZmRiMGZlNTM0ODgwNGMzYjU3ZGYwOGJiNmFkYmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraZ8EQL179puLMU6SfBAbLGfyRGE
zm2HJO4TBKoQAI3IYCkzvvTiTgmg3hMQ7g9NVzMxXR3YWXbVaVya2aHJ+4lFzlZ9
gLlYqYLxhsRYJ616lyuTMlrn1a0SYUDbs6vAXy4Ugz9Ktfzv+zygZxqF0Rsx/N2p
vJQFpGb44+0b6BrKDgOTcTaXyORzPmtBKDzCGr4/CEyKhYTDjicGZrZsIOh7lykj
ElZOMxGdOXAdX+HY5Rfr1UxryfjGL6pjc5PxxpTJxL74iqTMz2CrSMcag5qPYLsS
zhTwN8eX9D4lYVD/MN0QQIW0hHReWUxdfk0HfWnN7MPA2K88OXg2Ie7iPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMZILe9k/bD+U0iATDtX3wi7atvPMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveGtndDcyVDlzUDVUU0lCTU8xZmZDTHRxMjg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIM37smAVgFWVIVtqlcX
tl4g0orR7RvJbqelvs2qcg+SFVZWu+p0+RsOMPqhtVr2+T9ZVcSy/S7saGz5VQ4Y
v37pOkyprAF/YwWKrhyBiNR9/g7aAASJx4EhIdsmHD29LwGQevXZxRby9oEPSsUZ
+6+5vyX73XAje7PDfq+C7WcdNNQCXApCbvjRvyB4T62RusElVrHo7MqpNRtRYPav
eyb0zQJaoqiodW69Nze8UdwBqlh3dkCVpsO/CN0FY2frvRdm05QWtX23QMNxMt7Z
2TWbXjxQqby0cxylvQW/hI2PSVdBY1ojBG5B/bdv3gM7PXdD2SJkS40FZD8Fhl0Q
hRw=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:10:14 2025 by rpki-client