Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xm2mNGN2a8hJmyNRTUDLEKnK8mE.roa
File: xm2mNGN2a8hJmyNRTUDLEKnK8mE.roa (raw, json)
Hash identifier: 6qe6mVN/KBRO5wqF4mdBYPaFrB06atsK1KkNmQA4Kw4=
Subject key identifier: C6:6D:A6:34:63:76:6B:C8:49:9B:23:51:4D:40:CB:10:A9:CA:F2:61
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BADFA83E25C394E22B1C000D8CFB8C73C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xm2mNGN2a8hJmyNRTUDLEKnK8mE.roa
Signing time: Wed 08 Nov 2023 08:09:17 +0000
ROA not before: Wed 08 Nov 2023 08:09:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ad:fa:83:e2:5c:39:4e:22:b1:c0:00:d8:cf:b8:c7:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 8 08:09:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c66da63463766bc8499b23514d40cb10a9caf261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5a:6c:36:92:40:f9:c7:39:04:4b:b0:a0:50:
b5:aa:49:48:e6:06:b8:46:3d:c2:75:13:cb:bf:c7:
1b:e0:a0:e0:95:01:69:b3:74:24:a6:1c:99:f6:a0:
00:db:96:d2:83:7f:f6:63:3d:16:e3:d0:f1:8e:c5:
07:23:18:06:66:20:6e:44:6d:dc:0c:81:bf:64:7b:
57:86:6d:d1:dc:72:aa:30:b7:8e:8e:f5:9f:1a:51:
ba:f4:8f:74:b5:a2:c4:c0:99:47:35:4d:36:ce:f8:
96:9d:2b:fd:cd:ef:b5:cf:3f:5a:69:bd:02:26:8d:
03:eb:49:73:f6:3b:41:0c:96:17:70:ac:4f:4a:16:
7e:1d:62:95:40:76:72:6d:25:f1:ad:06:49:9c:f4:
77:ed:e0:f3:97:73:86:50:91:ba:5c:a3:b8:26:57:
9f:9c:5f:94:07:80:cf:c8:d2:0a:d9:52:5f:b9:a3:
b6:f0:00:38:de:db:39:d2:5b:7b:ee:a1:3b:d2:49:
12:d1:b9:29:db:e0:6e:85:ec:2d:da:0a:64:1b:93:
43:d9:30:9e:0d:e4:91:26:4a:cb:57:fa:da:90:3d:
78:13:9b:97:29:8b:49:37:b5:a1:d9:5b:05:10:76:
5b:70:44:53:59:4c:5f:e3:fb:b3:8a:0c:86:bf:fe:
f8:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:6D:A6:34:63:76:6B:C8:49:9B:23:51:4D:40:CB:10:A9:CA:F2:61
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xm2mNGN2a8hJmyNRTUDLEKnK8mE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
64:d4:6a:cf:8e:d8:09:cf:e4:12:ec:e8:4c:3c:fd:ed:83:8e:
12:3c:82:0e:a2:fe:8f:70:0e:91:c0:14:bc:17:20:9c:f7:e9:
48:cf:06:12:b5:0d:97:de:14:7b:14:6d:87:33:fb:a1:55:84:
5e:21:47:dd:20:00:4d:9f:f8:0c:9d:3c:06:0e:ad:32:86:04:
c0:cf:ae:da:b2:19:e4:05:54:0e:4a:9f:18:90:42:1f:38:fe:
37:6d:62:19:7b:45:1a:d5:24:c0:e2:db:79:e7:c0:2f:9f:4c:
37:aa:1a:b0:21:60:e0:91:38:49:f3:af:64:90:c3:5f:94:96:
73:60:8b:00:22:b8:59:b3:7a:49:7d:72:f7:d3:1e:44:3a:dd:
29:49:75:fe:e5:25:10:10:fd:22:d2:54:8d:9b:d2:ec:34:77:
6b:ef:5f:a9:78:1f:b8:74:37:2f:dc:b7:d8:83:7e:fb:24:91:
77:e9:93:26:29:ed:c3:00:37:5d:f1:95:8a:3b:2a:8d:31:7b:
72:3a:10:7c:13:78:27:98:0b:8d:b9:bc:b1:af:56:b8:51:84:
f9:c6:98:09:5d:71:54:35:0d:e2:a2:51:70:cb:07:33:35:48:
75:2a:24:14:7d:a8:e1:0a:11:68:2c:3b:1e:3c:62:97:5e:19:
01:cc:52:09
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYut+oPiXDlOIrHAANjPuMc8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA4MDgwOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjZkYTYzNDYzNzY2YmM4NDk5YjIzNTE0ZDQwY2IxMGE5Y2FmMjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlpsNpJA+cc5BEuwoFC1qklI5ga4
Rj3CdRPLv8cb4KDglQFps3QkphyZ9qAA25bSg3/2Yz0W49DxjsUHIxgGZiBuRG3c
DIG/ZHtXhm3R3HKqMLeOjvWfGlG69I90taLEwJlHNU02zviWnSv9ze+1zz9aab0C
Jo0D60lz9jtBDJYXcKxPShZ+HWKVQHZybSXxrQZJnPR37eDzl3OGUJG6XKO4Jlef
nF+UB4DPyNIK2VJfuaO28AA43ts50lt77qE70kkS0bkp2+Buhewt2gpkG5ND2TCe
DeSRJkrLV/rakD14E5uXKYtJN7Wh2VsFEHZbcERTWUxf4/uzigyGv/74JwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMZtpjRjdmvISZsjUU1AyxCpyvJhMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveG0ybU5HTjJhOGhKbXlOUlRVRExFS25LOG1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGTUas+O2AnP5BLs6Ew8
/e2DjhI8gg6i/o9wDpHAFLwXIJz36UjPBhK1DZfeFHsUbYcz+6FVhF4hR90gAE2f
+AydPAYOrTKGBMDPrtqyGeQFVA5KnxiQQh84/jdtYhl7RRrVJMDi23nnwC+fTDeq
GrAhYOCROEnzr2SQw1+UlnNgiwAiuFmzekl9cvfTHkQ63SlJdf7lJRAQ/SLSVI2b
0uw0d2vvX6l4H7h0Ny/ct9iDfvskkXfpkyYp7cMAN13xlYo7Ko0xe3I6EHwTeCeY
C425vLGvVrhRhPnGmAldcVQ1DeKiUXDLBzM1SHUqJBR9qOEKEWgsOx48YpdeGQHM
Ugk=
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:53:34 2025 by rpki-client