Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xszeQGJDyfLsvh94gIok25jjUZs.roa
File: xszeQGJDyfLsvh94gIok25jjUZs.roa (raw, json)
Hash identifier: 3e2XiE+kaK0hWT8fwUDEgNcUNiEakw5YvOdj8BLFvGY=
Subject key identifier: C6:CC:DE:40:62:43:C9:F2:EC:BE:1F:78:80:8A:24:DB:98:E3:51:9B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C2C61E22345A8A5AA3B58E43EFBDF71FA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xszeQGJDyfLsvh94gIok25jjUZs.roa
Signing time: Sat 02 Dec 2023 21:14:21 +0000
ROA not before: Sat 02 Dec 2023 21:14:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2c:61:e2:23:45:a8:a5:aa:3b:58:e4:3e:fb:df:71:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 2 21:14:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6ccde406243c9f2ecbe1f78808a24db98e3519b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:37:4b:7d:57:68:c9:1b:f5:a7:9a:80:99:4a:
35:40:1c:e9:30:ea:17:4c:83:43:03:49:39:68:b5:
a7:ed:45:d3:0f:61:1b:dd:70:21:6d:38:55:50:ae:
19:ab:80:34:3e:bf:40:d0:92:65:89:c9:e1:5f:a8:
d6:7a:57:de:57:c4:79:76:bb:ee:6b:df:f3:dd:2a:
04:16:de:36:6d:c5:51:5d:fa:b0:0a:97:ba:d0:0c:
d2:d8:68:60:1f:88:83:1b:3e:91:db:f6:fe:02:18:
a4:3a:36:e6:aa:e5:5e:37:a2:d5:e9:e5:d3:38:09:
51:23:6a:5e:8b:95:be:4b:18:d1:54:0c:c9:fc:d5:
d0:c5:da:1d:43:0a:7f:ac:3f:38:4a:0b:79:e6:0d:
eb:f6:b4:7f:35:81:ff:b4:b9:64:ef:97:d2:04:aa:
16:52:95:46:4f:78:fa:35:79:bd:43:38:79:51:09:
66:0c:b7:9c:8f:a2:13:bd:34:5a:86:6f:0e:bc:19:
bf:bc:ef:22:e1:3d:98:65:c1:98:ef:ce:3c:30:4f:
da:14:a8:a1:2d:ee:cb:22:25:a0:2f:e5:5d:97:27:
e8:1f:ef:49:69:69:39:6d:f1:90:a8:08:e3:c2:d1:
99:e5:15:d2:dd:0b:09:56:78:b8:cb:57:f7:9d:e9:
b1:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:CC:DE:40:62:43:C9:F2:EC:BE:1F:78:80:8A:24:DB:98:E3:51:9B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/xszeQGJDyfLsvh94gIok25jjUZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:41:ca:a1:f4:cf:16:f1:af:84:9f:34:74:0c:1c:80:5a:84:
96:d2:88:23:aa:04:28:4c:93:eb:b1:69:5e:8c:fd:42:34:3f:
ed:27:f1:86:8a:8a:d0:67:46:60:a8:1f:24:0e:20:4b:a8:88:
8e:01:50:e1:12:a3:9a:15:fe:0a:9c:6b:bd:9e:45:d3:7d:cc:
37:23:60:b2:7f:64:1a:09:04:09:4e:89:27:db:2b:dd:a7:09:
d1:3f:d7:3d:40:b3:a4:7d:51:cd:c3:c2:c8:96:c5:c8:3a:9b:
af:f7:e0:28:59:0e:d3:93:09:aa:24:22:98:5a:76:1c:ad:4a:
cf:17:b2:36:f3:47:f5:c9:4c:76:4f:58:47:2b:5d:f0:7b:e6:
39:87:be:1c:ee:c3:c4:b3:f4:6e:53:64:4a:c4:02:4f:e2:fe:
2c:0a:ec:e3:28:5c:57:db:98:15:76:1a:0a:85:50:97:69:ef:
33:12:67:24:3b:97:70:24:ec:39:f9:a8:f1:46:e1:98:3f:81:
9d:5a:3a:b8:d0:92:35:b4:24:69:d9:46:9f:6f:b3:71:2e:33:
7a:9f:4d:80:4b:b5:b7:c2:02:bf:6e:73:6d:43:27:55:a3:0e:
f3:a1:a0:90:c6:43:91:60:b0:30:0d:f0:12:f5:8f:22:7f:ab:
ea:ec:3a:9a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwsYeIjRailqjtY5D7733H6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAyMjExNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmNjZGU0MDYyNDNjOWYyZWNiZTFmNzg4MDhhMjRkYjk4ZTM1MTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjdLfVdoyRv1p5qAmUo1QBzpMOoX
TINDA0k5aLWn7UXTD2Eb3XAhbThVUK4Zq4A0Pr9A0JJlicnhX6jWelfeV8R5drvu
a9/z3SoEFt42bcVRXfqwCpe60AzS2GhgH4iDGz6R2/b+AhikOjbmquVeN6LV6eXT
OAlRI2pei5W+SxjRVAzJ/NXQxdodQwp/rD84Sgt55g3r9rR/NYH/tLlk75fSBKoW
UpVGT3j6NXm9Qzh5UQlmDLecj6ITvTRahm8OvBm/vO8i4T2YZcGY7848ME/aFKih
Le7LIiWgL+VdlyfoH+9JaWk5bfGQqAjjwtGZ5RXS3QsJVni4y1f3nemxQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMbM3kBiQ8ny7L4feICKJNuY41GbMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEveHN6ZVFHSkR5Zkxzdmg5NGdJb2syNWpqVVpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKdByqH0zxbxr4SfNHQM
HIBahJbSiCOqBChMk+uxaV6M/UI0P+0n8YaKitBnRmCoHyQOIEuoiI4BUOESo5oV
/gqca72eRdN9zDcjYLJ/ZBoJBAlOiSfbK92nCdE/1z1As6R9Uc3DwsiWxcg6m6/3
4ChZDtOTCaokIphadhytSs8XsjbzR/XJTHZPWEcrXfB75jmHvhzuw8Sz9G5TZErE
Ak/i/iwK7OMoXFfbmBV2GgqFUJdp7zMSZyQ7l3Ak7Dn5qPFG4Zg/gZ1aOrjQkjW0
JGnZRp9vs3EuM3qfTYBLtbfCAr9uc21DJ1WjDvOhoJDGQ5FgsDAN8BL1jyJ/q+rs
Opo=
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:30:30 2025 by rpki-client