Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KtsChgAYiEisTsjsrGhC3BL8aiw.roa
File: KtsChgAYiEisTsjsrGhC3BL8aiw.roa (raw, json)
Hash identifier: cZ27j+f5gCcTUHGvyP/1fVMgGH5hOyblbQxe21DU0uY=
Subject key identifier: 2A:DB:02:86:00:18:88:48:AC:4E:C8:EC:AC:68:42:DC:12:FC:6A:2C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C509C779F3FFC88A62B726FFB8EE29ACC
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KtsChgAYiEisTsjsrGhC3BL8aiw.roa
Signing time: Sat 09 Dec 2023 22:04:40 +0000
ROA not before: Sat 09 Dec 2023 22:04:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18c:509c:9e5/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:50:9c:77:9f:3f:fc:88:a6:2b:72:6f:fb:8e:e2:9a:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 9 22:04:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2adb028600188848ac4ec8ecac6842dc12fc6a2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1c:e6:15:37:91:df:fd:dd:55:b9:b3:80:1f:
ae:23:db:91:05:b3:f1:d7:3c:b0:dc:ee:90:dd:64:
82:7c:33:da:3c:8a:19:20:6b:b7:56:33:6a:15:78:
e0:8e:cc:49:5f:85:93:83:5d:ed:73:80:cf:fc:91:
f6:76:2a:10:50:43:f4:f0:14:f1:ec:cb:eb:5f:6a:
e1:5e:92:e3:3b:42:7f:68:96:2d:79:4b:a4:c9:df:
24:c0:25:59:2f:51:0e:e3:b6:6d:59:0f:9e:0e:a8:
af:62:22:97:28:5c:b0:b2:60:00:f7:5a:be:95:ec:
c1:3c:b1:b7:e0:d6:43:c0:a3:02:85:26:93:80:0f:
85:9f:d1:47:34:74:92:db:de:b8:2f:91:01:89:d8:
cd:c0:42:77:35:e0:c0:bb:c1:b0:d3:e1:19:fc:3d:
32:a0:03:f9:4e:c3:5e:6c:75:5e:0e:ab:3c:a9:00:
19:53:1d:e0:99:3b:7e:6b:6f:ec:d2:38:a0:ad:4e:
62:7d:47:d2:17:37:b1:b8:92:d7:9f:13:e4:6e:84:
ef:6e:f6:be:c8:66:4b:c1:0c:45:f4:dd:6c:9d:b9:
70:47:a3:4a:47:86:2b:db:3e:d0:f9:46:82:9e:1f:
ec:cf:56:ea:e8:2d:ff:a3:90:a0:da:be:b7:73:ac:
02:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:DB:02:86:00:18:88:48:AC:4E:C8:EC:AC:68:42:DC:12:FC:6A:2C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KtsChgAYiEisTsjsrGhC3BL8aiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
09:ad:c6:68:f2:3e:21:2b:6b:29:19:b5:c7:22:3c:c3:07:07:
6e:da:28:0e:82:81:02:12:ce:a2:c8:d4:38:36:c1:2e:5f:c7:
3f:a0:be:10:0d:a4:fd:44:e1:34:f5:74:6c:9b:1a:57:46:f7:
ab:4c:c6:a7:28:02:40:9a:91:85:0a:09:d1:bf:5c:26:b8:48:
4e:94:46:f3:75:31:9c:fc:97:b7:7a:f3:a3:0c:29:74:f6:88:
91:76:e2:4e:27:de:cd:4f:0a:3d:6b:b0:32:bb:6e:56:3d:be:
a9:b9:46:cf:45:90:8f:90:40:b4:ea:04:10:33:ea:ea:0a:63:
2f:a5:c0:ea:5a:13:61:77:ce:87:5b:ae:c9:79:b5:06:88:b0:
23:e7:f5:56:d3:78:00:ef:10:5d:ee:ba:06:ef:9b:0b:6d:dc:
2e:de:af:fb:1b:df:dd:65:a6:7b:ab:de:53:81:1e:09:98:0e:
3c:95:a7:86:a2:17:9a:13:aa:41:2a:ac:f9:0c:ce:61:0c:d4:
d9:62:2e:63:be:46:9f:22:32:90:f6:e0:05:45:13:a1:c8:9a:
ad:a9:c0:7f:1d:d1:f1:62:1a:02:34:09:c9:d9:00:e2:cb:d1:
99:9f:2a:47:d6:b6:63:ff:1d:5b:fc:fa:fe:8c:fc:a1:5b:5f:
7c:9f:49:bb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxQnHefP/yIpityb/uO4prMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA5MjIwNDQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWRiMDI4NjAwMTg4ODQ4YWM0ZWM4ZWNhYzY4NDJkYzEyZmM2YTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBzmFTeR3/3dVbmzgB+uI9uRBbPx
1zyw3O6Q3WSCfDPaPIoZIGu3VjNqFXjgjsxJX4WTg13tc4DP/JH2dioQUEP08BTx
7MvrX2rhXpLjO0J/aJYteUukyd8kwCVZL1EO47ZtWQ+eDqivYiKXKFywsmAA91q+
lezBPLG34NZDwKMChSaTgA+Fn9FHNHSS2964L5EBidjNwEJ3NeDAu8Gw0+EZ/D0y
oAP5TsNebHVeDqs8qQAZUx3gmTt+a2/s0jigrU5ifUfSFzexuJLXnxPkboTvbva+
yGZLwQxF9N1snblwR6NKR4Yr2z7Q+UaCnh/sz1bq6C3/o5Cg2r63c6wCvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCrbAoYAGIhIrE7I7KxoQtwS/GosMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvS3RzQ2hnQVlpRWlzVHNqc3JHaEMzQkw4YWl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAmtxmjyPiEraykZtcci
PMMHB27aKA6CgQISzqLI1Dg2wS5fxz+gvhANpP1E4TT1dGybGldG96tMxqcoAkCa
kYUKCdG/XCa4SE6URvN1MZz8l7d686MMKXT2iJF24k4n3s1PCj1rsDK7blY9vqm5
Rs9FkI+QQLTqBBAz6uoKYy+lwOpaE2F3zodbrsl5tQaIsCPn9VbTeADvEF3uugbv
mwtt3C7er/sb391lpnur3lOBHgmYDjyVp4aiF5oTqkEqrPkMzmEM1NliLmO+Rp8i
MpD24AVFE6HImq2pwH8d0fFiGgI0CcnZAOLL0ZmfKkfWtmP/HVv8+v6M/KFbX3yf
Sbs=
-----END CERTIFICATE-----
Generated at Mon Jul 28 22:03:06 2025 by rpki-client