Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KBONt6Q6T6iHLX3Rcijdkn6awZg.roa
File: KBONt6Q6T6iHLX3Rcijdkn6awZg.roa (raw, json)
Hash identifier: F/SnBZgdWAZYAW+Sg1bUMFGwi4aD9+Ql9hab0DrIke8=
Subject key identifier: 28:13:8D:B7:A4:3A:4F:A8:87:2D:7D:D1:72:28:DD:92:7E:9A:C1:98
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D5CA47B2035D465A52949DB516C999CE6
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KBONt6Q6T6iHLX3Rcijdkn6awZg.roa
Signing time: Tue 30 Jan 2024 23:11:39 +0000
ROA not before: Tue 30 Jan 2024 23:11:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5c:a4:7b:20:35:d4:65:a5:29:49:db:51:6c:99:9c:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 30 23:11:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28138db7a43a4fa8872d7dd17228dd927e9ac198
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:92:07:8a:dd:90:85:1e:e1:f0:24:e1:ce:74:
c5:72:ed:a0:c4:63:3d:3f:09:db:08:31:f5:b3:84:
0b:4b:87:7d:cc:34:fe:64:b8:6e:d1:17:77:f5:2f:
75:67:3e:29:4d:9e:1b:bf:90:3d:81:58:39:4f:84:
01:9d:01:95:9e:6c:37:1d:07:16:88:56:7b:16:a2:
fc:50:ba:b0:aa:f3:2b:ae:c1:a3:39:70:d3:89:62:
f3:4c:18:2b:36:61:73:e2:6a:f2:2e:47:c0:72:7a:
18:76:2a:e8:d1:3f:d6:c5:e9:4b:d5:bc:83:23:98:
99:65:20:f5:dd:a1:ec:55:72:b0:e4:a6:3c:a0:b3:
05:80:a5:11:17:1d:f8:21:ed:37:b3:dd:a1:e5:ae:
5c:98:1b:8c:da:05:a5:cc:7d:a4:06:a5:87:16:dc:
09:f3:f7:18:ea:41:b2:12:2b:46:1a:c3:a9:42:b6:
3d:b7:bf:98:7c:bf:64:44:5f:f2:34:ee:6b:84:57:
7f:20:33:ad:ab:42:21:1c:52:4f:2b:d8:53:84:a2:
37:1f:50:11:38:98:fe:45:be:a4:ab:a6:3f:3b:82:
c9:5f:e4:fe:ac:6e:1f:51:78:44:f5:38:e0:da:a1:
b7:34:a7:4a:8d:3a:fb:62:ac:20:f5:dd:4f:a1:19:
3c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:13:8D:B7:A4:3A:4F:A8:87:2D:7D:D1:72:28:DD:92:7E:9A:C1:98
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KBONt6Q6T6iHLX3Rcijdkn6awZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
65:a1:f7:69:6d:e9:f6:89:06:49:ab:85:96:e5:af:f0:81:df:
3e:49:6d:c2:2b:a2:48:ac:14:9e:dd:64:59:42:65:d4:db:e2:
c0:d6:a5:1f:99:d0:37:c2:aa:3f:cc:57:c4:20:9e:d6:ae:75:
98:fe:89:32:e3:a0:68:3c:6d:8b:a6:14:3f:a0:4f:e2:62:ff:
f0:18:63:27:69:d9:cb:72:cd:be:66:34:a3:aa:95:cb:d3:80:
e8:80:cb:ef:9a:34:eb:d0:b5:23:65:e1:a0:61:41:0f:3f:7c:
d1:8f:98:4c:3f:50:a6:28:66:27:9b:f1:cb:f3:17:70:ee:9b:
d6:85:c3:ad:64:52:1f:20:8a:d2:53:a7:b7:39:35:c8:32:fd:
23:1a:66:46:1b:b2:16:e4:fd:46:c3:db:8e:af:dd:22:a7:b7:
ae:e7:15:d5:d8:65:84:3c:d1:a1:a2:e1:25:f6:ee:24:54:4d:
74:29:e5:ea:e0:b6:6a:98:72:7e:b6:ec:1b:7e:c5:b7:9b:2f:
f7:96:c9:1d:5b:bc:77:be:40:e8:ae:bb:f9:ac:e9:88:46:23:
2d:f0:e4:db:39:b6:6f:0d:5e:16:84:c6:19:1a:fc:3c:7c:47:
19:c5:3a:a7:33:a3:db:bd:50:40:66:13:d8:62:c8:8c:59:45:
d3:f4:1a:97
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1cpHsgNdRlpSlJ21FsmZzmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTMwMjMxMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODEzOGRiN2E0M2E0ZmE4ODcyZDdkZDE3MjI4ZGQ5MjdlOWFjMTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZIHit2QhR7h8CThznTFcu2gxGM9
PwnbCDH1s4QLS4d9zDT+ZLhu0Rd39S91Zz4pTZ4bv5A9gVg5T4QBnQGVnmw3HQcW
iFZ7FqL8ULqwqvMrrsGjOXDTiWLzTBgrNmFz4mryLkfAcnoYdiro0T/WxelL1byD
I5iZZSD13aHsVXKw5KY8oLMFgKURFx34Ie03s92h5a5cmBuM2gWlzH2kBqWHFtwJ
8/cY6kGyEitGGsOpQrY9t7+YfL9kRF/yNO5rhFd/IDOtq0IhHFJPK9hThKI3H1AR
OJj+Rb6kq6Y/O4LJX+T+rG4fUXhE9Tjg2qG3NKdKjTr7Yqwg9d1PoRk8rwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCgTjbekOk+ohy190XIo3ZJ+msGYMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvS0JPTnQ2UTZUNmlITFgzUmNpamRrbjZhd1pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGWh92lt6faJBkmrhZbl
r/CB3z5JbcIrokisFJ7dZFlCZdTb4sDWpR+Z0DfCqj/MV8QgntaudZj+iTLjoGg8
bYumFD+gT+Ji//AYYydp2ctyzb5mNKOqlcvTgOiAy++aNOvQtSNl4aBhQQ8/fNGP
mEw/UKYoZieb8cvzF3Dum9aFw61kUh8gitJTp7c5Ncgy/SMaZkYbshbk/UbD246v
3SKnt67nFdXYZYQ80aGi4SX27iRUTXQp5ergtmqYcn627Bt+xbebL/eWyR1bvHe+
QOiuu/ms6YhGIy3w5Ns5tm8NXhaExhka/Dx8RxnFOqczo9u9UEBmE9hiyIxZRdP0
Gpc=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:21:42 2025 by rpki-client