Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KIvaosk3GCSREN_qTSeIhzY7htc.roa
File: KIvaosk3GCSREN_qTSeIhzY7htc.roa (raw, json)
Hash identifier: EXDv4uMYsLpYTySuwjJuw91U41s9Lu8lq/FR86PJNow=
Subject key identifier: 28:8B:DA:A2:C9:37:18:24:91:10:DF:EA:4D:27:88:87:36:3B:86:D7
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C97077802146D03FE32A7762A1D440BD9
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KIvaosk3GCSREN_qTSeIhzY7htc.roa
Signing time: Sat 23 Dec 2023 14:14:58 +0000
ROA not before: Sat 23 Dec 2023 14:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:97:07:78:02:14:6d:03:fe:32:a7:76:2a:1d:44:0b:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 23 14:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=288bdaa2c93718249110dfea4d278887363b86d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:02:6b:e1:a0:73:cf:d6:27:c9:01:1a:50:5a:
00:80:6b:b0:a7:cc:4b:f9:bc:d3:8e:66:13:2e:ca:
34:d4:8e:0a:dc:85:21:51:81:ed:05:c4:07:d5:81:
db:64:7b:4e:62:5b:42:63:ca:9f:5d:fb:a6:93:5a:
b2:60:4c:13:91:a1:2f:c5:99:95:36:a1:c7:1b:95:
d7:32:a9:14:f2:30:ae:e0:69:8e:60:37:b4:29:af:
a1:6a:5b:45:a8:c9:6e:c3:de:2c:fa:c2:f4:76:8d:
a2:71:ac:ff:03:93:1a:67:17:c1:e6:cd:54:86:d3:
1f:da:d7:37:28:c8:fb:c6:33:c7:b6:1c:4b:70:79:
ab:2a:e5:fb:2f:84:0e:71:08:9b:0d:76:0f:49:41:
a0:87:0e:fd:b6:ef:6e:57:1f:c2:c9:ee:5b:d5:de:
d4:4b:ad:8a:35:41:92:69:03:87:23:20:36:98:85:
6c:ce:29:d0:59:05:25:7d:86:ae:4a:e8:86:d3:46:
02:1c:0b:8d:fa:00:6c:36:9e:34:f8:ac:80:57:01:
a6:23:42:75:7d:3b:23:48:1f:76:42:a8:5a:45:af:
8d:5f:c0:d8:c8:b3:5a:56:5d:92:52:df:27:af:10:
82:41:77:af:76:8e:36:11:a0:51:fe:76:b9:d2:c8:
c4:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:8B:DA:A2:C9:37:18:24:91:10:DF:EA:4D:27:88:87:36:3B:86:D7
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KIvaosk3GCSREN_qTSeIhzY7htc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2d:a6:a3:ec:29:6e:9a:4d:eb:81:eb:30:0a:51:5f:8c:29:29:
d7:66:d1:0a:a6:fd:39:7c:ca:f5:78:e7:62:70:ed:28:24:53:
ed:17:c1:0c:de:36:a6:b5:13:3a:c0:f4:52:99:d1:99:b0:65:
78:62:38:32:c1:37:c5:94:7d:30:41:77:09:ba:cb:09:68:2c:
27:09:d6:32:8f:71:1d:d0:a9:29:62:9b:0e:f3:71:0c:14:c2:
67:37:4c:ce:aa:a3:81:6b:c7:2f:c3:40:f8:7e:ed:34:cf:55:
18:da:f8:0a:31:fc:a7:3f:9e:82:2f:a0:3f:31:f0:7a:73:e3:
bb:b8:b9:4d:b9:1c:1c:1c:f7:1b:ad:7f:ae:aa:df:3a:4a:62:
57:9c:bb:f6:6e:09:34:91:8b:d5:ac:fa:66:8e:30:82:62:ba:
c3:89:99:37:3e:1f:1f:29:d4:07:03:28:de:f0:aa:38:16:ed:
d3:1d:66:58:30:68:52:ad:99:23:61:8b:92:5b:db:98:29:e1:
0f:e1:cc:4e:c2:63:8e:8b:62:c7:f5:ce:59:a3:73:05:e9:c0:
2d:9a:5c:85:96:f8:b5:0d:03:8b:81:d4:81:3d:e7:8a:e8:9d:
62:00:b3:7d:f8:1c:1e:fb:b9:6e:81:94:a3:0b:57:35:cf:ae:
b9:e5:72:da
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyXB3gCFG0D/jKndiodRAvZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIzMTQxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODhiZGFhMmM5MzcxODI0OTExMGRmZWE0ZDI3ODg4NzM2M2I4NmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwJr4aBzz9YnyQEaUFoAgGuwp8xL
+bzTjmYTLso01I4K3IUhUYHtBcQH1YHbZHtOYltCY8qfXfumk1qyYEwTkaEvxZmV
NqHHG5XXMqkU8jCu4GmOYDe0Ka+haltFqMluw94s+sL0do2icaz/A5MaZxfB5s1U
htMf2tc3KMj7xjPHthxLcHmrKuX7L4QOcQibDXYPSUGghw79tu9uVx/Cye5b1d7U
S62KNUGSaQOHIyA2mIVszinQWQUlfYauSuiG00YCHAuN+gBsNp40+KyAVwGmI0J1
fTsjSB92QqhaRa+NX8DYyLNaVl2SUt8nrxCCQXevdo42EaBR/na50sjE5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCiL2qLJNxgkkRDf6k0niIc2O4bXMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvS0l2YW9zazNHQ1NSRU5fcVRTZUloelk3aHRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC2mo+wpbppN64HrMApR
X4wpKddm0Qqm/Tl8yvV452Jw7SgkU+0XwQzeNqa1EzrA9FKZ0ZmwZXhiODLBN8WU
fTBBdwm6ywloLCcJ1jKPcR3QqSlimw7zcQwUwmc3TM6qo4Frxy/DQPh+7TTPVRja
+Aox/Kc/noIvoD8x8Hpz47u4uU25HBwc9xutf66q3zpKYlecu/ZuCTSRi9Ws+maO
MIJiusOJmTc+Hx8p1AcDKN7wqjgW7dMdZlgwaFKtmSNhi5Jb25gp4Q/hzE7CY46L
Ysf1zlmjcwXpwC2aXIWW+LUNA4uB1IE954ronWIAs334HB77uW6BlKMLVzXPrrnl
cto=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:03 2025 by rpki-client