Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kWeSS05OR-0nLokv9khIJwpnClM.roa
File: kWeSS05OR-0nLokv9khIJwpnClM.roa (raw, json)
Hash identifier: HXPOb+KXNu9jwY8geL27wOY9RQC53vfORw2nMdfYHfU=
Subject key identifier: 91:67:92:4B:4E:4E:47:ED:27:2E:89:2F:F6:48:48:27:0A:67:0A:53
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C91733F0E3C54A6B8241F7509960CD03B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kWeSS05OR-0nLokv9khIJwpnClM.roa
Signing time: Fri 22 Dec 2023 12:14:58 +0000
ROA not before: Fri 22 Dec 2023 12:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:91:73:3f:0e:3c:54:a6:b8:24:1f:75:09:96:0c:d0:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 22 12:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9167924b4e4e47ed272e892ff64848270a670a53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:80:6b:7b:e1:93:1e:88:7d:98:99:9f:56:1a:
31:77:b2:84:99:f0:82:48:1c:70:db:77:47:0d:97:
05:b6:e0:30:6e:ae:80:bf:53:eb:b2:d0:fe:2f:ed:
f7:e9:a5:13:2e:91:fd:52:73:ad:d3:1f:e4:fb:0b:
ef:43:35:cc:2f:d9:34:74:65:a1:f2:d9:b5:8f:cd:
a7:1c:34:e7:d0:be:41:ac:64:c1:df:52:8d:3c:92:
39:d3:6f:47:ff:d6:b2:78:78:70:31:0c:02:91:5e:
8d:d5:5c:c2:36:bc:1e:82:e0:ea:c4:01:fc:66:13:
ab:91:fb:08:b8:c3:8c:ec:c6:99:02:a4:b1:07:91:
58:bb:61:3c:60:f1:f2:80:74:4f:94:10:0b:6c:d5:
dd:21:de:9a:10:94:48:ed:b9:bd:8c:33:07:cd:0c:
50:ef:8e:59:76:52:8f:d2:5a:38:10:c7:80:1c:f8:
a7:13:80:79:07:53:16:51:bd:d9:ee:e0:ce:4b:46:
10:67:51:5b:1e:e7:0d:75:6e:b6:64:ad:68:19:14:
bb:08:41:9c:05:f7:38:d3:b1:9f:ca:1a:fe:f4:76:
e3:46:45:50:8e:da:11:51:52:c3:84:3a:96:01:6e:
70:6c:55:3d:5c:4b:b3:c1:08:66:33:bd:fb:ec:a7:
f3:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:67:92:4B:4E:4E:47:ED:27:2E:89:2F:F6:48:48:27:0A:67:0A:53
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kWeSS05OR-0nLokv9khIJwpnClM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:cc:75:b4:f0:ba:77:9d:93:69:04:b9:36:5b:7c:b2:33:09:
72:1f:49:e2:6f:7f:0d:f3:52:48:d9:d0:1f:4d:fc:98:e0:7b:
ac:4d:1c:fd:d9:e6:d6:4d:45:4a:65:00:7a:cc:4f:e6:e3:a1:
e9:27:d2:b1:86:4d:27:5b:5c:71:49:ad:68:4f:13:47:76:f5:
73:22:b4:f9:90:d9:b5:94:39:2e:c5:ab:5c:3c:5c:fb:59:f7:
d0:7a:e3:47:0f:3b:be:10:e8:08:21:73:50:30:13:17:06:dc:
0b:f5:d9:95:ad:c7:75:e2:ce:b2:27:6c:2a:08:cd:0f:33:17:
0e:f5:97:8b:83:c4:81:a9:2e:e1:d7:14:57:32:9b:99:eb:b1:
70:03:ce:76:31:c6:24:24:25:dc:95:ae:1f:1d:9c:a3:48:b9:
be:64:a7:81:56:98:7c:58:5c:e9:6a:dc:e5:db:07:dc:6f:6e:
1f:ed:45:09:d1:12:5d:8a:bd:54:17:6f:2e:10:f3:26:67:3d:
c2:6e:13:0a:86:77:48:00:49:82:42:7c:a8:0d:47:3d:89:b9:
d9:ca:3c:96:02:aa:e5:f5:dc:1e:dc:9e:a6:87:37:55:9d:18:
ea:3f:9c:42:64:59:66:8b:96:5f:10:6a:d0:35:bb:bd:ad:1a:
48:97:44:36
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyRcz8OPFSmuCQfdQmWDNA7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIyMTIxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTY3OTI0YjRlNGU0N2VkMjcyZTg5MmZmNjQ4NDgyNzBhNjcwYTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIBre+GTHoh9mJmfVhoxd7KEmfCC
SBxw23dHDZcFtuAwbq6Av1PrstD+L+336aUTLpH9UnOt0x/k+wvvQzXML9k0dGWh
8tm1j82nHDTn0L5BrGTB31KNPJI5029H/9ayeHhwMQwCkV6N1VzCNrweguDqxAH8
ZhOrkfsIuMOM7MaZAqSxB5FYu2E8YPHygHRPlBALbNXdId6aEJRI7bm9jDMHzQxQ
745ZdlKP0lo4EMeAHPinE4B5B1MWUb3Z7uDOS0YQZ1FbHucNdW62ZK1oGRS7CEGc
Bfc407Gfyhr+9HbjRkVQjtoRUVLDhDqWAW5wbFU9XEuzwQhmM7377KfzPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJFnkktOTkftJy6JL/ZISCcKZwpTMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEva1dlU1MwNU9SLTBuTG9rdjlraElKd3BuQ2xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA7MdbTwunedk2kEuTZb
fLIzCXIfSeJvfw3zUkjZ0B9N/Jjge6xNHP3Z5tZNRUplAHrMT+bjoekn0rGGTSdb
XHFJrWhPE0d29XMitPmQ2bWUOS7Fq1w8XPtZ99B640cPO74Q6Aghc1AwExcG3Av1
2ZWtx3XizrInbCoIzQ8zFw71l4uDxIGpLuHXFFcym5nrsXADznYxxiQkJdyVrh8d
nKNIub5kp4FWmHxYXOlq3OXbB9xvbh/tRQnREl2KvVQXby4Q8yZnPcJuEwqGd0gA
SYJCfKgNRz2JudnKPJYCquX13B7cnqaHN1WdGOo/nEJkWWaLll8QatA1u72tGkiX
RDY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org