Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kob-bfYc97aBSU9Dkpyla8hHpnQ.roa
File: kob-bfYc97aBSU9Dkpyla8hHpnQ.roa (raw, json)
Hash identifier: AebrdnCO+iTP8k1nGUi79y6MgnpIOogWF+PzWbNnQ2c=
Subject key identifier: 92:86:FE:6D:F6:1C:F7:B6:81:49:4F:43:92:9C:A5:6B:C8:47:A6:74
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D5E5CD943E0E2DA4E2E1ADF20C991C550
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kob-bfYc97aBSU9Dkpyla8hHpnQ.roa
Signing time: Wed 31 Jan 2024 07:12:39 +0000
ROA not before: Wed 31 Jan 2024 07:12:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5e:5c:d9:43:e0:e2:da:4e:2e:1a:df:20:c9:91:c5:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 31 07:12:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9286fe6df61cf7b681494f43929ca56bc847a674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e4:6f:fe:be:43:0a:3d:57:13:09:f0:8a:01:
92:41:71:73:6f:f0:69:7e:48:37:47:2f:e3:25:78:
8b:6f:76:8f:7f:8f:4d:f7:cf:08:26:5b:35:9c:01:
a4:4a:4d:ab:49:c5:5e:4a:db:6d:12:f1:77:aa:2c:
ed:7b:fa:65:93:87:17:6c:f7:9c:d2:31:d0:77:59:
71:61:be:fb:b0:dc:5b:cf:1b:d4:65:37:86:3a:a7:
0d:66:19:ee:75:18:12:15:f7:45:eb:d5:d1:9a:9c:
04:b8:33:de:49:64:d7:d6:58:ce:c2:a1:98:98:11:
0f:1c:a9:21:e3:e0:f5:21:3d:9a:7a:ec:d8:11:f7:
d5:9f:7f:e1:83:e6:d1:2d:2a:96:48:5f:9b:83:ed:
0d:21:22:f9:6d:61:1a:fb:d0:c6:ea:44:8d:4d:26:
a7:56:6e:6c:b2:8b:32:51:8f:1f:c6:73:be:40:ed:
5f:8f:f2:8d:df:9d:ae:db:bb:0d:df:7c:8d:62:59:
42:80:c0:24:aa:db:31:7b:5e:47:33:9d:c9:47:e8:
d8:ad:6d:e1:83:33:eb:46:d2:ef:fa:5a:c7:b3:68:
e7:ea:62:8b:09:e1:f2:bb:3d:65:23:55:b9:eb:1c:
95:0a:eb:cb:84:c2:ce:27:82:24:29:4c:a6:44:e9:
b3:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:86:FE:6D:F6:1C:F7:B6:81:49:4F:43:92:9C:A5:6B:C8:47:A6:74
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kob-bfYc97aBSU9Dkpyla8hHpnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
15:b3:c7:da:7c:da:c8:73:b9:5b:10:c2:ae:d7:b1:a8:fc:46:
31:6f:9f:65:ed:31:8c:f6:0a:80:4b:87:1b:4b:81:f5:90:5c:
f0:c8:a5:94:3d:c4:d8:d7:42:02:42:57:ae:77:92:67:af:fc:
72:b0:72:5c:b6:7a:9c:69:f6:32:d4:44:d8:4e:79:a2:73:bb:
fb:4b:99:0d:77:f8:95:22:0c:28:08:72:50:82:b1:ae:a7:19:
22:27:78:a4:10:e1:2a:56:ff:08:9a:fa:b6:c6:75:34:c2:5a:
05:7a:6c:5f:76:37:b7:17:b3:db:10:3c:3b:ff:ca:22:4b:05:
dc:88:10:40:fc:9d:9b:2b:30:94:38:a0:07:30:b1:86:51:bf:
d6:52:7e:b0:f8:dd:3b:fa:e0:cd:75:da:e6:47:71:02:23:74:
95:40:b1:da:b0:06:b9:a2:a1:5c:87:5b:5f:55:87:9d:98:dd:
70:78:4b:4b:2c:94:3c:e2:69:8f:f2:de:6b:89:95:da:52:7d:
78:46:a2:a9:e0:86:70:90:4d:cf:bd:15:0e:5c:ec:df:9c:c4:
a6:01:52:38:cc:6c:3a:90:5c:71:a4:50:be:d1:42:79:16:81:
6c:29:6a:5f:6f:41:cd:65:03:67:74:f7:67:bd:96:19:9f:3e:
98:72:d3:ef
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1eXNlD4OLaTi4a3yDJkcVQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTMxMDcxMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mjg2ZmU2ZGY2MWNmN2I2ODE0OTRmNDM5MjljYTU2YmM4NDdhNjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+Rv/r5DCj1XEwnwigGSQXFzb/Bp
fkg3Ry/jJXiLb3aPf49N988IJls1nAGkSk2rScVeStttEvF3qizte/plk4cXbPec
0jHQd1lxYb77sNxbzxvUZTeGOqcNZhnudRgSFfdF69XRmpwEuDPeSWTX1ljOwqGY
mBEPHKkh4+D1IT2aeuzYEffVn3/hg+bRLSqWSF+bg+0NISL5bWEa+9DG6kSNTSan
Vm5ssosyUY8fxnO+QO1fj/KN352u27sN33yNYllCgMAkqtsxe15HM53JR+jYrW3h
gzPrRtLv+lrHs2jn6mKLCeHyuz1lI1W56xyVCuvLhMLOJ4IkKUymROmzUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJKG/m32HPe2gUlPQ5KcpWvIR6Z0MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEva29iLWJmWWM5N2FCU1U5RGtweWxhOGhIcG5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABWzx9p82shzuVsQwq7X
saj8RjFvn2XtMYz2CoBLhxtLgfWQXPDIpZQ9xNjXQgJCV653kmev/HKwcly2epxp
9jLURNhOeaJzu/tLmQ13+JUiDCgIclCCsa6nGSIneKQQ4SpW/wia+rbGdTTCWgV6
bF92N7cXs9sQPDv/yiJLBdyIEED8nZsrMJQ4oAcwsYZRv9ZSfrD43Tv64M112uZH
cQIjdJVAsdqwBrmioVyHW19Vh52Y3XB4S0sslDziaY/y3muJldpSfXhGoqnghnCQ
Tc+9FQ5c7N+cxKYBUjjMbDqQXHGkUL7RQnkWgWwpal9vQc1lA2d092e9lhmfPphy
0+8=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:14:09 2025 by rpki-client