Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/FkPayDt_KiaNWUTCwr2xOD3ZvhU.roa
File: FkPayDt_KiaNWUTCwr2xOD3ZvhU.roa (raw, json)
Hash identifier: KujUijf+po5ew5KGLXySQt2ODevHkBMLfWDMua/EahA=
Subject key identifier: 16:43:DA:C8:3B:7F:2A:26:8D:59:44:C2:C2:BD:B1:38:3D:D9:BE:15
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AAF120C24C1E523CCDEB43BCC2DD12E86
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/FkPayDt_KiaNWUTCwr2xOD3ZvhU.roa
Signing time: Tue 19 Sep 2023 20:11:50 +0000
ROA not before: Tue 19 Sep 2023 20:11:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:af:12:0c:24:c1:e5:23:cc:de:b4:3b:cc:2d:d1:2e:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 19 20:11:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1643dac83b7f2a268d5944c2c2bdb1383dd9be15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:06:3c:22:c4:0e:10:58:60:50:b3:1d:0e:f3:
9f:42:e9:69:5d:e4:7f:48:4a:0f:ab:30:53:63:1e:
18:0e:2b:95:c6:9c:07:11:53:07:3c:d6:f3:b8:8b:
aa:03:0c:f9:14:15:dc:52:dd:79:84:db:42:74:89:
dd:6b:f2:c4:4c:45:93:79:e1:8f:2a:33:81:b6:7a:
11:16:58:59:66:49:d7:cc:2a:45:b1:b4:0d:88:ab:
a2:51:eb:06:92:0f:0c:03:4e:13:63:a9:e1:37:2b:
45:d8:6c:b6:b8:79:2c:3a:b4:cb:d3:f5:12:60:10:
eb:7e:1b:da:1f:42:a0:68:84:0c:b5:5e:ec:d3:5b:
58:18:d3:38:d9:92:b6:d9:e4:f0:00:6b:65:df:a8:
18:66:d1:29:bd:06:13:12:2b:c9:4f:d8:59:3b:47:
85:77:f8:3a:bb:d6:c1:9a:22:4b:c7:b8:3e:80:75:
85:02:4b:f3:47:b7:7f:36:7b:da:58:85:f8:34:aa:
c5:5e:4e:f8:f9:db:0d:4e:d3:d2:a5:7b:4e:8f:7d:
0f:3b:e8:5b:54:fe:b8:16:d5:fe:d2:83:37:9d:75:
91:92:5b:1f:11:5e:c1:f5:ab:07:05:f4:57:fa:d1:
d6:34:79:32:0c:68:31:a9:fd:92:d0:d2:1b:5c:c6:
72:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:43:DA:C8:3B:7F:2A:26:8D:59:44:C2:C2:BD:B1:38:3D:D9:BE:15
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/FkPayDt_KiaNWUTCwr2xOD3ZvhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
68:bf:a5:ca:41:c7:62:0b:75:84:a4:58:60:b9:00:20:61:74:
89:67:98:db:54:be:f4:b9:3f:86:8e:df:54:d5:f6:17:4b:ba:
07:90:3e:ff:6e:97:64:ce:9c:35:6c:a1:5b:38:3f:be:bb:9c:
16:66:c1:24:58:d0:e5:68:51:1d:a7:89:0f:0a:8e:e9:69:29:
5c:aa:83:12:0a:ef:98:39:4c:40:23:ef:21:7c:44:5e:c4:2f:
1e:00:0c:6c:3f:9e:35:ee:18:73:eb:61:ff:33:75:bb:5b:1f:
72:5d:ac:9f:f0:75:48:10:3c:66:73:b4:87:0a:56:7e:35:bf:
a0:7f:e6:41:56:12:bc:29:7a:79:a8:32:9d:9b:c7:55:2a:0b:
33:2a:c5:61:d5:c5:16:62:5f:32:cc:24:83:df:db:b6:a1:90:
19:8f:cd:2b:0f:5f:d9:fe:7a:b2:80:c1:f8:79:ad:ee:37:70:
8e:38:22:0d:f6:d4:c5:12:68:91:85:9c:e4:c6:a0:f8:e4:f1:
91:b6:0b:f7:77:29:6e:1e:5d:05:b7:a3:27:3a:da:0b:78:b3:
d4:f1:49:eb:df:8c:80:57:10:f9:b6:da:24:12:6f:2c:bf:76:
ab:bc:47:7b:3b:4f:5e:77:ec:37:5a:ba:31:3d:91:38:3e:da:
d5:83:04:35
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqvEgwkweUjzN60O8wt0S6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTE5MjAxMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjQzZGFjODNiN2YyYTI2OGQ1OTQ0YzJjMmJkYjEzODNkZDliZTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwY8IsQOEFhgULMdDvOfQulpXeR/
SEoPqzBTYx4YDiuVxpwHEVMHPNbzuIuqAwz5FBXcUt15hNtCdInda/LETEWTeeGP
KjOBtnoRFlhZZknXzCpFsbQNiKuiUesGkg8MA04TY6nhNytF2Gy2uHksOrTL0/US
YBDrfhvaH0KgaIQMtV7s01tYGNM42ZK22eTwAGtl36gYZtEpvQYTEivJT9hZO0eF
d/g6u9bBmiJLx7g+gHWFAkvzR7d/NnvaWIX4NKrFXk74+dsNTtPSpXtOj30PO+hb
VP64FtX+0oM3nXWRklsfEV7B9asHBfRX+tHWNHkyDGgxqf2S0NIbXMZyhwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBZD2sg7fyomjVlEwsK9sTg92b4VMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRmtQYXlEdF9LaWFOV1VUQ3dyMnhPRDNadmhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGi/pcpBx2ILdYSkWGC5
ACBhdIlnmNtUvvS5P4aO31TV9hdLugeQPv9ul2TOnDVsoVs4P767nBZmwSRY0OVo
UR2niQ8KjulpKVyqgxIK75g5TEAj7yF8RF7ELx4ADGw/njXuGHPrYf8zdbtbH3Jd
rJ/wdUgQPGZztIcKVn41v6B/5kFWErwpenmoMp2bx1UqCzMqxWHVxRZiXzLMJIPf
27ahkBmPzSsPX9n+erKAwfh5re43cI44Ig321MUSaJGFnOTGoPjk8ZG2C/d3KW4e
XQW3oyc62gt4s9TxSevfjIBXEPm22iQSbyy/dqu8R3s7T1537DdaujE9kTg+2tWD
BDU=
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:49:12 2025 by rpki-client