Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/K5NFbCI-KXkoW8ulhHSZEAqW_Jc.roa
File: K5NFbCI-KXkoW8ulhHSZEAqW_Jc.roa (raw, json)
Hash identifier: DZArxxP5e3ATp9V6J2skU0H5fDL/UJoatA+z1J8Ue/Y=
Subject key identifier: 2B:93:45:6C:22:3E:29:79:28:5B:CB:A5:84:74:99:10:0A:96:FC:97
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C6954FBA54FE0212B0A6E41EEE18A0886
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/K5NFbCI-KXkoW8ulhHSZEAqW_Jc.roa
Signing time: Thu 14 Dec 2023 17:17:06 +0000
ROA not before: Thu 14 Dec 2023 17:17:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:69:54:fb:a5:4f:e0:21:2b:0a:6e:41:ee:e1:8a:08:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 14 17:17:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b93456c223e2979285bcba5847499100a96fc97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:1c:2b:63:6c:05:6b:a6:50:72:03:aa:1a:3c:
17:6e:73:88:fc:40:3b:1b:bb:f6:b9:95:54:8a:ae:
41:63:cf:3f:df:98:29:47:27:f8:e8:b8:64:e5:1a:
fe:e5:0d:ba:88:2a:25:e6:f2:c5:cf:0b:0a:17:fa:
48:a0:22:9a:81:01:04:4e:dd:b1:6a:ad:ca:fd:ec:
8e:72:79:c2:72:33:42:d2:f0:aa:34:34:2d:60:ea:
ed:9f:12:8a:6d:ff:73:04:d1:76:b1:e8:70:28:59:
06:11:88:b1:0a:b1:14:dd:7c:e5:74:f0:da:aa:3d:
96:f0:d6:71:27:8b:be:dd:e6:d7:bd:13:82:28:3a:
ef:56:b2:ac:e3:ed:3a:73:83:2f:ee:f8:c8:96:28:
a8:00:f4:6d:41:5f:c9:47:4e:c3:49:58:46:80:2d:
e4:03:8a:7e:8b:74:56:67:d8:43:d1:f9:68:f4:14:
3b:07:bd:9a:00:be:ae:87:d1:6d:74:eb:fa:48:01:
9e:23:e8:b1:85:2d:1d:a9:90:83:60:0f:6c:ad:be:
40:b3:a2:3f:09:13:cb:88:04:7c:be:ec:6d:a7:42:
50:fa:81:b1:db:40:00:d3:68:95:82:0d:83:37:e6:
67:bc:da:94:fd:d3:36:e9:df:50:f1:0e:f8:2d:44:
2d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:93:45:6C:22:3E:29:79:28:5B:CB:A5:84:74:99:10:0A:96:FC:97
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/K5NFbCI-KXkoW8ulhHSZEAqW_Jc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
67:f1:55:d7:36:eb:8c:13:cf:5c:07:6e:34:59:59:47:90:33:
e2:86:4c:95:7c:f9:55:fe:04:33:9f:74:c1:95:47:f4:d9:ce:
b3:12:76:c4:61:c2:8a:81:ba:f0:71:91:53:f9:14:cc:07:c2:
9d:ac:09:a9:44:e0:d1:fd:f8:ed:3e:cb:57:6e:b3:4b:d8:e6:
f5:b2:91:cb:23:a0:80:e9:2e:1e:29:ce:b0:af:79:9c:0e:0f:
90:ed:f8:12:95:6e:3a:51:df:01:8f:fd:56:43:1a:37:67:b9:
15:47:4a:fb:be:2a:20:04:df:63:c7:08:7c:bc:f0:eb:f8:07:
97:b7:ca:b3:8d:74:49:44:ab:ba:29:dc:59:da:db:78:39:cb:
ab:83:65:85:ff:18:53:40:e6:a4:26:b6:2c:d2:c9:11:dd:ca:
c0:df:d7:88:e2:e4:b6:07:4f:ea:c2:9c:cc:12:05:aa:9e:d4:
ed:61:c6:de:02:2e:9c:f0:f1:57:75:93:ef:5d:f5:78:41:c9:
62:b0:5c:b6:92:83:ae:62:57:40:b1:a6:89:b8:fe:0c:ca:bb:
24:1b:4e:2c:79:46:92:17:3a:4c:a1:28:9f:bb:1e:d8:a1:f3:
36:72:ce:5f:e1:bf:6c:68:31:8a:55:45:25:8c:e3:35:fb:84:
be:4a:fe:81
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxpVPulT+AhKwpuQe7higiGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE0MTcxNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjkzNDU2YzIyM2UyOTc5Mjg1YmNiYTU4NDc0OTkxMDBhOTZmYzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBwrY2wFa6ZQcgOqGjwXbnOI/EA7
G7v2uZVUiq5BY88/35gpRyf46Lhk5Rr+5Q26iCol5vLFzwsKF/pIoCKagQEETt2x
aq3K/eyOcnnCcjNC0vCqNDQtYOrtnxKKbf9zBNF2sehwKFkGEYixCrEU3XzldPDa
qj2W8NZxJ4u+3ebXvROCKDrvVrKs4+06c4Mv7vjIliioAPRtQV/JR07DSVhGgC3k
A4p+i3RWZ9hD0flo9BQ7B72aAL6uh9FtdOv6SAGeI+ixhS0dqZCDYA9srb5As6I/
CRPLiAR8vuxtp0JQ+oGx20AA02iVgg2DN+ZnvNqU/dM26d9Q8Q74LUQtEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCuTRWwiPil5KFvLpYR0mRAKlvyXMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSzVORmJDSS1LWGtvVzh1bGhIU1pFQXFXX0pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGfxVdc264wTz1wHbjRZ
WUeQM+KGTJV8+VX+BDOfdMGVR/TZzrMSdsRhwoqBuvBxkVP5FMwHwp2sCalE4NH9
+O0+y1dus0vY5vWykcsjoIDpLh4pzrCveZwOD5Dt+BKVbjpR3wGP/VZDGjdnuRVH
Svu+KiAE32PHCHy88Ov4B5e3yrONdElEq7op3Fna23g5y6uDZYX/GFNA5qQmtizS
yRHdysDf14ji5LYHT+rCnMwSBaqe1O1hxt4CLpzw8Vd1k+9d9XhByWKwXLaSg65i
V0Cxpom4/gzKuyQbTix5RpIXOkyhKJ+7Htih8zZyzl/hv2xoMYpVRSWM4zX7hL5K
/oE=
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:59:25 2025 by rpki-client