Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KAxW3YuYJ2GOA1m8XqkpJDkw658.roa
File: KAxW3YuYJ2GOA1m8XqkpJDkw658.roa (raw, json)
Hash identifier: zjM7nVlRYhRKtlaojnVCqBPdNtAGLjNMmlo/KCaPdIo=
Subject key identifier: 28:0C:56:DD:8B:98:27:61:8E:03:59:BC:5E:A9:29:24:39:30:EB:9F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B73D593892763FA47A7EF3771646BCBAB
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KAxW3YuYJ2GOA1m8XqkpJDkw658.roa
Signing time: Sat 28 Oct 2023 01:10:58 +0000
ROA not before: Sat 28 Oct 2023 01:10:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:73cf:9413/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:73:d5:93:89:27:63:fa:47:a7:ef:37:71:64:6b:cb:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 28 01:10:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=280c56dd8b9827618e0359bc5ea929243930eb9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:54:b6:a8:e2:51:49:e9:3b:c5:76:c1:2d:fb:
10:aa:cf:c2:21:5a:df:45:52:f4:00:82:2a:d3:f2:
c9:6a:e0:e7:c6:eb:8a:8b:73:eb:2e:de:ea:a4:13:
8d:12:e6:58:6a:c4:ff:2c:ab:3c:86:9f:ec:98:6e:
f0:a8:a2:31:81:67:b1:f4:10:54:ce:38:24:16:0a:
1c:77:33:85:a7:2f:9f:4f:c4:b3:8b:81:f1:9b:48:
56:35:c7:5d:f4:5e:cc:97:d6:7f:39:3a:2d:58:cf:
5a:67:b2:3f:64:e5:29:8c:e8:95:6d:16:29:a7:5e:
51:4e:bf:21:a7:96:b9:b8:b3:51:f0:de:3f:1b:13:
e9:83:72:52:15:21:b2:f8:d7:54:fe:5b:7b:54:1a:
fa:36:ff:1a:a4:c4:df:1d:b4:d4:2c:f8:a6:23:bb:
41:21:b7:ac:f1:66:32:3e:36:24:73:9c:ec:0d:66:
68:ff:dc:42:9d:67:4d:96:de:1b:19:40:0c:cf:31:
3e:21:5d:bd:a1:cf:c9:a5:8d:f3:50:4f:7d:22:15:
9d:ee:59:b0:55:ee:4a:2d:8b:7d:7b:c9:84:12:c5:
ee:43:aa:20:ed:e2:2f:8c:c7:1f:03:5b:bd:e8:22:
e6:e3:41:e7:51:f8:1d:55:af:6f:f3:26:76:d5:c1:
1d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:0C:56:DD:8B:98:27:61:8E:03:59:BC:5E:A9:29:24:39:30:EB:9F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KAxW3YuYJ2GOA1m8XqkpJDkw658.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:5c:4d:ba:34:c5:83:5a:79:bd:36:98:d5:12:a8:8d:ac:d6:
97:d4:86:dc:9b:c5:c5:06:a2:74:de:4c:b5:88:a1:3b:62:b6:
53:b4:2c:d3:4c:0c:26:9a:74:c3:47:9a:fc:af:0f:6e:d1:2e:
02:62:79:c8:09:20:af:ef:69:b6:96:51:10:79:60:ab:7a:d9:
58:76:18:d8:c1:0f:96:bf:1f:a2:46:a4:19:2d:26:11:bb:c9:
8d:86:43:7d:34:81:03:8f:57:88:a6:22:8f:70:2c:98:87:94:
c5:25:df:19:38:70:ec:89:48:2f:d0:2d:41:fb:08:93:21:97:
17:dd:d5:6c:5c:e6:79:cf:40:00:db:65:60:40:71:4b:52:b1:
ff:b5:d5:d9:f0:45:67:7a:4f:90:84:5b:49:2f:99:01:25:a8:
2a:67:f0:a8:ff:8a:e4:7b:15:76:b0:f9:00:2d:34:d3:13:4f:
dc:97:72:23:4f:d7:14:00:58:14:50:b6:45:52:4b:f6:ae:08:
ab:2c:e6:46:2c:34:eb:61:09:fc:d8:57:d2:66:ee:47:23:a9:
9a:3b:a9:d4:48:16:1f:0b:24:fb:6a:d8:77:1d:92:49:87:7a:
a9:82:3a:84:99:36:63:c3:d8:db:f7:28:c4:6b:5d:20:e4:04:
9a:8e:4c:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtz1ZOJJ2P6R6fvN3Fka8urMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI4MDExMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODBjNTZkZDhiOTgyNzYxOGUwMzU5YmM1ZWE5MjkyNDM5MzBlYjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlS2qOJRSek7xXbBLfsQqs/CIVrf
RVL0AIIq0/LJauDnxuuKi3PrLt7qpBONEuZYasT/LKs8hp/smG7wqKIxgWex9BBU
zjgkFgocdzOFpy+fT8Szi4Hxm0hWNcdd9F7Ml9Z/OTotWM9aZ7I/ZOUpjOiVbRYp
p15RTr8hp5a5uLNR8N4/GxPpg3JSFSGy+NdU/lt7VBr6Nv8apMTfHbTULPimI7tB
Ibes8WYyPjYkc5zsDWZo/9xCnWdNlt4bGUAMzzE+IV29oc/JpY3zUE99IhWd7lmw
Ve5KLYt9e8mEEsXuQ6og7eIvjMcfA1u96CLm40HnUfgdVa9v8yZ21cEdqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCgMVt2LmCdhjgNZvF6pKSQ5MOufMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvS0F4VzNZdVlKMkdPQTFtOFhxa3BKRGt3NjU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB5cTbo0xYNaeb02mNUS
qI2s1pfUhtybxcUGonTeTLWIoTtitlO0LNNMDCaadMNHmvyvD27RLgJiecgJIK/v
abaWURB5YKt62Vh2GNjBD5a/H6JGpBktJhG7yY2GQ300gQOPV4imIo9wLJiHlMUl
3xk4cOyJSC/QLUH7CJMhlxfd1Wxc5nnPQADbZWBAcUtSsf+11dnwRWd6T5CEW0kv
mQElqCpn8Kj/iuR7FXaw+QAtNNMTT9yXciNP1xQAWBRQtkVSS/auCKss5kYsNOth
CfzYV9Jm7kcjqZo7qdRIFh8LJPtq2HcdkkmHeqmCOoSZNmPD2Nv3KMRrXSDkBJqO
TJQ=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:57:54 2025 by rpki-client