Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KDSyqdCbHdbO4LjvYAFgAPQRqto.roa
File: KDSyqdCbHdbO4LjvYAFgAPQRqto.roa (raw, json)
Hash identifier: MrKHPR0KlpxuqPHwgmb41u55AhpgY5YkVZbQ0WvmIV0=
Subject key identifier: 28:34:B2:A9:D0:9B:1D:D6:CE:E0:B8:EF:60:01:60:00:F4:11:AA:DA
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B88E1B81B4BC2895B49D607B1B36D1A20
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KDSyqdCbHdbO4LjvYAFgAPQRqto.roa
Signing time: Wed 01 Nov 2023 03:16:15 +0000
ROA not before: Wed 01 Nov 2023 03:16:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:88:e1:b8:1b:4b:c2:89:5b:49:d6:07:b1:b3:6d:1a:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 1 03:16:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2834b2a9d09b1dd6cee0b8ef60016000f411aada
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f7:a2:7f:cc:8e:c9:1a:b8:05:96:3d:88:ff:
68:1a:7e:e1:9c:a5:23:9f:2e:f5:c4:78:a8:c7:fe:
a2:93:81:2c:84:7c:c7:f6:ea:4f:d3:bf:1d:a0:98:
5d:ca:ac:a0:33:68:d6:2d:b5:9d:d7:c9:3e:dc:1e:
72:76:e5:b7:a8:90:6d:f9:f9:e3:06:7b:9e:b5:a1:
fa:2c:eb:ca:ef:21:e0:9b:c2:f5:33:28:57:40:c4:
bb:b3:b9:b9:0b:7b:58:ec:8a:b2:24:c7:5c:36:c4:
0c:63:72:e1:7d:12:7f:e3:a9:e2:a6:f2:fa:4d:3f:
5c:30:a4:d6:6a:d3:ac:8b:19:f3:da:82:6b:b2:9b:
6b:6b:cb:b6:43:58:9f:71:2e:d7:08:15:6d:c4:c8:
53:f2:2b:b9:c4:e6:fd:54:6e:e7:77:bf:40:31:3f:
44:eb:9b:44:f9:24:73:71:1a:65:eb:be:c1:a6:9b:
b4:12:07:3d:2b:39:39:1d:78:d9:43:8a:50:b3:a9:
f2:89:f2:02:b4:c2:65:2f:21:2d:1d:26:aa:86:1b:
ad:0c:2d:5e:0a:5c:8b:b0:15:6d:9a:d2:cc:90:91:
f5:21:d1:c3:7a:1e:6e:c9:a4:76:f3:47:71:d9:ea:
d9:09:21:f1:58:ba:22:61:16:19:6d:88:bc:2e:f7:
91:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:34:B2:A9:D0:9B:1D:D6:CE:E0:B8:EF:60:01:60:00:F4:11:AA:DA
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KDSyqdCbHdbO4LjvYAFgAPQRqto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2f:31:c3:02:f6:14:71:0a:69:34:e5:22:d7:65:e2:98:9e:43:
03:9f:f4:1a:4d:ac:ac:69:2b:85:3c:24:8f:ea:af:ba:2e:85:
28:70:04:c8:1e:b3:a7:c3:fe:06:47:b3:e6:2e:98:21:5f:ec:
9b:1e:08:98:9e:a3:18:c7:5b:6f:e1:f5:d7:26:87:a9:b0:bc:
44:98:ce:78:87:3a:12:50:27:d3:25:4e:f7:53:7a:22:56:3d:
e4:72:91:af:b1:cd:1f:f1:e3:c4:a0:7f:57:81:19:e2:aa:fc:
22:f0:a2:d8:5d:7d:87:79:3a:45:df:f6:03:98:50:88:a3:f5:
83:72:99:e5:68:d9:84:49:18:98:7b:83:4a:21:62:95:d7:7f:
70:f3:1b:ee:4a:dc:b3:a8:b8:9c:8c:6c:0e:c0:6a:3b:bb:4b:
66:69:9b:21:4d:1e:83:30:d7:ae:f8:09:19:5d:9c:f4:a3:11:
a4:b6:bc:16:6b:88:c5:6a:21:95:dd:21:29:ac:ae:c0:09:33:
d6:d2:d8:2b:b2:e8:2f:59:5a:4b:6c:7e:06:f9:d5:75:03:95:
0b:f2:c3:d5:f6:c1:5e:86:30:4d:34:07:e1:50:78:a5:07:25:
56:60:26:c2:91:03:4a:0f:66:dd:56:51:38:49:58:29:c2:92:
94:54:77:e2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuI4bgbS8KJW0nWB7GzbRogMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAxMDMxNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODM0YjJhOWQwOWIxZGQ2Y2VlMGI4ZWY2MDAxNjAwMGY0MTFhYWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/eif8yOyRq4BZY9iP9oGn7hnKUj
ny71xHiox/6ik4EshHzH9upP078doJhdyqygM2jWLbWd18k+3B5yduW3qJBt+fnj
BnuetaH6LOvK7yHgm8L1MyhXQMS7s7m5C3tY7IqyJMdcNsQMY3LhfRJ/46nipvL6
TT9cMKTWatOsixnz2oJrsptra8u2Q1ifcS7XCBVtxMhT8iu5xOb9VG7nd79AMT9E
65tE+SRzcRpl677Bppu0Egc9Kzk5HXjZQ4pQs6nyifICtMJlLyEtHSaqhhutDC1e
ClyLsBVtmtLMkJH1IdHDeh5uyaR280dx2erZCSHxWLoiYRYZbYi8LveRpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCg0sqnQmx3WzuC472ABYAD0EaraMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvS0RTeXFkQ2JIZGJPNExqdllBRmdBUFFScXRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC8xwwL2FHEKaTTlItdl
4pieQwOf9BpNrKxpK4U8JI/qr7ouhShwBMges6fD/gZHs+YumCFf7JseCJieoxjH
W2/h9dcmh6mwvESYzniHOhJQJ9MlTvdTeiJWPeRyka+xzR/x48Sgf1eBGeKq/CLw
othdfYd5OkXf9gOYUIij9YNymeVo2YRJGJh7g0ohYpXXf3DzG+5K3LOouJyMbA7A
aju7S2ZpmyFNHoMw1674CRldnPSjEaS2vBZriMVqIZXdISmsrsAJM9bS2Cuy6C9Z
Wktsfgb51XUDlQvyw9X2wV6GME00B+FQeKUHJVZgJsKRA0oPZt1WUThJWCnCkpRU
d+I=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:14:38 2025 by rpki-client