Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KJtw3WJQT8p5UX8ZhhuzsyXmJ2I.roa
File: KJtw3WJQT8p5UX8ZhhuzsyXmJ2I.roa (raw, json)
Hash identifier: aV8aHVU4bfsd7K1XeLq8NhYMxPs1BvKEStw9PrgjcWo=
Subject key identifier: 28:9B:70:DD:62:50:4F:CA:79:51:7F:19:86:1B:B3:B3:25:E6:27:62
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B3912A9CC47076E2A409B0CE0C1F10E47
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KJtw3WJQT8p5UX8ZhhuzsyXmJ2I.roa
Signing time: Mon 16 Oct 2023 15:20:06 +0000
ROA not before: Mon 16 Oct 2023 15:20:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:39:12:a9:cc:47:07:6e:2a:40:9b:0c:e0:c1:f1:0e:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 16 15:20:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=289b70dd62504fca79517f19861bb3b325e62762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:61:17:88:f5:07:4b:81:34:2d:84:f4:d2:a3:
c6:e7:9e:59:4f:b8:45:35:32:15:51:7c:b9:d0:99:
a5:61:4d:de:92:f2:f1:65:2a:39:9e:72:14:f6:b9:
30:91:96:37:7f:6c:f6:53:e6:d9:85:e3:4d:08:d2:
32:d3:f1:5a:52:bf:83:34:71:e3:97:a6:3c:6f:5e:
96:7d:f4:6b:1e:18:83:e9:56:64:56:a8:ca:42:ef:
69:17:a8:6b:97:72:45:63:b6:7f:ca:0e:83:2f:22:
47:08:b8:eb:00:70:77:45:10:64:b1:6a:23:33:e5:
d4:b3:7c:72:0b:f6:3f:18:f0:5b:39:88:64:41:42:
6e:73:ca:2f:a2:78:c5:5a:f5:60:10:47:88:5e:3b:
dd:32:b4:95:61:b9:4c:b9:58:d7:6f:4f:be:1b:17:
9f:fc:a8:95:2c:63:bf:d6:7d:66:dc:05:a0:0b:75:
36:11:f6:02:da:10:1e:42:d2:a9:5c:16:ca:0b:af:
d8:2b:68:89:e6:6e:ae:b2:f9:d4:12:b5:cc:88:74:
62:a2:d5:fa:10:ad:7a:c3:7c:35:cb:9f:36:a0:0c:
7b:6b:cf:58:89:f5:47:f6:92:d9:98:82:50:09:1d:
c6:0d:59:ee:ab:54:15:8d:cf:65:db:95:e5:75:d3:
0b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:9B:70:DD:62:50:4F:CA:79:51:7F:19:86:1B:B3:B3:25:E6:27:62
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KJtw3WJQT8p5UX8ZhhuzsyXmJ2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c5:2c:9b:52:a6:6a:ea:9c:f6:08:67:34:37:00:59:69:4a:b6:
d7:9e:28:c4:77:6b:62:8e:f6:2a:09:4c:35:e6:ea:2b:3a:9a:
d8:0d:af:ff:52:b0:59:eb:db:08:5c:d0:b0:d1:79:e6:42:14:
f8:f3:c9:16:45:77:fe:bd:3e:d1:e2:2c:fa:7f:64:ef:2e:be:
42:bb:30:96:d6:42:ff:23:e6:9d:16:6d:02:bc:45:3f:ed:c3:
ae:84:de:9c:17:d1:e5:cb:df:1e:67:6a:01:e9:ac:62:56:b1:
12:02:4f:c5:b6:70:28:10:fa:26:69:64:88:1b:c8:ae:03:8e:
0b:60:ff:95:8d:57:a2:67:58:28:16:d1:71:9c:d9:3c:c0:c7:
08:ac:e2:34:cf:88:49:b5:28:e7:4a:7f:be:27:04:32:c4:29:
63:8e:f3:40:13:da:6a:68:c9:b7:a9:de:2f:94:ed:f6:2a:e7:
1b:77:a2:52:05:ca:35:18:8c:c9:d8:bb:f3:70:3a:c2:19:8f:
f6:f8:a2:c3:11:8d:58:9b:b4:1b:70:f4:ac:24:cd:4b:cd:86:
23:34:5f:3b:80:84:f4:98:87:3c:bd:3a:70:e4:58:47:75:09:
1b:3e:27:c9:09:c7:99:4e:f3:5a:48:12:39:22:26:b1:04:b4:
ca:fb:87:fb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYs5EqnMRwduKkCbDODB8Q5HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE2MTUyMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODliNzBkZDYyNTA0ZmNhNzk1MTdmMTk4NjFiYjNiMzI1ZTYyNzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2EXiPUHS4E0LYT00qPG555ZT7hF
NTIVUXy50JmlYU3ekvLxZSo5nnIU9rkwkZY3f2z2U+bZheNNCNIy0/FaUr+DNHHj
l6Y8b16WffRrHhiD6VZkVqjKQu9pF6hrl3JFY7Z/yg6DLyJHCLjrAHB3RRBksWoj
M+XUs3xyC/Y/GPBbOYhkQUJuc8ovonjFWvVgEEeIXjvdMrSVYblMuVjXb0++Gxef
/KiVLGO/1n1m3AWgC3U2EfYC2hAeQtKpXBbKC6/YK2iJ5m6usvnUErXMiHRiotX6
EK16w3w1y582oAx7a89YifVH9pLZmIJQCR3GDVnuq1QVjc9l25XlddMLgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCibcN1iUE/KeVF/GYYbs7Ml5idiMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvS0p0dzNXSlFUOHA1VVg4WmhodXpzeVhtSjJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMUsm1Kmauqc9ghnNDcA
WWlKtteeKMR3a2KO9ioJTDXm6is6mtgNr/9SsFnr2whc0LDReeZCFPjzyRZFd/69
PtHiLPp/ZO8uvkK7MJbWQv8j5p0WbQK8RT/tw66E3pwX0eXL3x5nagHprGJWsRIC
T8W2cCgQ+iZpZIgbyK4Djgtg/5WNV6JnWCgW0XGc2TzAxwis4jTPiEm1KOdKf74n
BDLEKWOO80AT2mpoybep3i+U7fYq5xt3olIFyjUYjMnYu/NwOsIZj/b4osMRjVib
tBtw9KwkzUvNhiM0XzuAhPSYhzy9OnDkWEd1CRs+J8kJx5lO81pIEjkiJrEEtMr7
h/s=
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:12:16 2025 by rpki-client