Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KM8c_Xfa0Wxu8bB-qFrC1zc6coE.roa
File: KM8c_Xfa0Wxu8bB-qFrC1zc6coE.roa (raw, json)
Hash identifier: ClmMi2GuQb/JDYGCCrfXpZzZTinJSfuWlVzDDmv/bl8=
Subject key identifier: 28:CF:1C:FD:77:DA:D1:6C:6E:F1:B0:7E:A8:5A:C2:D7:37:3A:72:81
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C0E5774A38480F468133E2BD8017E65BE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KM8c_Xfa0Wxu8bB-qFrC1zc6coE.roa
Signing time: Mon 27 Nov 2023 01:14:21 +0000
ROA not before: Mon 27 Nov 2023 01:14:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0e:57:74:a3:84:80:f4:68:13:3e:2b:d8:01:7e:65:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 27 01:14:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28cf1cfd77dad16c6ef1b07ea85ac2d7373a7281
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9f:e1:65:75:ff:06:68:11:c8:ab:ca:ee:8a:
5e:63:05:17:85:06:21:f9:96:f4:1b:46:8f:e6:9e:
d2:e2:df:61:85:bd:8e:3b:77:3e:c0:a1:14:ae:61:
a4:fb:57:50:19:30:27:dc:54:74:67:90:c8:ba:d1:
4c:0c:24:88:f0:9f:71:aa:fa:8b:33:11:68:7a:8d:
2e:26:db:04:89:0e:6e:ec:6d:7b:2e:83:82:96:1e:
65:36:41:ad:9f:e0:4f:1f:22:f7:f9:d2:d4:c3:88:
2e:2e:a7:7a:2f:42:5f:2b:36:7b:41:d1:a9:93:b5:
ff:fa:ec:73:14:a6:a3:87:0f:47:b2:d0:c3:e2:94:
6a:b2:4a:17:f1:02:21:03:4a:18:e3:58:c5:86:fe:
a2:b6:c0:f5:67:66:eb:5b:79:92:44:83:34:f3:c9:
5e:6a:49:16:a8:38:2f:34:b1:fd:31:ba:33:70:33:
7a:40:25:e3:4a:07:25:45:44:82:ed:9a:9b:b9:01:
33:a3:d1:ce:0d:5c:11:06:d3:b3:14:3c:d3:d4:df:
42:eb:a5:5e:ca:0c:59:a8:48:75:03:9e:61:25:f4:
72:a2:62:98:66:fa:04:65:a7:79:09:e8:14:65:0e:
d2:84:8a:23:d9:32:66:c7:11:9d:26:70:2f:a9:a0:
eb:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:CF:1C:FD:77:DA:D1:6C:6E:F1:B0:7E:A8:5A:C2:D7:37:3A:72:81
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KM8c_Xfa0Wxu8bB-qFrC1zc6coE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9d:e4:03:d3:04:10:26:8c:a9:3e:dd:0e:e6:4f:17:55:2b:ad:
f4:42:42:5a:c9:62:49:37:1b:6c:42:b4:6c:9b:5d:f1:34:c7:
99:fe:ee:e2:0b:a6:0d:51:2e:6b:6b:a7:ce:d1:b3:d0:5b:8e:
d1:6a:3c:12:99:04:5a:c8:e4:73:59:92:fc:3a:ef:a7:cb:4d:
8e:c0:a7:62:07:9c:c8:2b:28:ae:73:99:b2:86:d5:2c:31:50:
40:a8:cf:2f:0b:8d:58:d4:25:d1:1e:e7:71:5c:e5:53:03:e7:
5c:0a:1c:87:fd:88:d3:1d:31:f6:b1:00:66:23:43:a3:d4:f7:
61:84:f2:45:f2:5d:47:ae:5e:29:5b:94:69:bb:eb:4f:50:1c:
20:64:56:32:f2:be:b0:c0:c7:95:d9:55:dd:1d:f4:f5:a0:44:
97:43:af:35:27:be:e3:13:47:54:87:2c:d2:01:6e:50:c5:8f:
66:bb:83:7b:52:59:0c:7f:e7:06:c1:97:30:db:1e:fc:6e:9e:
64:d8:43:af:59:e2:71:ce:e7:97:a6:fe:0d:01:9b:cb:3d:76:
43:ec:28:71:f5:bd:48:4a:84:c5:96:4a:f4:08:da:6f:b4:83:
67:72:43:1f:bb:98:84:16:7c:11:02:37:8c:3d:33:0a:c3:c0:
80:64:b9:67
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwOV3SjhID0aBM+K9gBfmW+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI3MDExNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGNmMWNmZDc3ZGFkMTZjNmVmMWIwN2VhODVhYzJkNzM3M2E3MjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApp/hZXX/BmgRyKvK7opeYwUXhQYh
+Zb0G0aP5p7S4t9hhb2OO3c+wKEUrmGk+1dQGTAn3FR0Z5DIutFMDCSI8J9xqvqL
MxFoeo0uJtsEiQ5u7G17LoOClh5lNkGtn+BPHyL3+dLUw4guLqd6L0JfKzZ7QdGp
k7X/+uxzFKajhw9HstDD4pRqskoX8QIhA0oY41jFhv6itsD1Z2brW3mSRIM088le
akkWqDgvNLH9MbozcDN6QCXjSgclRUSC7ZqbuQEzo9HODVwRBtOzFDzT1N9C66Ve
ygxZqEh1A55hJfRyomKYZvoEZad5CegUZQ7ShIoj2TJmxxGdJnAvqaDr1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCjPHP132tFsbvGwfqhawtc3OnKBMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvS004Y19YZmEwV3h1OGJCLXFGckMxemM2Y29FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ3kA9MEECaMqT7dDuZP
F1UrrfRCQlrJYkk3G2xCtGybXfE0x5n+7uILpg1RLmtrp87Rs9BbjtFqPBKZBFrI
5HNZkvw676fLTY7Ap2IHnMgrKK5zmbKG1SwxUECozy8LjVjUJdEe53Fc5VMD51wK
HIf9iNMdMfaxAGYjQ6PU92GE8kXyXUeuXilblGm7609QHCBkVjLyvrDAx5XZVd0d
9PWgRJdDrzUnvuMTR1SHLNIBblDFj2a7g3tSWQx/5wbBlzDbHvxunmTYQ69Z4nHO
55em/g0Bm8s9dkPsKHH1vUhKhMWWSvQI2m+0g2dyQx+7mIQWfBECN4w9MwrDwIBk
uWc=
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:33:34 2025 by rpki-client