Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KRihhEpJ99pThSfXQ1yWhEAz-98.roa
File: KRihhEpJ99pThSfXQ1yWhEAz-98.roa (raw, json)
Hash identifier: qWo5LIvNWrH5nEu3dtO3htMggqntKxQ0QteVesyFf5c=
Subject key identifier: 29:18:A1:84:4A:49:F7:DA:53:85:27:D7:43:5C:96:84:40:33:FB:DF
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B4A6FB215E18698A2D1E5185E2057D22D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KRihhEpJ99pThSfXQ1yWhEAz-98.roa
Signing time: Fri 20 Oct 2023 00:15:15 +0000
ROA not before: Fri 20 Oct 2023 00:15:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4a:6f:b2:15:e1:86:98:a2:d1:e5:18:5e:20:57:d2:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 20 00:15:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2918a1844a49f7da538527d7435c96844033fbdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a7:9d:76:fc:d7:1b:bb:38:01:c2:16:e7:f9:
2b:3c:51:57:1a:14:73:60:75:05:c1:5b:98:87:3c:
b2:bb:b8:85:28:01:ba:6b:a6:0c:7d:cc:79:c7:d3:
6d:29:21:0e:f6:37:29:57:1a:37:77:20:77:1d:47:
df:7b:fa:a3:1d:af:2f:51:be:63:30:b1:69:9a:fd:
de:65:16:d0:4c:9b:f6:58:8f:7a:7e:46:72:fc:96:
c5:91:b8:f6:a9:49:79:bb:c7:21:7e:c4:c2:3e:50:
b2:a7:fc:2c:96:38:6d:1c:60:9d:80:a8:0b:85:7b:
fb:58:88:24:24:f7:9d:fc:e8:a2:67:7c:9f:a0:2a:
37:cd:8e:1f:4f:35:83:d6:6a:a4:26:1f:e1:60:d2:
ea:0c:fc:10:fc:22:6b:e4:aa:05:55:e7:d4:c0:3a:
32:92:0f:12:48:27:25:3e:35:89:84:62:8c:75:4d:
58:7d:31:a2:7c:e6:cf:d7:a7:db:de:3f:20:b6:20:
57:b5:9a:3d:61:85:49:d5:fb:76:05:61:a5:62:32:
37:59:71:ff:5c:12:35:4f:28:e2:7b:02:ec:db:13:
dc:d3:d6:49:00:85:94:61:d0:d9:43:ce:e2:14:26:
9b:8a:5c:af:b1:1d:bd:c0:1d:3a:9f:63:24:81:48:
d7:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:18:A1:84:4A:49:F7:DA:53:85:27:D7:43:5C:96:84:40:33:FB:DF
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KRihhEpJ99pThSfXQ1yWhEAz-98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
07:5d:a0:b2:dc:99:4f:72:5f:6c:ce:e1:0c:cd:50:0e:cd:36:
fd:22:98:c8:ba:63:17:4d:da:c1:2c:09:8e:78:6a:49:bc:36:
2d:a9:f0:28:e4:45:98:5c:b8:bb:14:57:9e:a2:08:f6:21:c4:
6b:bf:94:55:0f:82:c1:bf:0f:f6:8e:f0:59:29:64:15:af:ca:
b3:d7:1f:b6:48:7e:7e:ea:6b:c7:fb:df:a3:13:d0:78:bf:e9:
5e:9d:ff:b9:8e:6b:4c:1a:a9:43:9b:b6:e3:71:d4:94:7f:4d:
7d:09:2e:95:e8:ca:19:0d:5d:5b:fb:ab:0d:e3:93:d4:97:ea:
36:4c:a5:87:39:d6:a3:a2:31:29:a4:4c:a5:d2:32:27:ee:eb:
9d:e5:43:db:25:b9:ed:5d:c9:1a:52:89:42:2e:46:9f:af:3a:
3a:b3:85:40:3c:6b:d0:62:18:0d:ec:35:f5:13:57:cc:bd:40:
98:fa:a9:4f:93:48:c0:9a:aa:22:ba:bc:89:1d:d2:41:c6:01:
0e:94:b4:14:fc:29:ad:81:d1:35:31:59:44:fb:ef:4b:a8:8a:
e0:75:f7:75:86:65:5f:16:b0:f9:87:07:15:62:e3:d1:66:35:
5b:31:b3:08:15:62:d1:83:6f:e7:65:56:9b:52:12:8f:db:85:
ff:e3:02:57
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtKb7IV4YaYotHlGF4gV9ItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIwMDAxNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTE4YTE4NDRhNDlmN2RhNTM4NTI3ZDc0MzVjOTY4NDQwMzNmYmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaeddvzXG7s4AcIW5/krPFFXGhRz
YHUFwVuYhzyyu7iFKAG6a6YMfcx5x9NtKSEO9jcpVxo3dyB3HUffe/qjHa8vUb5j
MLFpmv3eZRbQTJv2WI96fkZy/JbFkbj2qUl5u8chfsTCPlCyp/wsljhtHGCdgKgL
hXv7WIgkJPed/OiiZ3yfoCo3zY4fTzWD1mqkJh/hYNLqDPwQ/CJr5KoFVefUwDoy
kg8SSCclPjWJhGKMdU1YfTGifObP16fb3j8gtiBXtZo9YYVJ1ft2BWGlYjI3WXH/
XBI1TyjiewLs2xPc09ZJAIWUYdDZQ87iFCabilyvsR29wB06n2MkgUjXdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCkYoYRKSffaU4Un10NcloRAM/vfMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvS1JpaGhFcEo5OXBUaFNmWFExeVdoRUF6LTk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAddoLLcmU9yX2zO4QzN
UA7NNv0imMi6YxdN2sEsCY54akm8Ni2p8CjkRZhcuLsUV56iCPYhxGu/lFUPgsG/
D/aO8FkpZBWvyrPXH7ZIfn7qa8f736MT0Hi/6V6d/7mOa0waqUObtuNx1JR/TX0J
LpXoyhkNXVv7qw3jk9SX6jZMpYc51qOiMSmkTKXSMifu653lQ9slue1dyRpSiUIu
Rp+vOjqzhUA8a9BiGA3sNfUTV8y9QJj6qU+TSMCaqiK6vIkd0kHGAQ6UtBT8Ka2B
0TUxWUT770uoiuB193WGZV8WsPmHBxVi49FmNVsxswgVYtGDb+dlVptSEo/bhf/j
Alc=
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:50:59 2025 by rpki-client