Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KYVpmHWtySBNW651-a7-c5R-eV8.roa
File: KYVpmHWtySBNW651-a7-c5R-eV8.roa (raw, json)
Hash identifier: Zc4IrBbE01Zr6Q9FLp++8WK7aHLTJj6Ajczvh24vMgU=
Subject key identifier: 29:85:69:98:75:AD:C9:20:4D:5B:AE:75:F9:AE:FE:73:94:7E:79:5F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C0E90731F695AF1860E9951CA8955B657
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KYVpmHWtySBNW651-a7-c5R-eV8.roa
Signing time: Mon 27 Nov 2023 02:16:36 +0000
ROA not before: Mon 27 Nov 2023 02:16:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0e:90:73:1f:69:5a:f1:86:0e:99:51:ca:89:55:b6:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 27 02:16:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2985699875adc9204d5bae75f9aefe73947e795f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:45:ce:d5:47:0d:a2:a6:4a:99:a3:84:6e:14:
eb:4d:29:50:bb:52:db:59:e2:40:7f:10:fc:e6:27:
ff:2f:7b:0c:79:48:5e:e4:fd:c7:24:47:28:b9:97:
89:0f:f7:36:4b:d9:da:46:0a:e3:fe:ec:7b:52:00:
3a:98:05:87:f8:3b:fa:ee:d7:f6:c0:ef:38:bd:eb:
a3:8a:21:a2:32:04:60:fc:14:ae:3c:89:9e:40:8c:
3c:51:5f:32:b7:14:39:15:eb:73:f8:91:94:fd:df:
62:86:cd:7a:90:88:16:b9:8e:3a:db:24:0d:5b:93:
49:80:a9:b7:09:e6:25:a5:d2:09:45:be:45:61:71:
32:a5:f1:93:e4:fd:8b:b6:2f:e8:ff:1a:e2:67:ab:
75:f1:92:97:f8:a5:1e:04:c0:4b:65:4b:6e:09:48:
8e:74:c1:14:62:1d:e8:1c:46:51:c4:47:bb:0b:2c:
8c:60:75:63:21:35:d2:14:5b:73:cf:e9:50:0d:d5:
c6:d5:b2:6f:1b:4b:48:eb:a2:db:8c:7b:48:4c:68:
97:51:93:ee:1d:1e:56:37:91:85:d8:69:a9:11:9b:
bb:fa:53:72:15:8f:44:f6:98:23:3c:c0:f1:21:ac:
73:d9:a2:89:68:36:3c:04:d6:ac:77:9f:6b:c7:bf:
6c:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:85:69:98:75:AD:C9:20:4D:5B:AE:75:F9:AE:FE:73:94:7E:79:5F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KYVpmHWtySBNW651-a7-c5R-eV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8c:4b:0d:81:2f:04:50:34:88:f8:ba:a5:a7:ee:df:1e:12:07:
db:73:94:0c:d9:8d:8b:fd:c4:cf:fe:1c:26:6d:91:90:93:dc:
ca:56:11:83:46:90:2a:3d:4c:76:fb:fc:20:91:61:6d:1d:19:
a2:90:8f:65:5e:e2:a6:d8:98:4b:e1:04:e8:d4:e3:2e:48:21:
16:9f:a9:22:9b:d7:a7:5a:20:e8:51:3c:da:08:a6:6f:3d:b1:
63:b1:95:e6:d4:b7:54:18:4c:5c:c5:0d:b4:26:1a:86:0b:fa:
a4:ac:55:7f:f4:2d:d0:dd:0d:df:65:aa:bb:84:cb:71:1d:b5:
ff:93:f7:fa:19:df:47:e5:a0:5b:0a:2d:2e:6d:59:e7:68:8d:
e9:24:08:3d:ec:0f:97:17:a6:ae:ee:8b:6f:00:8b:33:a9:3b:
c0:92:80:91:fe:73:75:1d:90:63:0b:7b:8c:2b:8a:7b:fa:b1:
18:d4:a4:99:93:d1:db:4d:6c:f4:6d:13:7b:bc:ef:6e:4c:7e:
f7:aa:cc:3a:4e:79:f6:84:bd:65:24:7b:66:77:18:97:c8:2c:
af:a1:4f:38:d2:8d:a3:33:4b:69:f7:ae:59:c9:14:be:8f:77:
22:24:9c:ea:a2:18:02:5d:7a:9b:0a:39:33:29:bb:6d:c8:0f:
30:d6:9c:fd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwOkHMfaVrxhg6ZUcqJVbZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI3MDIxNjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTg1Njk5ODc1YWRjOTIwNGQ1YmFlNzVmOWFlZmU3Mzk0N2U3OTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0XO1UcNoqZKmaOEbhTrTSlQu1Lb
WeJAfxD85if/L3sMeUhe5P3HJEcouZeJD/c2S9naRgrj/ux7UgA6mAWH+Dv67tf2
wO84veujiiGiMgRg/BSuPImeQIw8UV8ytxQ5Fetz+JGU/d9ihs16kIgWuY462yQN
W5NJgKm3CeYlpdIJRb5FYXEypfGT5P2Lti/o/xriZ6t18ZKX+KUeBMBLZUtuCUiO
dMEUYh3oHEZRxEe7CyyMYHVjITXSFFtzz+lQDdXG1bJvG0tI66LbjHtITGiXUZPu
HR5WN5GF2GmpEZu7+lNyFY9E9pgjPMDxIaxz2aKJaDY8BNasd59rx79sTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCmFaZh1rckgTVuudfmu/nOUfnlfMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvS1lWcG1IV3R5U0JOVzY1MS1hNy1jNVItZVY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIxLDYEvBFA0iPi6pafu
3x4SB9tzlAzZjYv9xM/+HCZtkZCT3MpWEYNGkCo9THb7/CCRYW0dGaKQj2Ve4qbY
mEvhBOjU4y5IIRafqSKb16daIOhRPNoIpm89sWOxlebUt1QYTFzFDbQmGoYL+qSs
VX/0LdDdDd9lqruEy3Edtf+T9/oZ30floFsKLS5tWedojekkCD3sD5cXpq7ui28A
izOpO8CSgJH+c3UdkGMLe4wrinv6sRjUpJmT0dtNbPRtE3u8725MfveqzDpOefaE
vWUke2Z3GJfILK+hTzjSjaMzS2n3rlnJFL6PdyIknOqiGAJdepsKOTMpu23IDzDW
nP0=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:06:53 2025 by rpki-client