Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KZalSnVT_4P7Wyto0QNkthSOQcA.roa
File: KZalSnVT_4P7Wyto0QNkthSOQcA.roa (raw, json)
Hash identifier: 5av+439is1Jt3UUSYGx48U4UMgEGb+EJQwQKTl0MCiQ=
Subject key identifier: 29:96:A5:4A:75:53:FF:83:FB:5B:2B:68:D1:03:64:B6:14:8E:41:C0
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BCC3C795FFF82D1431DCE281B84DAB38D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KZalSnVT_4P7Wyto0QNkthSOQcA.roa
Signing time: Tue 14 Nov 2023 05:09:57 +0000
ROA not before: Tue 14 Nov 2023 05:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cc:3c:79:5f:ff:82:d1:43:1d:ce:28:1b:84:da:b3:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 14 05:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2996a54a7553ff83fb5b2b68d10364b6148e41c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:36:62:4e:7e:8f:21:36:66:be:04:eb:2e:eb:
3d:09:9a:06:6c:f6:d7:0e:d5:bf:f8:71:05:f0:33:
6e:ea:f0:b3:06:3b:7e:df:da:f2:8d:2b:f1:70:71:
dd:8a:38:54:a2:a4:4b:2a:16:bb:45:3c:cd:66:ee:
73:35:5a:3e:c9:cc:23:05:5d:78:36:16:cc:ee:03:
8f:a1:62:f7:ae:c1:31:8d:fb:03:0b:3d:c5:6b:d8:
2f:7c:d1:73:58:16:45:0e:c9:1f:5a:51:3f:41:02:
a6:99:40:a1:d5:14:12:7f:ed:56:c0:0c:28:c8:57:
83:00:6e:1f:ef:00:11:cb:fc:02:8a:f4:cc:5c:f1:
92:a5:ec:42:50:0c:22:6d:9a:b8:e4:c7:bf:33:61:
6d:e3:5c:af:3e:e7:20:2d:3e:6d:44:4f:e3:3c:44:
8e:37:bd:f9:8f:85:22:36:2a:a0:ae:f5:2b:4c:90:
a2:77:a6:28:12:02:ec:59:47:16:30:23:04:21:c6:
50:d8:3c:26:df:f5:cc:39:8d:e7:28:9a:65:e9:97:
d0:6d:dc:e9:5c:56:87:e9:37:35:27:c9:c8:7b:5e:
ff:26:04:5b:08:85:53:ba:6b:bc:02:e3:4d:ab:03:
11:31:80:47:ec:6e:e5:a0:bf:72:4f:97:9e:7d:c6:
76:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:96:A5:4A:75:53:FF:83:FB:5B:2B:68:D1:03:64:B6:14:8E:41:C0
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KZalSnVT_4P7Wyto0QNkthSOQcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:83:57:64:dd:90:21:ea:95:30:96:3b:84:5e:12:23:c8:1f:
de:58:50:51:92:4a:fa:fe:17:de:31:bd:28:bf:6c:b0:cd:eb:
b6:da:cb:e3:b0:67:01:c1:93:42:76:37:40:3a:9f:22:10:e6:
3c:6a:7b:8c:7a:35:88:eb:51:c7:cc:f6:06:01:ee:fb:90:c9:
9f:1f:c5:99:30:22:f6:cf:50:3e:75:06:3b:aa:3c:0e:c1:4e:
88:3c:2b:61:d4:c1:b6:33:6d:92:ff:45:7f:a2:05:3e:e7:01:
18:2b:1c:1c:2c:bc:a2:1f:15:af:06:24:af:b9:5f:8a:98:37:
5f:74:01:06:c6:08:c3:de:88:68:f4:10:c7:37:1b:68:85:d5:
c2:57:4b:d6:37:7c:76:31:dc:2a:d7:9d:0c:e5:e1:fe:e5:22:
23:b9:fb:cc:a6:1f:5b:93:7b:24:7b:b6:40:ee:8f:ed:4f:cd:
07:32:57:89:62:9f:c5:78:84:5a:b4:c3:34:b3:11:48:a7:52:
9b:93:04:94:53:83:3b:c5:da:88:b5:be:f8:df:ba:af:56:53:
2c:0e:a5:2d:66:63:5b:be:8a:82:cb:07:df:22:bf:39:c7:55:
37:e2:ce:1a:1c:c1:d7:fd:0c:45:12:2b:43:b4:d8:cb:aa:e1:
0d:2c:ee:4b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvMPHlf/4LRQx3OKBuE2rONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE0MDUwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTk2YTU0YTc1NTNmZjgzZmI1YjJiNjhkMTAzNjRiNjE0OGU0MWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjZiTn6PITZmvgTrLus9CZoGbPbX
DtW/+HEF8DNu6vCzBjt+39ryjSvxcHHdijhUoqRLKha7RTzNZu5zNVo+ycwjBV14
NhbM7gOPoWL3rsExjfsDCz3Fa9gvfNFzWBZFDskfWlE/QQKmmUCh1RQSf+1WwAwo
yFeDAG4f7wARy/wCivTMXPGSpexCUAwibZq45Me/M2Ft41yvPucgLT5tRE/jPESO
N735j4UiNiqgrvUrTJCid6YoEgLsWUcWMCMEIcZQ2Dwm3/XMOY3nKJpl6ZfQbdzp
XFaH6Tc1J8nIe17/JgRbCIVTumu8AuNNqwMRMYBH7G7loL9yT5eefcZ2/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCmWpUp1U/+D+1sraNEDZLYUjkHAMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvS1phbFNuVlRfNFA3V3l0bzBRTmt0aFNPUWNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB2DV2TdkCHqlTCWO4Re
EiPIH95YUFGSSvr+F94xvSi/bLDN67bay+OwZwHBk0J2N0A6nyIQ5jxqe4x6NYjr
UcfM9gYB7vuQyZ8fxZkwIvbPUD51BjuqPA7BTog8K2HUwbYzbZL/RX+iBT7nARgr
HBwsvKIfFa8GJK+5X4qYN190AQbGCMPeiGj0EMc3G2iF1cJXS9Y3fHYx3CrXnQzl
4f7lIiO5+8ymH1uTeyR7tkDuj+1PzQcyV4lin8V4hFq0wzSzEUinUpuTBJRTgzvF
2oi1vvjfuq9WUywOpS1mY1u+ioLLB98ivznHVTfizhocwdf9DEUSK0O02Muq4Q0s
7ks=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:17:45 2025 by rpki-client