Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KbnTg3JtezM-qahpSH01I248VaM.roa
File: KbnTg3JtezM-qahpSH01I248VaM.roa (raw, json)
Hash identifier: FXTTdWDUcRdQ2YIf4yklIxsJbZSRmGE5aIylDPdz0Uo=
Subject key identifier: 29:B9:D3:83:72:6D:7B:33:3E:A9:A8:69:48:7D:35:23:6E:3C:55:A3
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ABAE57FBC086A24229FACBEB061108A45
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KbnTg3JtezM-qahpSH01I248VaM.roa
Signing time: Fri 22 Sep 2023 03:18:37 +0000
ROA not before: Fri 22 Sep 2023 03:18:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ba:e5:7f:bc:08:6a:24:22:9f:ac:be:b0:61:10:8a:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 22 03:18:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29b9d383726d7b333ea9a869487d35236e3c55a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:32:1b:74:db:b4:c3:3f:f8:49:b7:c5:3c:1c:
89:7e:26:79:7b:a2:05:77:cd:38:6c:d6:d6:8d:2a:
8a:03:41:5f:00:a8:4a:e5:bd:70:ba:5b:9e:29:b2:
3e:eb:db:2c:73:f9:f2:9d:b6:b2:0d:a8:8c:78:c8:
e2:95:0a:b2:5a:a2:bc:da:64:c0:5b:13:cb:90:6b:
6d:e6:c3:68:1e:94:f5:9c:4d:ce:f4:27:39:2a:f5:
99:eb:62:04:9f:fb:30:ae:c6:77:65:f3:52:93:1f:
b8:77:0d:4a:89:a3:82:2d:44:49:38:52:cc:95:ad:
03:2a:ec:33:da:eb:44:53:f1:fc:6e:70:49:df:08:
3e:ed:e4:ea:ce:35:f1:7b:01:46:eb:fb:37:18:1a:
2e:17:89:94:e2:1a:a9:c6:e2:04:eb:36:e5:b0:06:
da:17:cd:9f:cf:1a:06:bb:cd:42:f4:c4:ef:cb:d3:
02:19:29:ab:c3:49:a2:92:a1:16:06:36:f5:3e:1a:
2e:96:c3:49:1f:3d:d9:4a:ee:db:b1:dd:3e:2f:18:
a8:01:e1:e3:4d:8f:6e:81:9f:ff:6c:07:a9:1e:67:
26:79:53:17:3e:18:d6:9d:0d:bd:92:9a:39:f0:5c:
b4:bc:b5:b2:fa:91:47:61:a2:0f:9b:0c:71:5b:81:
50:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B9:D3:83:72:6D:7B:33:3E:A9:A8:69:48:7D:35:23:6E:3C:55:A3
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KbnTg3JtezM-qahpSH01I248VaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9f:eb:b9:d8:36:d6:b9:3c:69:2d:fd:fe:cb:34:1a:92:15:bf:
b1:6f:ce:77:bd:8c:dd:35:26:80:70:e6:d9:7d:98:5c:7f:02:
0b:08:be:10:65:78:45:55:33:6c:91:20:af:ea:d5:4c:02:4a:
bd:73:9b:d5:b9:ca:b0:c5:06:5b:9f:04:78:65:aa:13:19:d4:
47:a1:75:7b:be:4d:71:22:e6:3d:c0:c8:29:c5:7d:d8:85:b7:
aa:39:8b:e2:05:10:6e:d4:76:e6:2e:e5:06:af:a9:a7:8c:39:
26:96:d2:29:a0:8a:fe:b5:3b:9a:01:a6:cd:a9:97:5d:5d:7b:
f2:b9:fc:02:31:85:57:84:73:ea:be:67:2a:72:5c:02:b7:83:
3c:03:82:e2:f2:db:6c:3e:08:21:49:1b:cb:6b:e3:da:45:f5:
5d:19:9b:f9:04:51:3a:d1:c4:f4:8d:3f:f5:fd:ff:7c:72:4d:
c2:9c:a9:97:b2:e2:d3:ba:89:21:7c:f5:78:c2:7e:33:f1:28:
2b:a1:27:fd:cc:8a:ee:09:7f:06:71:a3:f2:30:17:b9:b2:99:
4e:f5:bb:7e:cc:ad:a3:eb:01:e7:5c:de:d4:08:c8:f1:9d:74:
ff:0f:be:a7:0c:02:11:ad:cd:9d:b7:ba:6e:56:e0:0a:67:1a:
ed:b0:58:32
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq65X+8CGokIp+svrBhEIpFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIyMDMxODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWI5ZDM4MzcyNmQ3YjMzM2VhOWE4Njk0ODdkMzUyMzZlM2M1NWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6jIbdNu0wz/4SbfFPByJfiZ5e6IF
d804bNbWjSqKA0FfAKhK5b1wulueKbI+69ssc/nynbayDaiMeMjilQqyWqK82mTA
WxPLkGtt5sNoHpT1nE3O9Cc5KvWZ62IEn/swrsZ3ZfNSkx+4dw1KiaOCLURJOFLM
la0DKuwz2utEU/H8bnBJ3wg+7eTqzjXxewFG6/s3GBouF4mU4hqpxuIE6zblsAba
F82fzxoGu81C9MTvy9MCGSmrw0mikqEWBjb1PhoulsNJHz3ZSu7bsd0+LxioAeHj
TY9ugZ//bAepHmcmeVMXPhjWnQ29kpo58Fy0vLWy+pFHYaIPmwxxW4FQkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCm504NybXszPqmoaUh9NSNuPFWjMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvS2JuVGczSnRlek0tcWFocFNIMDFJMjQ4VmFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ/rudg21rk8aS39/ss0
GpIVv7Fvzne9jN01JoBw5tl9mFx/AgsIvhBleEVVM2yRIK/q1UwCSr1zm9W5yrDF
BlufBHhlqhMZ1EehdXu+TXEi5j3AyCnFfdiFt6o5i+IFEG7UduYu5QavqaeMOSaW
0imgiv61O5oBps2pl11de/K5/AIxhVeEc+q+ZypyXAK3gzwDguLy22w+CCFJG8tr
49pF9V0Zm/kEUTrRxPSNP/X9/3xyTcKcqZey4tO6iSF89XjCfjPxKCuhJ/3Miu4J
fwZxo/IwF7mymU71u37MraPrAedc3tQIyPGddP8PvqcMAhGtzZ23um5W4ApnGu2w
WDI=
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:01:04 2025 by rpki-client