Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Khbb3qkUD-yE0xMysCDoOy1d-0E.roa
File: Khbb3qkUD-yE0xMysCDoOy1d-0E.roa (raw, json)
Hash identifier: 7gVnCt+A0Xhy2t+id4m5noZ/fZWdZdyTGFxGUuKWYes=
Subject key identifier: 2A:16:DB:DE:A9:14:0F:EC:84:D3:13:32:B0:20:E8:3B:2D:5D:FB:41
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B85374DEA861F3095FD36B5568D1144CC
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Khbb3qkUD-yE0xMysCDoOy1d-0E.roa
Signing time: Tue 31 Oct 2023 10:11:16 +0000
ROA not before: Tue 31 Oct 2023 10:11:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:85:37:4d:ea:86:1f:30:95:fd:36:b5:56:8d:11:44:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 31 10:11:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a16dbdea9140fec84d31332b020e83b2d5dfb41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1f:97:dc:1f:6d:f0:ae:f8:37:d6:af:93:fb:
b1:84:df:52:05:d3:27:0e:a4:cc:45:82:e9:7d:90:
41:e0:b0:4d:20:df:ed:3e:1b:7a:5e:d6:82:1e:d4:
ca:36:32:e3:a6:03:18:23:c9:c3:14:fb:c8:34:bd:
2f:8e:85:ad:97:c2:45:4b:a1:a7:61:e6:09:42:77:
94:1c:1a:ab:82:06:b8:95:f1:e4:83:2c:56:2e:1e:
8f:a0:00:0e:b1:32:15:03:a1:a6:32:ad:8f:c1:01:
4f:85:31:0e:3a:9d:3d:79:74:e1:b8:c8:8b:d7:1b:
80:ae:13:71:81:76:69:85:d6:73:ce:94:98:26:33:
ef:7a:c4:eb:e5:91:f7:c0:20:d5:af:ab:ce:0f:2b:
ad:0a:5e:bd:9b:3d:71:08:7b:43:e7:85:b4:9a:54:
36:e5:dd:62:b8:7c:3c:2b:fe:5d:54:f1:d2:61:bb:
c1:5c:69:89:1d:d7:39:65:96:ff:0d:07:b3:36:51:
98:4d:1c:04:ea:24:5a:06:26:3c:62:0d:bd:f1:cb:
bf:87:f1:60:f5:1c:7c:eb:4c:27:6a:cd:9c:dd:e3:
2a:74:6f:2c:8f:aa:c2:1e:ee:32:e1:0a:60:ff:33:
2a:3f:c6:f7:4a:40:a5:e1:f7:08:b4:63:ab:5a:db:
65:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:16:DB:DE:A9:14:0F:EC:84:D3:13:32:B0:20:E8:3B:2D:5D:FB:41
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Khbb3qkUD-yE0xMysCDoOy1d-0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
af:0c:b5:95:a3:09:71:f3:74:11:81:8a:f7:64:87:e3:0d:9b:
10:a0:05:dd:25:43:c9:94:70:39:5b:4a:ec:37:c9:27:38:39:
02:00:eb:58:e6:15:fa:4b:33:d0:4b:e3:3e:75:29:ec:72:67:
a4:37:f3:bf:58:bb:ad:6e:a8:df:f5:e6:f1:d8:4e:f0:a8:b1:
f2:61:f5:af:38:9a:96:2f:0a:49:20:f3:2e:54:b2:4e:ff:97:
c5:03:4f:51:34:fe:0c:97:64:d4:a9:88:f8:49:9f:25:c2:0c:
7d:dd:7e:bd:64:88:55:5a:75:7f:5d:e6:ed:42:44:a0:36:6b:
85:5a:ce:f7:f2:ad:13:11:76:7b:a5:3e:93:81:77:0a:8a:cf:
dc:6f:3d:9e:0a:f6:7b:7a:b5:00:09:81:ee:ee:6b:d1:82:71:
71:33:f1:b0:79:2b:c7:aa:18:20:99:e4:06:0e:79:5e:d6:77:
28:6a:31:ba:11:45:32:ad:42:b8:eb:08:54:cc:1d:a2:88:c1:
5b:f8:cf:68:3e:73:99:4d:cc:5b:df:37:d4:bb:ba:5e:2f:a7:
9a:5c:f8:78:dc:aa:f1:2e:ac:31:38:c4:d2:ac:17:13:52:8d:
9b:4f:2c:58:88:5b:6f:5f:7f:53:c5:90:3c:9a:59:06:83:8c:
90:fa:de:5f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuFN03qhh8wlf02tVaNEUTMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDMxMTAxMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTE2ZGJkZWE5MTQwZmVjODRkMzEzMzJiMDIwZTgzYjJkNWRmYjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhR+X3B9t8K74N9avk/uxhN9SBdMn
DqTMRYLpfZBB4LBNIN/tPht6XtaCHtTKNjLjpgMYI8nDFPvINL0vjoWtl8JFS6Gn
YeYJQneUHBqrgga4lfHkgyxWLh6PoAAOsTIVA6GmMq2PwQFPhTEOOp09eXThuMiL
1xuArhNxgXZphdZzzpSYJjPvesTr5ZH3wCDVr6vODyutCl69mz1xCHtD54W0mlQ2
5d1iuHw8K/5dVPHSYbvBXGmJHdc5ZZb/DQezNlGYTRwE6iRaBiY8Yg298cu/h/Fg
9Rx860wnas2c3eMqdG8sj6rCHu4y4Qpg/zMqP8b3SkCl4fcItGOrWttlyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCoW296pFA/shNMTMrAg6DstXftBMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvS2hiYjNxa1VELXlFMHhNeXNDRG9PeTFkLTBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK8MtZWjCXHzdBGBivdk
h+MNmxCgBd0lQ8mUcDlbSuw3ySc4OQIA61jmFfpLM9BL4z51KexyZ6Q3879Yu61u
qN/15vHYTvCosfJh9a84mpYvCkkg8y5Usk7/l8UDT1E0/gyXZNSpiPhJnyXCDH3d
fr1kiFVadX9d5u1CRKA2a4VazvfyrRMRdnulPpOBdwqKz9xvPZ4K9nt6tQAJge7u
a9GCcXEz8bB5K8eqGCCZ5AYOeV7WdyhqMboRRTKtQrjrCFTMHaKIwVv4z2g+c5lN
zFvfN9S7ul4vp5pc+HjcqvEurDE4xNKsFxNSjZtPLFiIW29ff1PFkDyaWQaDjJD6
3l8=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:30:03 2025 by rpki-client