Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Koma4nLeHhV7dvOEhU-_gI5ZHwk.roa
File: Koma4nLeHhV7dvOEhU-_gI5ZHwk.roa (raw, json)
Hash identifier: +BMUmAz4K2yYdUgxQOUs8R7jPJ0aOD7X3rkBcOsHavo=
Subject key identifier: 2A:89:9A:E2:72:DE:1E:15:7B:76:F3:84:85:4F:BF:80:8E:59:1F:09
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C1A527915E01D83FA0D835FF708A0578A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Koma4nLeHhV7dvOEhU-_gI5ZHwk.roa
Signing time: Wed 29 Nov 2023 09:04:21 +0000
ROA not before: Wed 29 Nov 2023 09:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18c:1a52:5fff/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1a:52:79:15:e0:1d:83:fa:0d:83:5f:f7:08:a0:57:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 29 09:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a899ae272de1e157b76f384854fbf808e591f09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ef:d4:7a:2a:6d:33:af:ba:67:d4:50:c2:28:
50:ce:00:55:be:5f:6e:e5:ca:a3:bf:4f:57:88:db:
25:f0:75:48:5b:82:c8:8a:01:f5:80:47:f5:44:dc:
7f:b4:00:ad:14:db:6a:87:6d:02:16:a3:4a:f0:3d:
14:8e:2b:c2:7f:58:fb:52:80:75:e2:3b:0e:d4:e7:
8a:90:11:25:fa:8d:6f:53:45:b1:9c:8a:e1:47:2c:
0a:37:2e:e4:3b:71:a0:88:53:45:e4:4a:7d:bf:de:
5f:d2:b0:0a:92:ad:17:99:85:f6:d6:1b:a8:b3:1f:
d9:58:3b:af:f8:54:7f:b4:ee:55:2f:af:00:4d:cf:
4b:1f:e9:c0:6f:79:11:34:2d:09:11:cb:69:17:60:
e7:b9:e3:e6:10:37:f7:18:51:53:de:f6:71:4c:c9:
c2:fb:79:c4:6f:10:7e:64:f0:41:1d:31:8a:dc:d2:
8b:09:f6:a4:ed:a8:6d:0d:0e:19:71:7e:34:bd:27:
5f:22:41:ad:00:bf:b3:ce:fe:76:fb:1e:89:86:4c:
0d:7c:3a:8b:60:1b:e2:4e:54:b9:cb:6c:6f:67:2e:
b4:c5:58:8c:4e:78:fa:69:c2:32:17:de:44:1d:aa:
00:a4:82:a5:9f:d5:35:4e:e2:d4:cd:13:ae:49:93:
af:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:89:9A:E2:72:DE:1E:15:7B:76:F3:84:85:4F:BF:80:8E:59:1F:09
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Koma4nLeHhV7dvOEhU-_gI5ZHwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0b:3f:d7:68:9a:86:d1:9b:80:77:e1:93:3e:55:46:6b:6f:d1:
cf:f7:2b:0b:09:a1:16:29:62:85:f1:9a:4e:73:cd:a3:17:9a:
9a:15:a3:48:26:d2:42:d6:ce:ba:08:39:e9:37:c9:f1:db:bf:
7a:f1:5e:1a:1d:a0:62:ae:a1:be:86:2c:71:03:c2:5a:41:62:
9f:02:cb:13:7a:4f:c0:6b:9d:e6:fb:e3:ff:cc:2a:e3:a5:91:
0d:2a:93:04:bb:e4:56:a6:6a:1a:29:d0:36:83:52:21:38:4b:
61:ff:a3:4f:5a:4a:93:eb:85:9b:ab:96:c2:1a:55:86:c4:92:
3f:a0:a7:26:92:1f:c7:5e:18:89:41:2f:68:26:c3:92:de:c8:
34:43:e6:d2:e0:dc:68:15:69:4d:09:d4:c3:f5:a5:2d:bc:0d:
7c:ab:7a:a0:1d:02:ce:19:b8:c2:0e:0a:3c:54:86:be:df:9b:
c4:bc:0c:17:c0:eb:11:2c:f1:59:73:ef:16:1e:a3:5a:2a:e7:
c4:58:9b:45:e4:43:8e:e6:24:04:d7:d7:e3:ee:5c:2b:65:19:
68:9b:ae:57:32:7c:b4:44:ac:b3:dd:fd:77:21:92:ed:f4:b0:
8a:85:5b:d8:aa:f5:1b:2f:97:86:0b:81:a1:fd:53:69:06:6c:
b7:85:a2:1b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwaUnkV4B2D+g2DX/cIoFeKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI5MDkwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTg5OWFlMjcyZGUxZTE1N2I3NmYzODQ4NTRmYmY4MDhlNTkxZjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+/UeiptM6+6Z9RQwihQzgBVvl9u
5cqjv09XiNsl8HVIW4LIigH1gEf1RNx/tACtFNtqh20CFqNK8D0UjivCf1j7UoB1
4jsO1OeKkBEl+o1vU0WxnIrhRywKNy7kO3GgiFNF5Ep9v95f0rAKkq0XmYX21huo
sx/ZWDuv+FR/tO5VL68ATc9LH+nAb3kRNC0JEctpF2DnuePmEDf3GFFT3vZxTMnC
+3nEbxB+ZPBBHTGK3NKLCfak7ahtDQ4ZcX40vSdfIkGtAL+zzv52+x6JhkwNfDqL
YBviTlS5y2xvZy60xViMTnj6acIyF95EHaoApIKln9U1TuLUzROuSZOvqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCqJmuJy3h4Ve3bzhIVPv4COWR8JMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvS29tYTRuTGVIaFY3ZHZPRWhVLV9nSTVaSHdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAs/12iahtGbgHfhkz5V
Rmtv0c/3KwsJoRYpYoXxmk5zzaMXmpoVo0gm0kLWzroIOek3yfHbv3rxXhodoGKu
ob6GLHEDwlpBYp8CyxN6T8Brneb74//MKuOlkQ0qkwS75Famahop0DaDUiE4S2H/
o09aSpPrhZurlsIaVYbEkj+gpyaSH8deGIlBL2gmw5LeyDRD5tLg3GgVaU0J1MP1
pS28DXyreqAdAs4ZuMIOCjxUhr7fm8S8DBfA6xEs8Vlz7xYeo1oq58RYm0XkQ47m
JATX1+PuXCtlGWibrlcyfLRErLPd/Xchku30sIqFW9iq9Rsvl4YLgaH9U2kGbLeF
ohs=
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:41:54 2025 by rpki-client