Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kAqUExtzZCamE-uaAYKyVhjEtm4.roa
File: kAqUExtzZCamE-uaAYKyVhjEtm4.roa (raw, json)
Hash identifier: ThJ7ydt360wxLQJrPMbuXGB6WQSspHUk5zOp+cg63/Q=
Subject key identifier: 90:0A:94:13:1B:73:64:26:A6:13:EB:9A:01:82:B2:56:18:C4:B6:6E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B9D3FA763A77E97DCF6B636387F8A1911
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kAqUExtzZCamE-uaAYKyVhjEtm4.roa
Signing time: Sun 05 Nov 2023 02:11:16 +0000
ROA not before: Sun 05 Nov 2023 02:11:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9d:3f:a7:63:a7:7e:97:dc:f6:b6:36:38:7f:8a:19:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 5 02:11:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=900a94131b736426a613eb9a0182b25618c4b66e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6e:82:90:bf:35:28:d0:66:c9:66:2c:38:f7:
64:82:ee:3b:44:98:6b:05:4e:77:d7:a3:e8:38:d6:
7b:9f:d0:e4:ec:54:06:8f:cf:26:b3:2f:9f:64:3c:
a9:bd:a5:0b:ba:03:5b:92:82:da:51:f5:ff:34:1a:
3d:0e:12:eb:8a:b7:ef:33:50:0b:c8:d5:72:57:ae:
45:d9:61:63:4f:56:a0:51:63:e3:f2:71:4c:01:59:
fa:b2:a9:09:dd:ee:75:ee:49:d8:c4:dd:c3:79:dc:
37:91:9c:91:95:d3:ef:b0:73:c9:f6:05:f6:c1:e8:
df:b8:e9:24:58:3c:bf:35:a4:b8:60:43:85:4b:2f:
2d:5b:dd:fc:a6:7f:6b:71:f0:d9:25:21:24:d8:36:
37:87:7c:31:e0:19:ae:aa:38:f4:83:86:86:41:ea:
cb:d1:63:ac:a3:84:79:01:c8:c6:1b:f8:17:77:bb:
2f:ee:ac:14:4a:12:dc:21:7a:fd:a4:f8:78:e9:01:
51:99:b3:61:bf:fc:76:e3:ba:fe:e6:dd:2d:ac:67:
2e:c0:98:48:e8:48:25:cf:bf:aa:57:76:c6:95:4a:
b2:cd:97:1f:27:46:26:d7:ad:69:a3:18:87:09:86:
42:67:19:82:01:a8:f1:b2:8c:21:ac:9c:58:7d:94:
79:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:0A:94:13:1B:73:64:26:A6:13:EB:9A:01:82:B2:56:18:C4:B6:6E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kAqUExtzZCamE-uaAYKyVhjEtm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:bb:9b:bd:5c:62:2c:4a:43:0c:3b:e3:e3:ad:e3:da:03:3e:
12:90:6b:64:45:d2:f6:d6:41:f1:f0:53:da:c7:81:f6:d8:f4:
bc:33:f2:c6:ec:2a:48:39:bb:a0:75:df:82:bb:8d:1c:35:a0:
af:7c:d1:58:bf:e6:f9:f1:33:e1:ba:08:e3:44:b6:9e:34:54:
70:f0:60:b3:09:d3:f1:40:0e:81:91:da:f9:f9:2a:65:d5:37:
1f:3b:36:07:20:12:ee:a6:b3:74:53:15:72:54:5b:02:42:a0:
91:39:70:6e:ad:66:13:0d:05:73:54:f6:36:a4:a1:42:48:52:
3a:e3:34:08:95:98:d9:0c:4c:27:76:62:63:3f:be:05:22:ad:
95:fd:72:44:b7:38:77:18:a5:d6:4c:4d:2e:23:8a:7d:f8:3f:
f9:fc:30:b6:48:04:61:13:b5:9f:06:d0:79:5d:a3:9b:4d:d8:
3b:de:69:a0:d7:a4:fd:31:c9:09:b6:1d:80:e0:1c:04:06:4f:
ce:48:8e:26:3c:5e:5d:f5:e6:b9:f8:89:ee:71:e6:d2:93:ec:
3f:fc:5a:0d:09:67:79:cc:34:16:86:6e:58:96:d3:c2:45:80:
83:6f:9e:04:47:3e:66:72:16:f8:03:73:32:9f:cb:da:29:7b:
0b:d8:c5:dd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYudP6djp36X3Pa2Njh/ihkRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA1MDIxMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDBhOTQxMzFiNzM2NDI2YTYxM2ViOWEwMTgyYjI1NjE4YzRiNjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzm6CkL81KNBmyWYsOPdkgu47RJhr
BU5316PoONZ7n9Dk7FQGj88msy+fZDypvaULugNbkoLaUfX/NBo9DhLrirfvM1AL
yNVyV65F2WFjT1agUWPj8nFMAVn6sqkJ3e517knYxN3Dedw3kZyRldPvsHPJ9gX2
wejfuOkkWDy/NaS4YEOFSy8tW938pn9rcfDZJSEk2DY3h3wx4Bmuqjj0g4aGQerL
0WOso4R5AcjGG/gXd7sv7qwUShLcIXr9pPh46QFRmbNhv/x247r+5t0trGcuwJhI
6Eglz7+qV3bGlUqyzZcfJ0Ym161poxiHCYZCZxmCAajxsowhrJxYfZR50QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJAKlBMbc2QmphPrmgGCslYYxLZuMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEva0FxVUV4dHpaQ2FtRS11YUFZS3lWaGpFdG00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEu7m71cYixKQww74+Ot
49oDPhKQa2RF0vbWQfHwU9rHgfbY9Lwz8sbsKkg5u6B134K7jRw1oK980Vi/5vnx
M+G6CONEtp40VHDwYLMJ0/FADoGR2vn5KmXVNx87NgcgEu6ms3RTFXJUWwJCoJE5
cG6tZhMNBXNU9jakoUJIUjrjNAiVmNkMTCd2YmM/vgUirZX9ckS3OHcYpdZMTS4j
in34P/n8MLZIBGETtZ8G0Hldo5tN2DveaaDXpP0xyQm2HYDgHAQGT85IjiY8Xl31
5rn4ie5x5tKT7D/8Wg0JZ3nMNBaGbliW08JFgINvngRHPmZyFvgDczKfy9opewvY
xd0=
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:23:38 2025 by rpki-client