Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kHbEvki6-jcQ2KzkmkaKPvRqci8.roa
File: kHbEvki6-jcQ2KzkmkaKPvRqci8.roa (raw, json)
Hash identifier: RUROIQeEBuLSlwMi7872RJSW10/Bpit+0yIoD7xbZLQ=
Subject key identifier: 90:76:C4:BE:48:BA:FA:37:10:D8:AC:E4:9A:46:8A:3E:F4:6A:72:2F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C33AE798DDB79279DB41F0F2377542E4B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kHbEvki6-jcQ2KzkmkaKPvRqci8.roa
Signing time: Mon 04 Dec 2023 07:15:21 +0000
ROA not before: Mon 04 Dec 2023 07:15:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:33:ae:79:8d:db:79:27:9d:b4:1f:0f:23:77:54:2e:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 4 07:15:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9076c4be48bafa3710d8ace49a468a3ef46a722f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b0:91:bf:ea:fc:06:2b:e9:72:8b:81:d6:41:
50:f6:c0:b4:ae:e4:7e:f1:39:be:da:22:52:51:61:
a3:73:f4:6b:bf:68:01:e1:cb:2e:60:66:5e:b1:09:
be:51:bc:70:73:98:2d:ea:3d:b4:3d:3d:0b:ef:8c:
0e:cd:3d:72:a2:34:11:5f:6a:83:dc:13:0b:53:f9:
fc:9a:0e:74:5e:b0:cc:70:ff:be:c1:f3:dc:df:b3:
25:1b:d4:ae:9b:f5:30:b7:e4:e6:5f:5b:51:3e:ee:
4a:51:51:98:05:06:31:d6:dc:ce:2d:2b:78:a3:1c:
05:ad:1b:a2:83:6d:92:a5:19:cf:2d:df:23:40:41:
b9:88:5e:ce:79:dc:21:59:18:a4:23:8e:72:25:bf:
7a:bc:52:5e:17:d7:8d:ab:5f:5b:b4:47:b3:0b:7c:
f8:c7:d0:3d:40:ee:82:1b:69:57:49:ec:ea:19:c1:
7c:54:a9:80:52:73:9b:40:97:a1:a8:f3:72:67:f8:
13:c7:bc:b7:d6:ac:bd:00:bd:56:a6:ee:ac:96:70:
79:4f:d1:20:c3:da:44:33:d2:7c:ef:79:ec:7d:e2:
bf:63:96:4c:4d:6e:7e:14:bb:14:f0:b4:bd:53:b9:
80:94:68:f2:57:75:60:48:a3:59:03:8b:84:0c:5a:
2d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:76:C4:BE:48:BA:FA:37:10:D8:AC:E4:9A:46:8A:3E:F4:6A:72:2F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kHbEvki6-jcQ2KzkmkaKPvRqci8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4d:56:25:60:b9:1a:7f:a0:c0:d5:d5:80:3d:9a:d9:7e:f1:c8:
f2:00:bb:28:cf:4a:a9:58:e7:b7:eb:76:c2:2c:4a:10:77:0a:
1f:a1:32:a5:51:28:cf:11:09:25:ac:97:16:0b:19:ee:8e:9d:
1a:c1:62:4d:c3:60:a2:4d:50:35:00:f8:bc:8d:a7:4e:2b:73:
3a:35:a4:7c:8a:90:2c:e7:bf:60:39:f8:37:ad:fc:65:0b:6b:
e5:3a:58:9f:35:44:bb:ec:00:d4:d7:a9:d7:dd:fb:f0:49:fd:
ab:3e:2d:32:b2:c1:0c:75:32:72:44:0c:12:d2:e3:0c:32:ca:
d3:52:c8:fe:9f:7a:9e:3f:96:16:88:b2:1e:f9:5c:d0:94:bc:
f3:e1:57:c7:91:a9:4e:f5:2f:15:9b:37:31:a6:2f:94:8d:29:
69:5f:5e:28:e1:17:9b:c1:39:2c:08:9f:24:d2:cb:71:b0:f4:
42:68:d6:cb:da:c4:cd:ec:f4:b9:ce:c4:a3:b8:39:0d:38:de:
41:ad:dd:c8:1c:37:00:54:5f:e0:8b:9f:ab:9c:3e:29:02:9b:
a9:e1:8a:38:2b:76:7d:b2:4d:85:e7:c3:4f:d5:09:aa:fe:67:
c7:f2:1c:3b:cf:97:4e:3b:d6:61:f2:d0:ef:db:e6:ad:fa:67:
72:d4:1f:ff
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwzrnmN23knnbQfDyN3VC5LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA0MDcxNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDc2YzRiZTQ4YmFmYTM3MTBkOGFjZTQ5YTQ2OGEzZWY0NmE3MjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprCRv+r8BivpcouB1kFQ9sC0ruR+
8Tm+2iJSUWGjc/Rrv2gB4csuYGZesQm+Ubxwc5gt6j20PT0L74wOzT1yojQRX2qD
3BMLU/n8mg50XrDMcP++wfPc37MlG9Sum/Uwt+TmX1tRPu5KUVGYBQYx1tzOLSt4
oxwFrRuig22SpRnPLd8jQEG5iF7OedwhWRikI45yJb96vFJeF9eNq19btEezC3z4
x9A9QO6CG2lXSezqGcF8VKmAUnObQJehqPNyZ/gTx7y31qy9AL1Wpu6slnB5T9Eg
w9pEM9J873nsfeK/Y5ZMTW5+FLsU8LS9U7mAlGjyV3VgSKNZA4uEDFot8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJB2xL5Iuvo3ENis5JpGij70anIvMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEva0hiRXZraTYtamNRMkt6a21rYUtQdlJxY2k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE1WJWC5Gn+gwNXVgD2a
2X7xyPIAuyjPSqlY57frdsIsShB3Ch+hMqVRKM8RCSWslxYLGe6OnRrBYk3DYKJN
UDUA+LyNp04rczo1pHyKkCznv2A5+Det/GULa+U6WJ81RLvsANTXqdfd+/BJ/as+
LTKywQx1MnJEDBLS4wwyytNSyP6fep4/lhaIsh75XNCUvPPhV8eRqU71LxWbNzGm
L5SNKWlfXijhF5vBOSwInyTSy3Gw9EJo1svaxM3s9LnOxKO4OQ043kGt3cgcNwBU
X+CLn6ucPikCm6nhijgrdn2yTYXnw0/VCar+Z8fyHDvPl0471mHy0O/b5q36Z3LU
H/8=
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:45:33 2025 by rpki-client