Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kHn-i2oXTmokrZ7q0pc6kZ2gVkU.roa
File: kHn-i2oXTmokrZ7q0pc6kZ2gVkU.roa (raw, json)
Hash identifier: o+jkuf6TPRDAXvUgeemah2tIu0CkvKdF1McM47POvEk=
Subject key identifier: 90:79:FE:8B:6A:17:4E:6A:24:AD:9E:EA:D2:97:3A:91:9D:A0:56:45
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C43C331C732E3D86DF006154F7B7BC008
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kHn-i2oXTmokrZ7q0pc6kZ2gVkU.roa
Signing time: Thu 07 Dec 2023 10:11:54 +0000
ROA not before: Thu 07 Dec 2023 10:11:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:43:c3:31:c7:32:e3:d8:6d:f0:06:15:4f:7b:7b:c0:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 7 10:11:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9079fe8b6a174e6a24ad9eead2973a919da05645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7b:00:3e:93:61:3c:03:80:dc:70:24:44:b9:
68:18:90:c1:a4:15:bd:8b:dd:8d:91:91:a7:3c:cb:
21:23:a4:f2:72:59:e9:7d:56:30:ab:31:4a:5b:47:
57:0c:e0:c0:21:2f:76:c8:43:96:b2:18:f3:b3:2b:
23:a4:29:71:7e:4a:f7:42:21:0a:7e:ac:dc:8f:64:
b6:71:6d:67:78:33:a9:d0:1f:82:39:3c:f0:4d:9b:
e0:7c:16:ad:d4:6c:ab:fc:c7:b6:fe:e5:d9:73:a0:
14:3d:ec:d5:ce:c5:af:0f:ce:b5:17:80:aa:9d:c5:
32:2c:83:38:e5:8d:52:6a:10:d6:2f:05:aa:57:17:
49:36:1a:58:18:1a:1e:29:b6:da:e2:18:00:d1:19:
b0:df:a0:88:1f:5c:2e:ec:03:aa:98:3b:be:af:b1:
b6:22:ed:71:0f:f5:fc:38:23:64:c6:c3:b6:31:5d:
44:6b:40:86:44:31:db:45:27:d7:a4:d0:0f:aa:ea:
cd:5f:b1:31:f0:f0:50:8d:67:fb:89:a8:3f:23:93:
3e:08:77:cc:1f:6b:70:0b:63:58:95:ff:cd:2d:16:
a2:be:21:74:be:24:2c:37:48:b3:d7:2c:cd:05:05:
97:a0:98:ec:fb:1d:3d:39:e6:41:7e:09:94:4c:0a:
6c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:79:FE:8B:6A:17:4E:6A:24:AD:9E:EA:D2:97:3A:91:9D:A0:56:45
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kHn-i2oXTmokrZ7q0pc6kZ2gVkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
bc:6c:81:86:0f:e1:50:1f:73:32:b9:1c:0c:58:d9:48:d4:48:
4d:24:e9:92:08:ef:66:d7:18:70:33:20:a5:c9:bb:f4:1e:a0:
cd:6d:cc:b3:79:b6:ea:ac:c9:f4:b1:d9:e5:2c:65:41:80:ff:
47:26:80:dc:e0:21:c7:d5:aa:82:30:08:f3:81:d0:91:1a:61:
db:30:26:64:2f:87:3f:ea:04:bd:ce:94:a7:87:e5:90:6c:6c:
27:51:5f:1d:97:56:e3:56:f5:89:be:16:8c:5b:df:cd:8d:59:
49:ac:a8:fe:b9:27:5c:b2:c4:b9:81:c0:fe:bd:48:03:c6:9e:
b9:fb:80:66:60:45:5e:db:01:22:1d:d6:1a:38:54:a8:a0:93:
40:d6:78:a5:af:8b:43:0b:2a:25:44:37:93:2d:b0:35:e3:57:
95:e9:84:22:bf:f3:8f:f7:85:e9:9d:e3:74:11:78:1b:96:20:
b0:82:6d:de:d8:5b:06:c5:70:d9:9a:9a:4f:3f:37:22:9b:59:
28:a5:f5:57:69:8e:f2:60:de:1e:18:74:8f:0a:9c:ab:45:54:
9d:ef:78:84:ea:e5:be:58:7b:be:7d:02:3d:17:65:ac:88:b6:
bb:bd:d5:2e:24:af:52:70:42:08:bd:de:cd:b2:01:c6:ce:2f:
b5:48:a6:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxDwzHHMuPYbfAGFU97e8AIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA3MTAxMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDc5ZmU4YjZhMTc0ZTZhMjRhZDllZWFkMjk3M2E5MTlkYTA1NjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXsAPpNhPAOA3HAkRLloGJDBpBW9
i92NkZGnPMshI6TyclnpfVYwqzFKW0dXDODAIS92yEOWshjzsysjpClxfkr3QiEK
fqzcj2S2cW1neDOp0B+COTzwTZvgfBat1Gyr/Me2/uXZc6AUPezVzsWvD861F4Cq
ncUyLIM45Y1SahDWLwWqVxdJNhpYGBoeKbba4hgA0Rmw36CIH1wu7AOqmDu+r7G2
Iu1xD/X8OCNkxsO2MV1Ea0CGRDHbRSfXpNAPqurNX7Ex8PBQjWf7iag/I5M+CHfM
H2twC2NYlf/NLRaiviF0viQsN0iz1yzNBQWXoJjs+x09OeZBfgmUTAps9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJB5/otqF05qJK2e6tKXOpGdoFZFMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEva0huLWkyb1hUbW9rclo3cTBwYzZrWjJnVmtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALxsgYYP4VAfczK5HAxY
2UjUSE0k6ZII72bXGHAzIKXJu/QeoM1tzLN5tuqsyfSx2eUsZUGA/0cmgNzgIcfV
qoIwCPOB0JEaYdswJmQvhz/qBL3OlKeH5ZBsbCdRXx2XVuNW9Ym+Foxb382NWUms
qP65J1yyxLmBwP69SAPGnrn7gGZgRV7bASId1ho4VKigk0DWeKWvi0MLKiVEN5Mt
sDXjV5XphCK/84/3hemd43QReBuWILCCbd7YWwbFcNmamk8/NyKbWSil9VdpjvJg
3h4YdI8KnKtFVJ3veITq5b5Ye759Aj0XZayItru91S4kr1JwQgi93s2yAcbOL7VI
pkU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:57:01 2025 by rpki-client