Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kMkCfjwotHOXd07NFwMET-h_jFM.roa
File: kMkCfjwotHOXd07NFwMET-h_jFM.roa (raw, json)
Hash identifier: /yP8Sr0LnzFrDVo9wYxVKDAv5OGX0j/I1SA6ZrPRdT8=
Subject key identifier: 90:C9:02:7E:3C:28:B4:73:97:77:4E:CD:17:03:04:4F:E8:7F:8C:53
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BE09F5A4608F10D2ACBC945B4D062CEE0
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kMkCfjwotHOXd07NFwMET-h_jFM.roa
Signing time: Sat 18 Nov 2023 04:10:21 +0000
ROA not before: Sat 18 Nov 2023 04:10:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e0:9f:5a:46:08:f1:0d:2a:cb:c9:45:b4:d0:62:ce:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 18 04:10:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90c9027e3c28b47397774ecd1703044fe87f8c53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:12:a1:71:57:18:dc:c4:8b:35:ba:9a:c9:3c:
cd:87:f2:0c:6d:bb:43:fc:36:43:6d:cf:5b:f4:bb:
dd:ea:3c:c1:65:df:02:a5:db:b6:6f:fc:c2:f6:81:
e4:04:cd:76:a7:a3:cf:62:ba:24:91:43:5d:3b:63:
df:90:61:a5:63:b7:29:cd:99:cb:20:88:9b:f1:db:
05:18:59:27:ef:e8:9a:24:9a:35:35:8d:48:4a:eb:
e2:84:72:88:39:47:fc:94:a6:47:c9:73:6d:be:dc:
76:f7:f7:08:25:97:a4:a6:26:dd:74:41:b3:d4:45:
c9:71:d6:2c:76:20:68:9e:66:3a:97:2b:85:fe:cd:
1c:4d:36:08:7d:d3:f4:1e:26:8a:3f:a5:ce:61:46:
28:b5:55:80:60:54:e8:13:a2:db:1d:ca:d6:a9:92:
a6:5e:0a:52:24:d2:d7:41:e1:e7:87:d7:b8:99:82:
3d:ba:07:eb:db:6e:a5:49:ca:b8:ad:cc:41:69:37:
e8:5e:33:f3:b6:e6:51:b3:4f:85:0e:6a:e9:fb:4e:
4d:9d:64:f4:58:c7:f0:62:50:f8:e0:0c:2e:2a:2e:
da:7b:05:88:76:3d:59:6c:34:e9:5e:fe:d7:77:7d:
e3:b2:8c:c3:cd:db:62:90:84:b7:7d:75:7a:bd:65:
22:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:C9:02:7E:3C:28:B4:73:97:77:4E:CD:17:03:04:4F:E8:7F:8C:53
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kMkCfjwotHOXd07NFwMET-h_jFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
be:c3:5e:11:18:db:c8:e3:9d:44:49:42:23:24:55:81:c5:c2:
39:e6:93:11:bd:12:58:a7:8d:32:c3:c0:f0:1b:f6:16:a8:23:
81:e0:3f:16:83:92:52:0f:b9:30:2c:58:f9:05:e1:fb:5a:f6:
e6:60:12:af:1b:11:5a:52:c7:8c:59:db:92:1b:02:85:96:18:
ae:c0:ac:3e:7e:92:13:ba:17:84:57:45:67:94:85:dd:5c:3a:
fa:09:04:a4:10:62:0f:b2:fb:10:bd:7d:fe:90:f1:0b:e0:be:
8d:52:12:2e:f6:de:aa:1a:c2:12:e9:fa:7e:be:c0:fb:fc:24:
7a:23:fa:6b:33:e9:85:a1:45:e8:8d:6c:ea:a5:28:e5:34:de:
f1:d8:cf:be:30:17:6f:df:35:3b:11:0e:4e:f3:a8:b5:ed:29:
6f:82:74:aa:ea:19:f3:ed:37:80:ca:f1:8d:c0:08:c0:c8:b7:
01:84:4f:6a:5a:c9:0b:b0:de:8f:fc:87:4f:9c:71:fc:19:1d:
0e:bf:09:f2:d7:1d:0b:07:a8:e6:2a:6b:db:bc:a7:73:ed:4d:
47:6d:80:0e:06:7d:1f:69:89:4b:33:b8:db:e9:ce:6f:05:e7:
61:13:8d:ba:fb:a5:11:a9:fd:1b:cc:de:19:2a:72:35:1e:b2:
b7:73:02:6d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvgn1pGCPENKsvJRbTQYs7gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE4MDQxMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGM5MDI3ZTNjMjhiNDczOTc3NzRlY2QxNzAzMDQ0ZmU4N2Y4YzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBKhcVcY3MSLNbqayTzNh/IMbbtD
/DZDbc9b9Lvd6jzBZd8Cpdu2b/zC9oHkBM12p6PPYrokkUNdO2PfkGGlY7cpzZnL
IIib8dsFGFkn7+iaJJo1NY1ISuvihHKIOUf8lKZHyXNtvtx29/cIJZekpibddEGz
1EXJcdYsdiBonmY6lyuF/s0cTTYIfdP0HiaKP6XOYUYotVWAYFToE6LbHcrWqZKm
XgpSJNLXQeHnh9e4mYI9ugfr226lScq4rcxBaTfoXjPztuZRs0+FDmrp+05NnWT0
WMfwYlD44AwuKi7aewWIdj1ZbDTpXv7Xd33jsozDzdtikIS3fXV6vWUi8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJDJAn48KLRzl3dOzRcDBE/of4xTMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEva01rQ2Zqd290SE9YZDA3TkZ3TUVULWhfakZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAL7DXhEY28jjnURJQiMk
VYHFwjnmkxG9ElinjTLDwPAb9haoI4HgPxaDklIPuTAsWPkF4fta9uZgEq8bEVpS
x4xZ25IbAoWWGK7ArD5+khO6F4RXRWeUhd1cOvoJBKQQYg+y+xC9ff6Q8Qvgvo1S
Ei723qoawhLp+n6+wPv8JHoj+msz6YWhReiNbOqlKOU03vHYz74wF2/fNTsRDk7z
qLXtKW+CdKrqGfPtN4DK8Y3ACMDItwGET2payQuw3o/8h0+ccfwZHQ6/CfLXHQsH
qOYqa9u8p3PtTUdtgA4GfR9piUszuNvpzm8F52ETjbr7pRGp/RvM3hkqcjUesrdz
Am0=
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:40:31 2025 by rpki-client