Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kS-sWOKRLjhA3HRl18NoVWoxYso.roa
File: kS-sWOKRLjhA3HRl18NoVWoxYso.roa (raw, json)
Hash identifier: yWeLrYvWKPLcpdojYQ8rOL/QzqUzmmMdddzSOHjjG50=
Subject key identifier: 91:2F:AC:58:E2:91:2E:38:40:DC:74:65:D7:C3:68:55:6A:31:62:CA
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BA7F951D5F9057DC47C6EF79AE14FB270
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kS-sWOKRLjhA3HRl18NoVWoxYso.roa
Signing time: Tue 07 Nov 2023 04:10:16 +0000
ROA not before: Tue 07 Nov 2023 04:10:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a7:f9:51:d5:f9:05:7d:c4:7c:6e:f7:9a:e1:4f:b2:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 7 04:10:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=912fac58e2912e3840dc7465d7c368556a3162ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:54:82:47:55:10:e4:04:38:05:1e:f4:57:de:
6d:8d:0e:be:b2:63:b4:29:13:9f:01:f8:d6:a3:cb:
cf:00:52:5b:c3:83:30:64:09:18:88:d5:4f:d0:5e:
47:c5:70:f4:28:a7:74:98:12:76:92:14:fa:c7:7f:
fb:d1:71:94:60:bb:0a:dc:75:fa:9f:60:2a:a8:5b:
ae:f3:4f:da:e3:75:e9:0b:0d:2a:91:40:43:ea:90:
de:97:e3:aa:83:fc:a3:f5:f9:6f:cd:97:eb:e0:43:
bb:65:fd:b0:0a:d4:a6:be:a5:ae:5f:71:f9:d4:5f:
f0:55:d3:1f:fd:94:ef:fb:2c:f0:f9:66:4a:06:15:
fa:ed:17:cc:ed:f2:fc:e7:9d:0d:0d:4e:a8:03:d5:
9d:b6:64:ee:db:85:3b:1b:56:f6:64:7d:d2:62:f8:
a2:18:c9:b0:c3:3c:b2:aa:6b:07:79:8d:34:e1:46:
21:d7:69:f1:9d:64:1c:74:3f:2a:40:a5:e9:66:21:
af:d1:37:94:c4:a7:93:3c:06:a8:6d:86:9a:60:d2:
46:48:a6:0e:0c:6f:93:ec:08:9f:d5:fd:1a:a6:36:
35:20:7d:1e:58:63:1d:7a:ba:ca:bb:6f:64:3e:fd:
ef:1d:7e:2d:1d:9c:63:32:0d:aa:f5:a8:80:45:d7:
e9:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:2F:AC:58:E2:91:2E:38:40:DC:74:65:D7:C3:68:55:6A:31:62:CA
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kS-sWOKRLjhA3HRl18NoVWoxYso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
43:bc:ef:f4:d5:ed:ca:72:09:19:27:c9:39:fc:53:b3:e2:ae:
db:36:ba:ea:4d:3f:2d:f3:2c:37:2c:76:10:b2:85:9a:b1:42:
07:a8:0d:7e:18:04:a6:57:f1:ab:51:e6:df:a2:21:0d:8c:d0:
af:71:75:e0:6e:9a:29:13:ba:91:60:14:d4:a7:61:8b:80:64:
e9:e5:c5:01:bb:68:06:84:53:71:4d:37:4d:1d:8c:a0:c7:af:
d3:e9:d0:c5:cc:14:2e:f2:62:08:d2:be:f2:0a:36:5c:b7:3a:
02:8c:3a:2c:3c:2c:d9:6a:e2:af:6d:2d:74:11:f5:c9:de:02:
9e:85:aa:cd:d8:8b:fb:6d:a7:d1:27:f4:e2:53:e1:ea:03:69:
6b:19:4d:b8:a9:c5:56:ae:73:09:ef:f0:ad:41:17:42:1d:6f:
e4:13:0c:cc:86:ea:b2:c5:8f:3f:51:3b:da:1f:e6:28:c5:d9:
34:08:a5:4b:b1:83:79:50:d8:f8:63:01:37:2d:a7:05:fe:fa:
75:f4:31:51:5f:0b:09:ba:73:ba:36:99:ed:79:69:45:c2:a6:
f4:5d:99:ee:64:d1:2e:24:02:b3:5c:89:bb:b6:c0:a1:4e:b9:
84:b6:70:3d:88:9d:cb:ef:12:97:94:cc:f9:2e:35:6f:30:95:
f3:a0:f0:c5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYun+VHV+QV9xHxu95rhT7JwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA3MDQxMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTJmYWM1OGUyOTEyZTM4NDBkYzc0NjVkN2MzNjg1NTZhMzE2MmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVSCR1UQ5AQ4BR70V95tjQ6+smO0
KROfAfjWo8vPAFJbw4MwZAkYiNVP0F5HxXD0KKd0mBJ2khT6x3/70XGUYLsK3HX6
n2AqqFuu80/a43XpCw0qkUBD6pDel+Oqg/yj9flvzZfr4EO7Zf2wCtSmvqWuX3H5
1F/wVdMf/ZTv+yzw+WZKBhX67RfM7fL8550NDU6oA9WdtmTu24U7G1b2ZH3SYvii
GMmwwzyyqmsHeY004UYh12nxnWQcdD8qQKXpZiGv0TeUxKeTPAaobYaaYNJGSKYO
DG+T7Aif1f0apjY1IH0eWGMderrKu29kPv3vHX4tHZxjMg2q9aiARdfpowIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJEvrFjikS44QNx0ZdfDaFVqMWLKMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEva1Mtc1dPS1JMamhBM0hSbDE4Tm9WV294WXNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEO87/TV7cpyCRknyTn8
U7Pirts2uupNPy3zLDcsdhCyhZqxQgeoDX4YBKZX8atR5t+iIQ2M0K9xdeBumikT
upFgFNSnYYuAZOnlxQG7aAaEU3FNN00djKDHr9Pp0MXMFC7yYgjSvvIKNly3OgKM
Oiw8LNlq4q9tLXQR9cneAp6Fqs3Yi/ttp9En9OJT4eoDaWsZTbipxVaucwnv8K1B
F0Idb+QTDMyG6rLFjz9RO9of5ijF2TQIpUuxg3lQ2PhjATctpwX++nX0MVFfCwm6
c7o2me15aUXCpvRdme5k0S4kArNcibu2wKFOuYS2cD2IncvvEpeUzPkuNW8wlfOg
8MU=
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:11:35 2025 by rpki-client