Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kc7LizGjxY68SRu9J1EGV_9hn_E.roa
File: kc7LizGjxY68SRu9J1EGV_9hn_E.roa (raw, json)
Hash identifier: RLtJrSWPx4tNgK2afr8HF9ZAR4OPv/C5QCJTiuT3l+Y=
Subject key identifier: 91:CE:CB:8B:31:A3:C5:8E:BC:49:1B:BD:27:51:06:57:FF:61:9F:F1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BE9DDFD2640BEA6D7EDC940C49E9BF6E5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kc7LizGjxY68SRu9J1EGV_9hn_E.roa
Signing time: Sun 19 Nov 2023 23:15:21 +0000
ROA not before: Sun 19 Nov 2023 23:15:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e9:dd:fd:26:40:be:a6:d7:ed:c9:40:c4:9e:9b:f6:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 19 23:15:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91cecb8b31a3c58ebc491bbd27510657ff619ff1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e2:57:29:bd:c5:27:0c:ae:21:8e:00:7a:26:
31:ee:7f:42:22:9d:6e:9f:b8:83:fb:98:56:b4:66:
46:69:be:31:b5:13:60:4f:a3:bc:8e:64:77:cf:10:
a3:86:84:f8:7b:69:9b:13:a4:41:ae:c7:ee:70:f0:
3b:d7:12:96:64:3b:04:92:0b:1d:3e:24:16:d0:9a:
fa:72:0c:f3:07:b5:dd:65:cd:7f:60:53:de:91:d2:
7d:1f:a5:49:51:5d:55:ce:34:00:2a:16:27:6d:e1:
da:8c:b6:9a:5b:f4:dd:0e:06:ae:6f:e3:9d:91:44:
a7:87:27:1a:ab:98:92:6c:de:59:f7:30:7c:5c:3a:
b8:1b:b9:18:6d:b9:7a:7f:a9:91:5f:eb:f6:66:4e:
d7:e9:2c:d5:1d:3d:8a:04:f9:10:ff:cf:94:9e:6d:
ca:01:05:08:88:a8:e4:54:8f:2c:8d:be:d9:0d:22:
86:bf:4d:f3:0f:0f:6b:fd:51:a3:7b:97:fe:9b:eb:
cb:bd:3d:e2:7a:16:47:d9:a1:24:e9:5f:1a:08:82:
18:f8:3c:59:00:f8:eb:63:38:ea:25:d1:a7:3c:70:
32:01:44:e4:59:8b:d4:90:3f:ad:2d:48:46:14:a7:
c8:d4:49:98:2c:70:8a:a9:e1:9a:f4:0e:39:e9:64:
96:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:CE:CB:8B:31:A3:C5:8E:BC:49:1B:BD:27:51:06:57:FF:61:9F:F1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kc7LizGjxY68SRu9J1EGV_9hn_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
cf:50:8d:a4:9b:24:b9:85:07:a1:4a:63:4e:53:f2:74:28:45:
d8:63:0d:7f:93:34:70:0d:59:28:11:0e:c7:e3:15:f3:7e:2d:
96:ca:3f:30:4b:ea:ba:d6:34:0c:16:37:17:53:dc:3b:d0:99:
9e:9a:9a:69:d5:25:0c:1c:59:f8:ce:8f:5d:d5:c4:a7:ad:a1:
3e:7d:8d:f7:61:27:75:59:a6:aa:a3:41:ca:26:fb:04:1f:b8:
78:c6:bd:90:dc:45:d5:b2:2e:10:91:ef:48:ab:a3:ff:f4:6d:
c1:dd:21:68:4d:2d:22:16:be:e1:32:13:06:08:d8:d7:72:6a:
ee:58:b6:45:84:51:55:36:4b:42:a0:d6:82:53:07:80:04:6a:
f2:45:d9:3e:d9:1d:50:b7:d1:7d:12:96:ba:bf:40:b8:04:c8:
c3:28:73:5c:04:e9:ec:b6:b7:6e:39:ef:4c:73:ba:18:1b:d5:
d6:3e:03:ef:df:30:c6:d4:83:f9:48:88:1f:b3:73:72:ea:c2:
7b:c9:f1:3c:5f:51:8a:e2:8e:d3:17:3b:e8:40:61:c6:6e:22:
26:28:14:08:6b:a6:62:2b:bf:ad:b3:ca:84:a4:5c:72:5d:6e:
68:4c:76:dd:60:e2:51:f3:79:a2:02:50:f2:2a:ef:67:d7:cd:
47:9c:ec:e2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvp3f0mQL6m1+3JQMSem/blMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE5MjMxNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWNlY2I4YjMxYTNjNThlYmM0OTFiYmQyNzUxMDY1N2ZmNjE5ZmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+JXKb3FJwyuIY4AeiYx7n9CIp1u
n7iD+5hWtGZGab4xtRNgT6O8jmR3zxCjhoT4e2mbE6RBrsfucPA71xKWZDsEkgsd
PiQW0Jr6cgzzB7XdZc1/YFPekdJ9H6VJUV1VzjQAKhYnbeHajLaaW/TdDgaub+Od
kUSnhycaq5iSbN5Z9zB8XDq4G7kYbbl6f6mRX+v2Zk7X6SzVHT2KBPkQ/8+Unm3K
AQUIiKjkVI8sjb7ZDSKGv03zDw9r/VGje5f+m+vLvT3iehZH2aEk6V8aCIIY+DxZ
APjrYzjqJdGnPHAyAUTkWYvUkD+tLUhGFKfI1EmYLHCKqeGa9A456WSWXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJHOy4sxo8WOvEkbvSdRBlf/YZ/xMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEva2M3TGl6R2p4WTY4U1J1OUoxRUdWXzlobl9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAM9QjaSbJLmFB6FKY05T
8nQoRdhjDX+TNHANWSgRDsfjFfN+LZbKPzBL6rrWNAwWNxdT3DvQmZ6ammnVJQwc
WfjOj13VxKetoT59jfdhJ3VZpqqjQcom+wQfuHjGvZDcRdWyLhCR70iro//0bcHd
IWhNLSIWvuEyEwYI2Ndyau5YtkWEUVU2S0Kg1oJTB4AEavJF2T7ZHVC30X0Slrq/
QLgEyMMoc1wE6ey2t24570xzuhgb1dY+A+/fMMbUg/lIiB+zc3LqwnvJ8TxfUYri
jtMXO+hAYcZuIiYoFAhrpmIrv62zyoSkXHJdbmhMdt1g4lHzeaICUPIq72fXzUec
7OI=
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:12:40 2025 by rpki-client