Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kdtLfbopVFn5Oo1xOQxsSZgOfj4.roa
File: kdtLfbopVFn5Oo1xOQxsSZgOfj4.roa (raw, json)
Hash identifier: DgA2a7DIVR+OHloiu/Nh/c9+rcvPLRWYN6ig2InmcYA=
Subject key identifier: 91:DB:4B:7D:BA:29:54:59:F9:3A:8D:71:39:0C:6C:49:98:0E:7E:3E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C137EBA75BBFE4AA45AC13D8696F60E4B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kdtLfbopVFn5Oo1xOQxsSZgOfj4.roa
Signing time: Tue 28 Nov 2023 01:15:21 +0000
ROA not before: Tue 28 Nov 2023 01:15:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:13:7e:ba:75:bb:fe:4a:a4:5a:c1:3d:86:96:f6:0e:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 28 01:15:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91db4b7dba295459f93a8d71390c6c49980e7e3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:f0:57:35:4c:f5:32:9b:71:b6:c7:ac:77:70:
17:b9:23:4d:1e:05:ed:2b:8e:29:2d:5a:13:39:6f:
09:b9:1d:af:a5:cd:85:d1:26:4e:a7:27:b8:bf:9c:
a5:6f:25:f2:1f:18:4c:c4:42:cc:56:40:cc:f3:73:
36:13:73:18:71:ed:5a:ab:97:ec:0a:73:48:b6:3c:
f1:1c:10:bb:06:2a:de:3d:6e:d7:03:5b:c3:6b:56:
02:63:55:89:b0:f4:2f:0b:f1:63:fb:91:6b:df:09:
6f:d7:ac:61:37:cd:03:6b:1c:6f:8d:3d:76:e4:b2:
aa:f1:e2:3e:36:f6:ee:a7:59:ac:89:98:83:dc:5d:
71:17:78:3a:4a:31:4a:37:81:59:f4:69:f8:e6:c0:
89:e1:ce:93:81:b1:4d:ca:ca:df:b3:12:0c:5e:5c:
a9:87:54:9a:e0:68:f6:a2:87:08:e6:16:2c:c7:01:
9b:a6:82:17:f6:c2:2c:b9:bf:bc:a4:56:7c:c3:09:
c6:fa:fb:86:bd:8b:39:d4:0c:8e:b2:a0:2d:48:07:
e4:92:22:9b:1a:f4:88:03:63:74:2c:04:76:a6:68:
ac:b9:19:cf:0a:f3:61:60:ed:e6:94:b2:8f:c6:0d:
7d:76:cd:c1:c9:3f:04:3e:3c:b1:78:11:7d:6c:f2:
ca:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:DB:4B:7D:BA:29:54:59:F9:3A:8D:71:39:0C:6C:49:98:0E:7E:3E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kdtLfbopVFn5Oo1xOQxsSZgOfj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
00:53:f7:29:47:5e:1b:4e:e7:12:e8:d6:cf:9a:bf:19:0b:a5:
76:77:00:d2:db:c1:64:36:b8:0f:41:74:25:fe:7c:6b:7c:64:
50:e7:ae:09:44:f1:03:28:8a:d6:79:61:98:5b:25:be:3d:d0:
da:3b:45:16:9a:93:18:6c:8d:27:9c:7f:6b:a7:59:26:ce:9b:
a4:1c:ab:1c:20:41:6d:1a:8f:39:33:41:f4:9f:9c:10:89:a2:
f3:f6:0f:de:c8:d2:39:33:86:80:2b:59:bb:00:70:f8:17:20:
76:e0:5d:af:b2:78:a8:92:81:85:48:3b:02:ed:61:6d:fb:70:
52:f8:f4:25:84:bd:e5:5b:e7:41:85:c0:6d:0e:36:1a:40:3e:
6d:98:c0:7e:5b:ee:7c:8b:aa:04:f2:d8:60:af:09:6b:df:db:
3b:25:ce:a7:bf:82:fd:2a:2a:0e:4e:0d:ba:fb:ab:aa:3e:3c:
59:aa:b5:8f:6d:2d:b3:9d:ab:02:53:ef:e1:f2:19:ac:38:e5:
4b:a8:d0:0e:6c:15:36:6f:bd:97:0c:4d:70:d9:0b:f6:15:d5:
d4:65:42:51:6a:ae:83:64:a0:68:0c:8a:a5:10:d3:4c:a9:a0:
81:08:b6:00:b0:61:3c:6f:39:36:cf:ad:7c:3b:0d:2a:bb:f4:
a3:36:ec:3a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwTfrp1u/5KpFrBPYaW9g5LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI4MDExNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWRiNGI3ZGJhMjk1NDU5ZjkzYThkNzEzOTBjNmM0OTk4MGU3ZTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2vBXNUz1Mptxtsesd3AXuSNNHgXt
K44pLVoTOW8JuR2vpc2F0SZOpye4v5ylbyXyHxhMxELMVkDM83M2E3MYce1aq5fs
CnNItjzxHBC7BirePW7XA1vDa1YCY1WJsPQvC/Fj+5Fr3wlv16xhN80DaxxvjT12
5LKq8eI+Nvbup1msiZiD3F1xF3g6SjFKN4FZ9Gn45sCJ4c6TgbFNysrfsxIMXlyp
h1Sa4Gj2oocI5hYsxwGbpoIX9sIsub+8pFZ8wwnG+vuGvYs51AyOsqAtSAfkkiKb
GvSIA2N0LAR2pmisuRnPCvNhYO3mlLKPxg19ds3ByT8EPjyxeBF9bPLKTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJHbS326KVRZ+TqNcTkMbEmYDn4+MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEva2R0TGZib3BWRm41T28xeE9ReHNTWmdPZmo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAABT9ylHXhtO5xLo1s+a
vxkLpXZ3ANLbwWQ2uA9BdCX+fGt8ZFDnrglE8QMoitZ5YZhbJb490No7RRaakxhs
jSecf2unWSbOm6QcqxwgQW0ajzkzQfSfnBCJovP2D97I0jkzhoArWbsAcPgXIHbg
Xa+yeKiSgYVIOwLtYW37cFL49CWEveVb50GFwG0ONhpAPm2YwH5b7nyLqgTy2GCv
CWvf2zslzqe/gv0qKg5ODbr7q6o+PFmqtY9tLbOdqwJT7+HyGaw45Uuo0A5sFTZv
vZcMTXDZC/YV1dRlQlFqroNkoGgMiqUQ00ypoIEItgCwYTxvOTbPrXw7DSq79KM2
7Do=
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:30:41 2025 by rpki-client