Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kkLjnS1rIrDG51XwFh0nkc7IyMA.roa
File: kkLjnS1rIrDG51XwFh0nkc7IyMA.roa (raw, json)
Hash identifier: GZ2qpnb8eHqEqmy6rcAoR/HovI7KzySaDJKeRf5MSw8=
Subject key identifier: 92:42:E3:9D:2D:6B:22:B0:C6:E7:55:F0:16:1D:27:91:CE:C8:C8:C0
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B7B8ED7AF6E1767011CD5761D0E61CC60
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kkLjnS1rIrDG51XwFh0nkc7IyMA.roa
Signing time: Sun 29 Oct 2023 13:10:40 +0000
ROA not before: Sun 29 Oct 2023 13:10:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7b:8e:d7:af:6e:17:67:01:1c:d5:76:1d:0e:61:cc:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 29 13:10:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9242e39d2d6b22b0c6e755f0161d2791cec8c8c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:3e:80:b3:98:ca:19:20:63:61:6e:8c:a2:cc:
02:db:73:63:e4:31:0c:d3:76:8d:68:6e:97:e3:21:
6b:6c:1f:f2:0b:df:93:8d:67:58:d5:fc:e7:55:a5:
24:f4:7c:6e:54:3a:43:39:ff:31:1d:2a:d7:8c:35:
24:b1:c3:63:ce:41:b0:61:2c:9b:32:7f:81:73:d6:
be:aa:af:a5:4b:c6:51:87:cd:50:df:cb:a0:43:6f:
07:60:fa:34:50:62:da:67:d7:32:94:ff:a2:78:0d:
7e:47:65:8a:5d:18:e3:1b:15:40:2f:f1:3a:5c:8b:
bc:92:1e:ca:41:db:50:2d:b8:ab:b1:83:b0:cc:44:
a3:f3:b2:1a:6e:87:84:44:9c:7e:56:2b:ba:2b:31:
e9:ff:eb:97:bc:02:c7:cf:a7:84:6d:bf:4d:95:67:
90:ef:82:70:db:e3:91:2a:21:a8:10:02:63:69:8e:
28:e0:df:6f:08:aa:b2:69:3c:74:2b:31:0a:d1:90:
44:bc:7c:17:cf:b1:a5:d7:09:c9:1e:be:5f:c6:8f:
8f:76:f8:db:50:53:63:10:21:c5:bc:92:75:96:4d:
26:34:8d:d6:8f:02:c6:fd:96:de:e1:00:3b:96:a3:
84:bd:54:8e:c0:76:46:17:65:86:41:34:63:9f:c9:
a7:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:42:E3:9D:2D:6B:22:B0:C6:E7:55:F0:16:1D:27:91:CE:C8:C8:C0
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kkLjnS1rIrDG51XwFh0nkc7IyMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a5:6b:be:d7:39:1b:f7:f2:e3:f5:6f:42:55:be:96:d3:8a:59:
02:c1:fc:4b:75:f9:e5:53:d4:7d:8e:d1:e0:5c:34:32:81:5b:
6e:b4:16:b6:c0:bb:1d:92:6a:4c:a4:f2:97:5a:a0:97:9f:80:
08:32:f1:7a:30:75:0b:25:88:f3:9f:73:72:f8:9d:69:65:18:
e9:86:ef:24:f7:02:40:99:2a:be:1d:70:44:5f:22:83:b8:42:
19:e5:a2:1c:78:c5:1f:81:b4:38:c1:a3:0b:82:c0:0f:c6:95:
0c:7a:92:24:cc:99:ab:4c:27:2e:8d:be:74:69:cf:fe:81:ae:
80:44:e6:a0:f0:2f:dc:6e:d9:08:10:d4:04:3e:4c:43:77:74:
d0:98:6f:36:50:d9:54:65:2b:61:9b:11:fc:b2:64:be:f5:6c:
9a:8a:f4:63:6c:32:f1:62:45:f8:23:f0:69:b3:06:95:97:35:
8d:d9:52:51:95:58:3d:b8:c3:78:17:52:3c:c7:aa:1c:5f:85:
aa:6b:9a:4f:83:d8:57:72:9c:bc:20:4f:44:de:71:2d:10:84:
96:90:1c:10:cf:c3:27:14:7c:06:53:36:af:ad:92:d1:88:51:
24:2a:52:1e:8a:f5:58:76:ac:4a:a4:a9:21:16:43:c9:03:11:
36:33:2a:d7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYt7jtevbhdnARzVdh0OYcxgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI5MTMxMDQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjQyZTM5ZDJkNmIyMmIwYzZlNzU1ZjAxNjFkMjc5MWNlYzhjOGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgj6As5jKGSBjYW6MoswC23Nj5DEM
03aNaG6X4yFrbB/yC9+TjWdY1fznVaUk9HxuVDpDOf8xHSrXjDUkscNjzkGwYSyb
Mn+Bc9a+qq+lS8ZRh81Q38ugQ28HYPo0UGLaZ9cylP+ieA1+R2WKXRjjGxVAL/E6
XIu8kh7KQdtQLbirsYOwzESj87IaboeERJx+Viu6KzHp/+uXvALHz6eEbb9NlWeQ
74Jw2+ORKiGoEAJjaY4o4N9vCKqyaTx0KzEK0ZBEvHwXz7Gl1wnJHr5fxo+Pdvjb
UFNjECHFvJJ1lk0mNI3WjwLG/Zbe4QA7lqOEvVSOwHZGF2WGQTRjn8mnRwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJJC450tayKwxudV8BYdJ5HOyMjAMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEva2tMam5TMXJJckRHNTFYd0ZoMG5rYzdJeU1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKVrvtc5G/fy4/VvQlW+
ltOKWQLB/Et1+eVT1H2O0eBcNDKBW260FrbAux2Sakyk8pdaoJefgAgy8XowdQsl
iPOfc3L4nWllGOmG7yT3AkCZKr4dcERfIoO4Qhnlohx4xR+BtDjBowuCwA/GlQx6
kiTMmatMJy6NvnRpz/6BroBE5qDwL9xu2QgQ1AQ+TEN3dNCYbzZQ2VRlK2GbEfyy
ZL71bJqK9GNsMvFiRfgj8GmzBpWXNY3ZUlGVWD24w3gXUjzHqhxfhaprmk+D2Fdy
nLwgT0TecS0QhJaQHBDPwycUfAZTNq+tktGIUSQqUh6K9Vh2rEqkqSEWQ8kDETYz
Ktc=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:23:26 2025 by rpki-client