Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kpdWHwnHjtNGByqPpSq_aphz26s.roa
File: kpdWHwnHjtNGByqPpSq_aphz26s.roa (raw, json)
Hash identifier: tpFCskYqJrNENEIa5wL62ygFegcstC0qt0TO4E1QP2s=
Subject key identifier: 92:97:56:1F:09:C7:8E:D3:46:07:2A:8F:A5:2A:BF:6A:98:73:DB:AB
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BD2AC6DB2FB1AA9C47EBCA8433C826BC0
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kpdWHwnHjtNGByqPpSq_aphz26s.roa
Signing time: Wed 15 Nov 2023 11:09:57 +0000
ROA not before: Wed 15 Nov 2023 11:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d2:ac:6d:b2:fb:1a:a9:c4:7e:bc:a8:43:3c:82:6b:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 15 11:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9297561f09c78ed346072a8fa52abf6a9873dbab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:08:c3:59:2e:12:53:48:52:8d:0f:74:08:7f:
96:27:e4:5d:c3:13:80:b4:65:d0:f4:82:2b:8d:2f:
64:10:e5:2c:bb:7f:88:1e:72:0f:28:32:82:0e:7c:
f7:9b:6a:9a:47:97:da:7c:69:4a:58:d1:6f:51:2b:
04:e0:7e:2a:3c:70:c7:17:89:14:ce:ef:db:45:b1:
52:d8:d8:b1:87:94:dd:7a:b0:e9:19:5c:22:30:e5:
37:ec:92:75:88:16:05:82:4c:ff:37:8e:e9:3d:04:
10:70:a1:fc:51:0d:80:8e:7b:06:fb:aa:fe:35:0d:
7f:ea:0f:cb:81:b0:0b:06:61:af:f5:a8:33:ca:77:
c4:de:a6:86:9e:14:96:bc:0b:da:5f:2b:cf:39:f9:
98:95:42:96:5b:b1:1b:3a:89:ad:f1:21:29:16:85:
e6:6f:6e:d4:03:20:99:1e:ef:f4:82:c2:47:8c:76:
b4:d4:c5:52:ea:0e:f7:75:8d:5d:f3:26:1c:78:5a:
90:4c:16:4a:c6:6b:cd:84:c1:44:c7:28:82:31:d0:
ed:c8:67:27:d4:09:4a:02:40:5a:44:50:e7:1e:40:
8e:49:97:ee:08:87:7c:32:f6:f6:80:f9:e0:91:85:
6f:60:51:b2:38:15:25:fe:0b:76:6e:a2:6d:de:3e:
d8:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:97:56:1F:09:C7:8E:D3:46:07:2A:8F:A5:2A:BF:6A:98:73:DB:AB
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kpdWHwnHjtNGByqPpSq_aphz26s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
16:d9:51:23:c1:f8:cb:c6:7a:61:44:28:dd:d0:bc:69:2a:d9:
85:b5:86:7f:21:36:4f:ac:a3:7e:b4:04:d6:19:34:07:f1:b5:
d6:3a:84:79:eb:30:0a:a8:4c:a1:6a:28:ad:7e:2c:93:b9:0b:
9e:68:3e:56:ff:71:7f:fd:88:cd:7c:bb:a2:b6:92:cc:44:fc:
d7:02:09:e3:88:e3:96:ae:f2:fd:0f:c9:3f:8a:6e:7a:69:47:
59:ee:96:6e:07:df:c2:99:09:f4:69:24:57:67:bd:18:82:74:
de:41:3f:0c:46:78:5f:29:c6:3e:29:4f:e2:8c:af:9d:e2:b6:
bb:02:2a:92:68:42:ae:cb:71:37:5e:2a:15:7d:4e:98:a1:50:
df:b1:26:60:b7:8b:2b:8e:54:92:c7:d5:41:86:81:e9:51:fb:
8a:75:b3:0e:e9:42:35:e3:26:2f:f4:d5:24:a8:0c:6f:29:49:
cc:36:bf:8b:5b:3a:57:b2:c5:c3:77:77:88:5d:e2:f5:70:76:
a3:54:d5:3a:ec:e3:e0:4f:7a:66:14:99:cf:c6:26:ba:e4:7d:
2c:49:43:d2:73:18:e9:d3:97:00:0b:aa:59:0f:21:60:d7:71:
00:05:15:9f:a0:40:3b:ea:1f:9c:18:8e:a9:a6:15:b0:27:1e:
b0:b7:df:f8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvSrG2y+xqpxH68qEM8gmvAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE1MTEwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mjk3NTYxZjA5Yzc4ZWQzNDYwNzJhOGZhNTJhYmY2YTk4NzNkYmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugjDWS4SU0hSjQ90CH+WJ+RdwxOA
tGXQ9IIrjS9kEOUsu3+IHnIPKDKCDnz3m2qaR5fafGlKWNFvUSsE4H4qPHDHF4kU
zu/bRbFS2Nixh5TderDpGVwiMOU37JJ1iBYFgkz/N47pPQQQcKH8UQ2AjnsG+6r+
NQ1/6g/LgbALBmGv9agzynfE3qaGnhSWvAvaXyvPOfmYlUKWW7EbOomt8SEpFoXm
b27UAyCZHu/0gsJHjHa01MVS6g73dY1d8yYceFqQTBZKxmvNhMFExyiCMdDtyGcn
1AlKAkBaRFDnHkCOSZfuCId8Mvb2gPngkYVvYFGyOBUl/gt2bqJt3j7YvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJKXVh8Jx47TRgcqj6Uqv2qYc9urMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEva3BkV0h3bkhqdE5HQnlxUHBTcV9hcGh6MjZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABbZUSPB+MvGemFEKN3Q
vGkq2YW1hn8hNk+so360BNYZNAfxtdY6hHnrMAqoTKFqKK1+LJO5C55oPlb/cX/9
iM18u6K2ksxE/NcCCeOI45au8v0PyT+KbnppR1nulm4H38KZCfRpJFdnvRiCdN5B
PwxGeF8pxj4pT+KMr53itrsCKpJoQq7LcTdeKhV9TpihUN+xJmC3iyuOVJLH1UGG
gelR+4p1sw7pQjXjJi/01SSoDG8pScw2v4tbOleyxcN3d4hd4vVwdqNU1Trs4+BP
emYUmc/GJrrkfSxJQ9JzGOnTlwALqlkPIWDXcQAFFZ+gQDvqH5wYjqmmFbAnHrC3
3/g=
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:08:42 2025 by rpki-client