Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nKaBdhjBz9B7KPH60VWG3tCqOkk.roa
File: nKaBdhjBz9B7KPH60VWG3tCqOkk.roa (raw, json)
Hash identifier: cWJGDe7+jZMXjck5DjRPqqlfXYUi9eEPc3HK/wRhAKA=
Subject key identifier: 9C:A6:81:76:18:C1:CF:D0:7B:28:F1:FA:D1:55:86:DE:D0:AA:3A:49
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B38D63DB3C9E0AF0002E8644084C8CF8A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nKaBdhjBz9B7KPH60VWG3tCqOkk.roa
Signing time: Mon 16 Oct 2023 14:14:06 +0000
ROA not before: Mon 16 Oct 2023 14:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:38:d6:3d:b3:c9:e0:af:00:02:e8:64:40:84:c8:cf:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 16 14:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ca6817618c1cfd07b28f1fad15586ded0aa3a49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:2e:c9:73:d7:9f:60:6c:60:18:db:89:0d:0e:
fd:87:9c:5a:3a:e6:4c:32:93:75:40:ee:1b:6f:de:
01:b8:92:39:ba:fc:26:2a:24:89:1f:b2:34:aa:44:
0b:ba:78:76:1d:7f:4f:90:ed:b0:70:9b:7f:0e:fa:
1c:c3:6b:76:b6:28:72:24:34:ca:3d:76:88:89:a1:
09:75:e5:d0:81:e7:75:8b:80:ad:28:78:c1:fa:84:
68:99:a2:b3:53:0e:05:1b:95:45:8a:f3:2b:b4:5b:
8b:01:9f:de:96:ab:0b:c0:c3:7b:3c:c2:6b:83:c1:
e5:a8:cd:0f:46:c5:38:52:e5:87:0b:91:1b:cc:63:
6e:50:98:49:f9:c0:bf:e2:c2:f7:e6:ce:8d:0d:32:
6b:41:ad:ee:0e:fb:06:13:d4:0e:ab:a6:23:81:cf:
a2:32:3c:f0:5d:a4:66:89:ae:2d:7d:9e:57:28:27:
30:d9:96:86:81:0c:74:2e:0c:a6:00:e6:1e:81:af:
8c:ed:09:73:7f:3c:8e:8d:79:5b:43:62:a4:1a:3c:
89:2f:b3:87:2c:d9:e2:15:f6:8f:00:1e:78:21:04:
08:8b:68:4d:56:11:c6:74:29:fd:99:2c:4f:17:00:
fa:5b:b8:f8:ec:9a:cd:57:84:22:f1:29:f4:11:2c:
96:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A6:81:76:18:C1:CF:D0:7B:28:F1:FA:D1:55:86:DE:D0:AA:3A:49
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nKaBdhjBz9B7KPH60VWG3tCqOkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d3:67:83:9c:38:59:61:72:ac:82:b4:79:53:2c:f8:01:91:3b:
4a:5b:c2:11:84:2d:8e:fe:74:ad:9c:5a:64:00:d4:a7:4a:1d:
fc:6a:86:bb:8f:10:52:29:6d:99:7b:95:1d:84:b1:bb:2f:c9:
67:9c:a3:79:69:37:64:e8:69:7a:b5:eb:fc:7e:e1:04:ae:34:
9e:fc:07:a0:6f:15:62:48:8a:3b:30:d7:30:46:ee:68:a2:de:
3f:ff:f0:15:14:e0:c0:f8:ec:f8:26:59:22:ec:1e:12:64:c9:
04:1e:02:1e:25:7e:8d:8f:4e:f5:6a:47:93:3f:9a:6c:df:4d:
93:8b:4e:b9:bb:a4:7f:ff:8a:32:58:15:fb:4d:86:d6:da:d5:
00:9f:16:1e:ba:c5:75:38:49:d7:b0:83:5c:41:56:12:f0:6a:
7d:fc:c8:92:85:81:0b:ec:3a:08:0f:95:71:70:b0:98:9c:59:
dd:ae:ab:17:21:da:54:3a:bc:8a:05:11:ad:6a:12:79:ce:8c:
43:03:74:27:c3:66:f9:71:5a:89:fc:2c:ba:ee:ba:dd:ad:84:
7f:5a:a6:a3:86:77:15:01:09:e8:e0:09:a2:6c:45:50:92:3a:
09:bc:c0:17:e0:36:db:a2:57:4d:9f:98:fa:a2:33:e5:1f:09:
bb:59:4a:55
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYs41j2zyeCvAALoZECEyM+KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE2MTQxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2E2ODE3NjE4YzFjZmQwN2IyOGYxZmFkMTU1ODZkZWQwYWEzYTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmi7Jc9efYGxgGNuJDQ79h5xaOuZM
MpN1QO4bb94BuJI5uvwmKiSJH7I0qkQLunh2HX9PkO2wcJt/Dvocw2t2tihyJDTK
PXaIiaEJdeXQged1i4CtKHjB+oRomaKzUw4FG5VFivMrtFuLAZ/elqsLwMN7PMJr
g8HlqM0PRsU4UuWHC5EbzGNuUJhJ+cC/4sL35s6NDTJrQa3uDvsGE9QOq6Yjgc+i
MjzwXaRmia4tfZ5XKCcw2ZaGgQx0LgymAOYega+M7QlzfzyOjXlbQ2KkGjyJL7OH
LNniFfaPAB54IQQIi2hNVhHGdCn9mSxPFwD6W7j47JrNV4Qi8Sn0ESyWbwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJymgXYYwc/Qeyjx+tFVht7QqjpJMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbkthQmRoakJ6OUI3S1BINjBWV0czdENxT2trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANNng5w4WWFyrIK0eVMs
+AGRO0pbwhGELY7+dK2cWmQA1KdKHfxqhruPEFIpbZl7lR2EsbsvyWeco3lpN2To
aXq16/x+4QSuNJ78B6BvFWJIijsw1zBG7mii3j//8BUU4MD47PgmWSLsHhJkyQQe
Ah4lfo2PTvVqR5M/mmzfTZOLTrm7pH//ijJYFftNhtba1QCfFh66xXU4Sdewg1xB
VhLwan38yJKFgQvsOggPlXFwsJicWd2uqxch2lQ6vIoFEa1qEnnOjEMDdCfDZvlx
Won8LLruut2thH9apqOGdxUBCejgCaJsRVCSOgm8wBfgNtuiV02fmPqiM+UfCbtZ
SlU=
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:37:19 2025 by rpki-client