Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KN0TDbbxXa5kTkPLQfDBYXasX4Y.roa
File: KN0TDbbxXa5kTkPLQfDBYXasX4Y.roa (raw, json)
Hash identifier: NU2ZeDVK/HDuWaqgHpzYouWr1slE8QYxRy0T9ost4Co=
Subject key identifier: 28:DD:13:0D:B6:F1:5D:AE:64:4E:43:CB:41:F0:C1:61:76:AC:5F:86
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A6FC71B935054D043B2E85CAC1364CB73
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KN0TDbbxXa5kTkPLQfDBYXasX4Y.roa
Signing time: Thu 07 Sep 2023 13:13:54 +0000
ROA not before: Thu 07 Sep 2023 13:13:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6f:c7:1b:93:50:54:d0:43:b2:e8:5c:ac:13:64:cb:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 7 13:13:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28dd130db6f15dae644e43cb41f0c16176ac5f86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:1c:ff:33:8b:e7:64:1a:d0:c2:85:32:95:e7:
66:a7:66:12:c6:ce:e4:b7:8e:1e:e5:54:bf:c5:ed:
9d:63:74:5d:5e:98:e9:79:31:4a:e4:42:20:7b:99:
ae:32:42:32:65:35:11:f8:74:e5:39:6b:a7:a8:70:
6b:29:ff:21:0a:10:f8:3c:b3:9d:a0:c1:32:d6:17:
53:75:8f:e4:74:31:bd:91:cf:2e:56:37:b7:33:57:
98:91:63:1f:63:2d:65:44:13:3e:4e:97:9a:73:26:
36:ab:62:cf:00:74:fa:bd:65:ab:6c:29:8b:15:56:
7e:c9:99:92:07:85:e6:72:c6:a4:f0:4b:2b:d9:7c:
91:ad:c5:9e:84:fe:d5:c8:c8:55:57:91:d1:99:61:
e0:89:5f:5f:37:27:03:a0:25:c9:f9:a0:a6:39:76:
0a:70:78:9b:0b:59:b6:a9:f0:d3:c0:c3:52:12:b6:
a4:c4:d7:54:93:4a:be:41:d4:fc:6f:03:44:2a:06:
38:fd:79:1b:ea:21:43:50:d9:17:d6:b1:bb:da:33:
cf:80:5e:1d:01:ba:fc:f8:6a:3d:17:c7:6b:1e:97:
55:f4:2a:44:b3:26:e5:90:89:04:bf:bb:89:36:4c:
2f:9d:b1:08:e7:52:2f:6a:45:c8:96:20:ea:c1:85:
63:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:DD:13:0D:B6:F1:5D:AE:64:4E:43:CB:41:F0:C1:61:76:AC:5F:86
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KN0TDbbxXa5kTkPLQfDBYXasX4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8b:b1:76:df:8b:30:51:d2:a0:f5:de:68:20:10:90:03:b4:4b:
bf:b0:b8:bf:82:2c:22:76:5c:76:1f:13:6d:5e:37:0b:8b:58:
d9:f8:90:56:a2:38:b6:b7:41:36:60:17:5f:9a:1b:41:0d:84:
67:b5:54:42:6e:0a:1b:82:f3:69:56:9f:b2:2a:d3:9e:5a:52:
2b:3c:1d:e0:cf:26:5a:6b:93:ef:ae:49:94:78:ce:4a:b0:13:
68:32:d5:9d:51:22:e8:45:32:b1:0f:ea:b6:dc:27:6d:ba:1a:
5c:7e:d7:d8:ee:f0:43:eb:19:47:11:b1:7b:c2:a2:97:5f:fd:
05:2e:10:7e:a5:ac:f4:63:01:5c:a7:9e:bd:fd:18:8a:5d:5c:
af:50:c1:d6:af:5b:91:96:33:65:24:ca:68:cd:01:6c:9a:75:
0c:d0:ba:bf:b6:f4:44:1c:1b:5b:30:93:12:9a:35:ae:97:b2:
e5:25:55:59:d6:f2:a1:34:fd:36:ba:83:4e:b6:30:3a:11:9c:
22:1b:f2:0b:3d:7f:dc:b4:94:af:ee:12:45:40:fe:e6:38:7e:
6a:fd:ba:80:bd:c5:4e:18:83:76:4c:10:9d:bc:fd:c3:c2:e6:
99:08:12:31:27:e7:65:70:52:32:3f:6a:6f:1d:9d:65:be:8a:
d5:27:3e:ba
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpvxxuTUFTQQ7LoXKwTZMtzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA3MTMxMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGRkMTMwZGI2ZjE1ZGFlNjQ0ZTQzY2I0MWYwYzE2MTc2YWM1Zjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghz/M4vnZBrQwoUyledmp2YSxs7k
t44e5VS/xe2dY3RdXpjpeTFK5EIge5muMkIyZTUR+HTlOWunqHBrKf8hChD4PLOd
oMEy1hdTdY/kdDG9kc8uVje3M1eYkWMfYy1lRBM+TpeacyY2q2LPAHT6vWWrbCmL
FVZ+yZmSB4Xmcsak8Esr2XyRrcWehP7VyMhVV5HRmWHgiV9fNycDoCXJ+aCmOXYK
cHibC1m2qfDTwMNSErakxNdUk0q+QdT8bwNEKgY4/Xkb6iFDUNkX1rG72jPPgF4d
Abr8+Go9F8drHpdV9CpEsyblkIkEv7uJNkwvnbEI51IvakXIliDqwYVjpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCjdEw228V2uZE5Dy0HwwWF2rF+GMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvS04wVERiYnhYYTVrVGtQTFFmREJZWGFzWDRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIuxdt+LMFHSoPXeaCAQ
kAO0S7+wuL+CLCJ2XHYfE21eNwuLWNn4kFaiOLa3QTZgF1+aG0ENhGe1VEJuChuC
82lWn7Iq055aUis8HeDPJlprk++uSZR4zkqwE2gy1Z1RIuhFMrEP6rbcJ226Glx+
19ju8EPrGUcRsXvCopdf/QUuEH6lrPRjAVynnr39GIpdXK9QwdavW5GWM2UkymjN
AWyadQzQur+29EQcG1swkxKaNa6XsuUlVVnW8qE0/Ta6g062MDoRnCIb8gs9f9y0
lK/uEkVA/uY4fmr9uoC9xU4Yg3ZMEJ28/cPC5pkIEjEn52VwUjI/am8dnWW+itUn
Pro=
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:09:04 2025 by rpki-client