Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KaLx8Y5i_gk7txJsmTe9SjyYnlg.roa
File: KaLx8Y5i_gk7txJsmTe9SjyYnlg.roa (raw, json)
Hash identifier: AB0SJDeINqclmVZ/ec1lk0PSwpRGjX2G9MQfknp8bYk=
Subject key identifier: 29:A2:F1:F1:8E:62:FE:09:3B:B7:12:6C:99:37:BD:4A:3C:98:9E:58
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AA2999A9528052D6B236237F9C8290597
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KaLx8Y5i_gk7txJsmTe9SjyYnlg.roa
Signing time: Sun 17 Sep 2023 10:04:50 +0000
ROA not before: Sun 17 Sep 2023 10:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:a299:5dcd/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a2:99:9a:95:28:05:2d:6b:23:62:37:f9:c8:29:05:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 17 10:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29a2f1f18e62fe093bb7126c9937bd4a3c989e58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:78:3e:6f:6a:38:f8:a0:bb:9a:8c:e5:76:3b:
eb:3d:d3:c6:e4:aa:b0:e2:5b:94:db:27:be:66:30:
98:57:a4:89:7c:22:87:ed:c4:34:f5:f9:05:c8:74:
a3:8e:97:6b:0e:ea:1f:6e:60:97:19:70:65:e7:fb:
2b:50:ed:1b:02:1d:59:cb:26:86:1d:3a:48:91:ca:
cf:e2:79:59:d5:09:9b:44:4c:b9:a4:14:bd:55:b2:
72:40:8f:35:ab:04:72:fe:83:37:26:10:16:35:14:
5d:9f:c8:0d:90:10:af:9c:80:10:a0:3e:ba:6f:0b:
bd:30:5c:9c:91:45:dc:a2:e0:8c:a5:88:46:d2:72:
76:4d:e5:0c:a5:2c:93:32:e2:11:bb:c4:2d:b8:d1:
64:0d:6f:57:f9:67:6c:28:6b:5c:40:67:6b:2a:26:
e2:9b:4f:46:25:2f:2f:64:a6:62:fb:a6:3a:18:95:
af:74:0f:67:e4:3d:6c:fe:e1:54:2d:7a:f2:be:87:
b6:ea:f6:b3:63:64:5a:ce:80:f4:fb:8b:00:39:3a:
b7:87:6f:cc:5f:8c:d2:cf:98:cf:d8:d7:d8:96:20:
bf:43:3d:68:96:b9:95:de:62:ec:7b:f9:8f:dd:d5:
ee:91:63:2e:a2:94:c7:51:23:95:c0:bc:9b:c4:aa:
95:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A2:F1:F1:8E:62:FE:09:3B:B7:12:6C:99:37:BD:4A:3C:98:9E:58
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KaLx8Y5i_gk7txJsmTe9SjyYnlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9c:e6:8a:e2:06:0f:b1:2d:73:25:29:34:af:5a:02:bc:3d:93:
1d:b4:45:f9:c1:5b:dd:fd:53:08:ad:31:08:7a:30:a2:30:f9:
b0:d0:37:56:91:f2:8d:f9:89:d3:c1:33:1f:5f:4e:a9:9c:43:
4e:53:6d:e8:8e:5f:93:16:d6:52:63:9d:64:dd:9a:ed:31:a1:
98:15:17:78:5a:c6:78:2a:3d:f3:d7:29:00:f1:01:a0:98:89:
04:93:bd:be:35:ea:88:11:86:a9:17:37:79:53:9f:00:38:a7:
97:bb:60:3d:aa:fa:67:a0:b3:f3:2e:7b:e3:c5:b5:3a:71:09:
c7:5c:7e:a2:09:b5:0e:29:ec:50:24:c3:3e:0a:ee:63:b5:a1:
f6:79:9b:9d:c0:00:ed:97:7d:44:50:d4:82:04:5c:fc:f6:4d:
b8:60:92:bd:76:ed:a9:37:72:8c:26:86:c5:33:34:b4:05:22:
39:43:c7:d9:79:0d:d2:7d:6d:37:bf:7a:94:b4:bc:66:d4:2f:
14:7e:6d:0f:81:de:80:1c:45:d4:ec:0d:5b:b0:f0:b5:b3:d2:
52:d9:1c:28:2a:89:fb:7e:0b:64:8d:f1:4e:4e:4d:28:53:15:
dd:d0:72:82:a1:cf:ef:90:af:b5:fb:d9:58:bb:11:ba:23:e1:
38:be:7a:c5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqimZqVKAUtayNiN/nIKQWXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE3MTAwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWEyZjFmMThlNjJmZTA5M2JiNzEyNmM5OTM3YmQ0YTNjOTg5ZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHg+b2o4+KC7mozldjvrPdPG5Kqw
4luU2ye+ZjCYV6SJfCKH7cQ09fkFyHSjjpdrDuofbmCXGXBl5/srUO0bAh1ZyyaG
HTpIkcrP4nlZ1QmbREy5pBS9VbJyQI81qwRy/oM3JhAWNRRdn8gNkBCvnIAQoD66
bwu9MFyckUXcouCMpYhG0nJ2TeUMpSyTMuIRu8QtuNFkDW9X+WdsKGtcQGdrKibi
m09GJS8vZKZi+6Y6GJWvdA9n5D1s/uFULXryvoe26vazY2RazoD0+4sAOTq3h2/M
X4zSz5jP2NfYliC/Qz1olrmV3mLse/mP3dXukWMuopTHUSOVwLybxKqVgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCmi8fGOYv4JO7cSbJk3vUo8mJ5YMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvS2FMeDhZNWlfZ2s3dHhKc21UZTlTanlZbmxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJzmiuIGD7EtcyUpNK9a
Arw9kx20RfnBW939UwitMQh6MKIw+bDQN1aR8o35idPBMx9fTqmcQ05TbeiOX5MW
1lJjnWTdmu0xoZgVF3haxngqPfPXKQDxAaCYiQSTvb416ogRhqkXN3lTnwA4p5e7
YD2q+megs/Mue+PFtTpxCcdcfqIJtQ4p7FAkwz4K7mO1ofZ5m53AAO2XfURQ1IIE
XPz2Tbhgkr127ak3cowmhsUzNLQFIjlDx9l5DdJ9bTe/epS0vGbULxR+bQ+B3oAc
RdTsDVuw8LWz0lLZHCgqift+C2SN8U5OTShTFd3QcoKhz++Qr7X72Vi7Eboj4Ti+
esU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:53 2025 by rpki-client