Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KstJMLliJZzcIo0ouymVpBsbjlc.roa
File: KstJMLliJZzcIo0ouymVpBsbjlc.roa (raw, json)
Hash identifier: XQvNotuo3ObdJgRbg3nN5ox+BUwwtqVpWsAU94vr47I=
Subject key identifier: 2A:CB:49:30:B9:62:25:9C:DC:22:8D:28:BB:29:95:A4:1B:1B:8E:57
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4D6DA01528C237EA6881734FEDDE1DF5
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KstJMLliJZzcIo0ouymVpBsbjlc.roa
Signing time: Thu 31 Aug 2023 21:09:04 +0000
ROA not before: Thu 31 Aug 2023 21:09:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:4d6c:ecd7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4d:6d:a0:15:28:c2:37:ea:68:81:73:4f:ed:de:1d:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 31 21:09:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2acb4930b962259cdc228d28bb2995a41b1b8e57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:dd:fe:18:f8:79:12:f1:e7:e0:ff:84:f0:ad:
fc:27:c8:56:b3:22:2d:0f:1d:48:27:30:cb:00:86:
15:a9:cc:48:c4:1f:3b:d3:8a:36:b7:35:00:11:2c:
2a:de:af:a3:65:b5:d5:af:3b:6d:d1:f2:4e:a5:47:
2b:3d:a6:52:6a:48:e0:b0:7d:f2:5b:8b:bc:c3:c8:
96:40:4f:3c:f1:e4:fd:27:a7:2f:a4:71:1c:87:0a:
62:aa:a2:46:e6:e4:ff:c8:a3:f1:2a:06:fa:34:85:
82:78:fc:28:72:f1:8b:b3:0e:2f:69:a3:84:fb:8f:
0a:ef:c5:ca:35:50:6d:93:c2:2f:05:11:05:86:dc:
ea:61:9f:f0:04:26:a7:04:fd:c2:e0:f0:80:3a:03:
7a:0c:47:60:0a:e5:17:f9:53:4d:09:5d:55:97:84:
29:bd:53:fb:09:c2:9b:6a:bb:ae:12:05:39:56:e0:
1f:58:12:64:16:91:7f:88:d6:ff:58:a9:c3:3e:af:
8e:ee:3f:79:4a:5a:b0:d0:41:1e:75:8e:a9:5b:27:
b7:88:0c:04:5b:b6:f2:4b:ae:5f:87:49:bc:04:38:
8d:57:77:d6:49:bc:b1:64:81:08:76:ca:51:48:e5:
38:97:97:93:a9:6e:49:1f:80:43:df:8e:47:fd:5a:
95:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:CB:49:30:B9:62:25:9C:DC:22:8D:28:BB:29:95:A4:1B:1B:8E:57
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KstJMLliJZzcIo0ouymVpBsbjlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8d:e3:d0:04:19:b7:62:ee:7a:22:ff:c4:82:38:90:00:7f:87:
e5:2c:98:a6:ce:7e:c0:74:1d:8e:43:df:81:6a:3f:13:0f:a8:
56:74:d7:fc:e0:14:56:1f:55:c5:7e:7f:cc:63:41:1d:0b:c4:
5d:8d:e8:01:93:c0:86:17:6c:38:60:21:b9:cb:41:1c:1b:30:
1b:cc:3c:a1:23:8b:40:18:a5:b4:df:2d:13:ba:27:47:ef:22:
92:f4:2f:79:0a:7d:e0:2c:87:d9:57:57:b8:ca:0a:53:96:33:
1b:74:59:10:a6:85:b9:15:54:4a:b8:88:ce:31:4d:49:6c:7c:
41:6d:97:a4:7d:72:f8:67:ed:e5:f7:4a:79:3c:b9:eb:cb:a9:
88:bf:67:2d:88:33:11:1b:1a:a6:e6:ff:dc:bb:1e:0a:20:bc:
50:81:e4:40:46:1f:59:df:c2:57:37:26:c1:6b:f8:70:18:6d:
aa:1f:cf:c6:7c:6a:d7:08:2c:21:13:fc:0a:7d:db:e3:fd:0d:
eb:f0:cb:35:ca:b3:1b:73:6e:2b:cd:af:c6:28:5d:d2:ea:74:
2a:d7:73:77:82:86:c5:65:ee:29:3d:4d:84:d4:ea:84:a3:4c:
8f:68:e4:f5:bf:a0:11:8f:97:11:0c:9c:25:1d:d7:65:67:f6:
8d:d5:d9:ec
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpNbaAVKMI36miBc0/t3h31MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMxMjEwOTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWNiNDkzMGI5NjIyNTljZGMyMjhkMjhiYjI5OTVhNDFiMWI4ZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi93+GPh5EvHn4P+E8K38J8hWsyIt
Dx1IJzDLAIYVqcxIxB8704o2tzUAESwq3q+jZbXVrztt0fJOpUcrPaZSakjgsH3y
W4u8w8iWQE888eT9J6cvpHEchwpiqqJG5uT/yKPxKgb6NIWCePwocvGLsw4vaaOE
+48K78XKNVBtk8IvBREFhtzqYZ/wBCanBP3C4PCAOgN6DEdgCuUX+VNNCV1Vl4Qp
vVP7CcKbaruuEgU5VuAfWBJkFpF/iNb/WKnDPq+O7j95Slqw0EEedY6pWye3iAwE
W7byS65fh0m8BDiNV3fWSbyxZIEIdspRSOU4l5eTqW5JH4BD345H/VqVcQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCrLSTC5YiWc3CKNKLsplaQbG45XMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvS3N0Sk1MbGlKWnpjSW8wb3V5bVZwQnNiamxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI3j0AQZt2LueiL/xII4
kAB/h+UsmKbOfsB0HY5D34FqPxMPqFZ01/zgFFYfVcV+f8xjQR0LxF2N6AGTwIYX
bDhgIbnLQRwbMBvMPKEji0AYpbTfLRO6J0fvIpL0L3kKfeAsh9lXV7jKClOWMxt0
WRCmhbkVVEq4iM4xTUlsfEFtl6R9cvhn7eX3Snk8uevLqYi/Zy2IMxEbGqbm/9y7
HgogvFCB5EBGH1nfwlc3JsFr+HAYbaofz8Z8atcILCET/Ap92+P9DevwyzXKsxtz
bivNr8YoXdLqdCrXc3eChsVl7ik9TYTU6oSjTI9o5PW/oBGPlxEMnCUd12Vn9o3V
2ew=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:31:15 2025 by rpki-client