Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/K5XeQTYHapRfglrtWsCe0mvGP_g.roa
File: K5XeQTYHapRfglrtWsCe0mvGP_g.roa (raw, json)
Hash identifier: 9tUVYHqisVe8B2ZrbqV6jS+yZBmlTmgopD5ZU11e1QM=
Subject key identifier: 2B:95:DE:41:36:07:6A:94:5F:82:5A:ED:5A:C0:9E:D2:6B:C6:3F:F8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AE85FB07BA094606C471002B71E616C94
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/K5XeQTYHapRfglrtWsCe0mvGP_g.roa
Signing time: Sat 30 Sep 2023 23:14:59 +0000
ROA not before: Sat 30 Sep 2023 23:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e8:5f:b0:7b:a0:94:60:6c:47:10:02:b7:1e:61:6c:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 30 23:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b95de4136076a945f825aed5ac09ed26bc63ff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:59:fe:64:1d:39:ff:a4:8b:9f:bd:f1:35:ba:
e9:d8:a6:c0:9a:32:81:02:77:c6:6a:af:fc:77:6f:
e0:88:fb:ed:bd:0a:16:b9:9c:7b:26:c9:f2:20:ad:
a5:97:b1:c5:30:cf:e6:ff:68:ee:6a:d1:68:00:bc:
53:3d:e7:16:34:04:4f:2a:d0:58:81:ef:66:de:08:
7a:f7:ad:49:3c:c1:47:47:30:c7:bf:94:5b:20:47:
dd:32:52:4a:3e:c8:5b:c6:b8:b1:37:5e:12:0f:39:
de:2e:d3:94:bf:56:2e:c0:99:63:02:cf:b8:8d:57:
5c:76:7f:f7:df:7a:12:8f:fa:cc:1c:57:24:b1:e9:
63:f7:4e:c2:21:5d:a4:44:d5:91:43:66:b4:2f:00:
63:5a:02:6e:48:1c:e1:55:cd:31:70:49:b2:d7:6c:
0a:cc:a0:bd:8a:7c:9d:82:43:ea:09:38:a3:8b:d7:
60:ff:8c:42:50:51:49:9e:5c:33:cb:1d:19:c5:cf:
58:1f:1e:83:c5:81:11:47:03:1c:ab:8f:11:cf:4d:
60:7c:93:f1:ea:91:e0:96:72:64:80:26:6d:18:61:
0f:1b:6d:ff:fc:98:46:e6:a8:d6:69:94:2b:1d:44:
89:76:e8:3e:fb:ee:49:09:04:ad:c0:7b:e1:e4:f9:
8a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:95:DE:41:36:07:6A:94:5F:82:5A:ED:5A:C0:9E:D2:6B:C6:3F:F8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/K5XeQTYHapRfglrtWsCe0mvGP_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:18:41:3d:91:61:76:b6:67:82:be:1a:95:67:ad:4c:8d:37:
ae:05:8e:2f:f8:3d:42:9d:6d:33:74:d9:e1:39:57:56:31:1c:
35:05:92:38:7a:04:a3:fd:b7:56:dd:48:35:5f:c0:14:5e:87:
8e:76:5d:31:fc:a3:73:6d:ee:c6:7b:87:0f:c0:51:78:01:45:
12:14:d1:8a:49:47:ff:23:72:b8:2c:ce:f4:15:7e:18:21:18:
d2:98:1b:56:53:f1:7f:17:60:6b:72:26:af:65:ac:7b:61:78:
68:79:48:6c:91:32:c3:5b:07:e4:3c:ae:ef:52:3e:df:58:9a:
11:8c:00:f5:22:c8:cc:eb:f6:e1:f0:45:81:e5:cd:a9:ff:b3:
14:e4:3b:01:df:42:d8:8b:e9:ad:9b:81:6f:11:58:37:be:f6:
b6:0b:84:bd:5c:70:1e:6a:0b:91:6f:96:20:31:0a:6c:63:f3:
38:b0:3f:bc:4c:50:8b:9f:2f:f6:8c:4e:25:00:d9:51:08:6f:
55:1a:57:b4:ae:9b:e2:b4:81:9a:a2:05:85:3a:6d:99:24:49:
60:76:08:28:c6:3a:de:b1:16:98:5b:36:5a:ea:5e:3d:dd:a2:
c1:4b:da:46:cb:04:54:22:c7:f0:fc:85:a6:cc:98:fe:1c:48:
5e:2d:9c:6e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYroX7B7oJRgbEcQArceYWyUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTMwMjMxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjk1ZGU0MTM2MDc2YTk0NWY4MjVhZWQ1YWMwOWVkMjZiYzYzZmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVn+ZB05/6SLn73xNbrp2KbAmjKB
AnfGaq/8d2/giPvtvQoWuZx7JsnyIK2ll7HFMM/m/2juatFoALxTPecWNARPKtBY
ge9m3gh6961JPMFHRzDHv5RbIEfdMlJKPshbxrixN14SDzneLtOUv1YuwJljAs+4
jVdcdn/333oSj/rMHFckselj907CIV2kRNWRQ2a0LwBjWgJuSBzhVc0xcEmy12wK
zKC9inydgkPqCTiji9dg/4xCUFFJnlwzyx0Zxc9YHx6DxYERRwMcq48Rz01gfJPx
6pHglnJkgCZtGGEPG23//JhG5qjWaZQrHUSJdug+++5JCQStwHvh5PmKTQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCuV3kE2B2qUX4Ja7VrAntJrxj/4MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSzVYZVFUWUhhcFJmZ2xydFdzQ2UwbXZHUF9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEsYQT2RYXa2Z4K+GpVn
rUyNN64Fji/4PUKdbTN02eE5V1YxHDUFkjh6BKP9t1bdSDVfwBReh452XTH8o3Nt
7sZ7hw/AUXgBRRIU0YpJR/8jcrgszvQVfhghGNKYG1ZT8X8XYGtyJq9lrHtheGh5
SGyRMsNbB+Q8ru9SPt9YmhGMAPUiyMzr9uHwRYHlzan/sxTkOwHfQtiL6a2bgW8R
WDe+9rYLhL1ccB5qC5FvliAxCmxj8ziwP7xMUIufL/aMTiUA2VEIb1UaV7Sum+K0
gZqiBYU6bZkkSWB2CCjGOt6xFphbNlrqXj3dosFL2kbLBFQix/D8habMmP4cSF4t
nG4=
-----END CERTIFICATE-----
Generated at Sat May 10 12:20:24 2025 by rpki-client