Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KC9Wz9bR-thPwjoMVXpJfqFu78I.roa
File: KC9Wz9bR-thPwjoMVXpJfqFu78I.roa (raw, json)
Hash identifier: k4xF5EuOZ9YL2iB09b+Pkse5Ckm96tsjdJKNjAa0BSA=
Subject key identifier: 28:2F:56:CF:D6:D1:FA:D8:4F:C2:3A:0C:55:7A:49:7E:A1:6E:EF:C2
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B7CD8972144DC554382DEA5911FD91509
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KC9Wz9bR-thPwjoMVXpJfqFu78I.roa
Signing time: Sun 29 Oct 2023 19:10:51 +0000
ROA not before: Sun 29 Oct 2023 19:10:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64:ffff:0:18b:7cd2:a5d5/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7c:d8:97:21:44:dc:55:43:82:de:a5:91:1f:d9:15:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 29 19:10:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=282f56cfd6d1fad84fc23a0c557a497ea16eefc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ff:2d:6e:b5:c1:57:a2:bf:95:34:75:3a:fe:
8e:dd:b0:86:17:79:6b:10:58:a9:a2:0b:76:8e:ba:
c2:be:7f:a0:25:a4:9a:a3:f5:ea:f7:17:d7:20:e5:
18:38:ae:c6:6b:cb:70:11:a1:0c:a4:1a:6a:48:08:
55:0a:76:31:0c:ab:1d:70:5f:90:29:8d:fa:2a:39:
0b:34:98:bd:3c:bf:de:05:f3:4b:c6:35:9b:94:d5:
04:fe:5e:9b:6a:0e:38:bf:43:df:98:16:8f:b4:32:
60:41:a5:90:86:8d:9a:52:1c:38:dd:e8:50:7b:9a:
62:1a:4b:68:e1:f5:30:4c:bd:9c:de:13:3c:91:90:
8d:11:1b:4b:e6:a4:17:99:7e:03:56:dc:f9:ee:f4:
7a:1c:63:7c:ec:d5:48:c5:6b:04:a6:d5:5d:48:cf:
e9:b4:1f:62:19:0a:dc:47:98:82:fe:3c:a8:7b:3f:
03:07:93:ab:67:7e:74:43:36:8e:36:49:9e:7e:f5:
39:e8:bb:56:4a:fa:93:13:33:25:84:84:27:9a:9d:
d9:4e:ec:a8:66:71:3a:3e:31:d1:2e:21:59:b1:a5:
db:35:eb:21:97:0c:1f:6a:50:79:80:7f:61:73:5c:
d7:06:96:f6:2d:a7:57:ea:5f:8f:2f:81:4d:38:23:
1c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:2F:56:CF:D6:D1:FA:D8:4F:C2:3A:0C:55:7A:49:7E:A1:6E:EF:C2
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KC9Wz9bR-thPwjoMVXpJfqFu78I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
79:16:2f:13:42:11:e4:41:c0:68:b9:66:63:59:a6:22:70:09:
16:3d:5e:f7:43:9a:74:4a:44:c1:82:47:53:cf:4d:08:81:75:
a6:c8:4b:8c:de:af:05:8c:97:ad:6a:e9:60:11:d2:c3:30:e3:
44:a1:a5:01:8e:49:d9:08:fd:a5:e5:9d:04:54:21:6e:b5:61:
ea:fd:5e:d3:0b:b7:af:a2:02:3e:95:3d:89:26:eb:60:89:41:
a5:5c:5b:44:67:90:2d:6e:7d:d0:51:e0:b6:37:04:1d:05:57:
21:19:8e:56:b3:2b:9a:8d:f6:dd:c9:87:3e:9b:cf:97:a4:e3:
f4:c0:1d:e2:85:0b:31:c2:9e:fc:5f:8e:aa:7b:79:c1:0f:8c:
43:67:cb:7a:0c:cb:23:3a:49:d8:6d:d9:d8:98:34:e6:b8:a4:
6e:5e:d6:18:53:13:da:f7:30:47:4c:8c:91:9a:d9:0d:a1:2b:
91:43:e0:e9:4c:4b:c2:a6:cd:02:90:eb:46:5a:a1:49:df:9d:
40:6c:e4:0c:5a:dd:af:dd:0b:90:b6:9e:63:c7:87:bb:08:3a:
ab:24:48:21:99:77:85:19:2f:50:71:38:52:bc:f4:d9:8c:54:
4c:d0:53:df:e6:b7:68:14:d9:e5:9e:df:b3:93:34:75:77:1c:
a2:8e:f9:2a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYt82JchRNxVQ4LepZEf2RUJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI5MTkxMDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODJmNTZjZmQ2ZDFmYWQ4NGZjMjNhMGM1NTdhNDk3ZWExNmVlZmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsf8tbrXBV6K/lTR1Ov6O3bCGF3lr
EFipogt2jrrCvn+gJaSao/Xq9xfXIOUYOK7Ga8twEaEMpBpqSAhVCnYxDKsdcF+Q
KY36KjkLNJi9PL/eBfNLxjWblNUE/l6bag44v0PfmBaPtDJgQaWQho2aUhw43ehQ
e5piGkto4fUwTL2c3hM8kZCNERtL5qQXmX4DVtz57vR6HGN87NVIxWsEptVdSM/p
tB9iGQrcR5iC/jyoez8DB5OrZ350QzaONkmefvU56LtWSvqTEzMlhIQnmp3ZTuyo
ZnE6PjHRLiFZsaXbNeshlwwfalB5gH9hc1zXBpb2LadX6l+PL4FNOCMc7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCgvVs/W0frYT8I6DFV6SX6hbu/CMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvS0M5V3o5YlItdGhQd2pvTVZYcEpmcUZ1NzhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHkWLxNCEeRBwGi5ZmNZ
piJwCRY9XvdDmnRKRMGCR1PPTQiBdabIS4zerwWMl61q6WAR0sMw40ShpQGOSdkI
/aXlnQRUIW61Yer9XtMLt6+iAj6VPYkm62CJQaVcW0RnkC1ufdBR4LY3BB0FVyEZ
jlazK5qN9t3Jhz6bz5ek4/TAHeKFCzHCnvxfjqp7ecEPjENny3oMyyM6Sdht2diY
NOa4pG5e1hhTE9r3MEdMjJGa2Q2hK5FD4OlMS8KmzQKQ60ZaoUnfnUBs5Axa3a/d
C5C2nmPHh7sIOqskSCGZd4UZL1BxOFK89NmMVEzQU9/mt2gU2eWe37OTNHV3HKKO
+So=
-----END CERTIFICATE-----
Generated at Sun May 11 22:22:46 2025 by rpki-client