Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KOFK9jUhKVywgVU7YdNbP0HdkkI.roa
File: KOFK9jUhKVywgVU7YdNbP0HdkkI.roa (raw, json)
Hash identifier: gUMcbqjAiPGiFyAQjuc7h5yBkutoT29Aypyz97uLwt8=
Subject key identifier: 28:E1:4A:F6:35:21:29:5C:B0:81:55:3B:61:D3:5B:3F:41:DD:92:42
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B8C4BCED395032BEEEE329E7F693C7E94
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KOFK9jUhKVywgVU7YdNbP0HdkkI.roa
Signing time: Wed 01 Nov 2023 19:11:00 +0000
ROA not before: Wed 01 Nov 2023 19:11:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64:ffff:0:18b:8c45:a300/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8c:4b:ce:d3:95:03:2b:ee:ee:32:9e:7f:69:3c:7e:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 1 19:11:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28e14af63521295cb081553b61d35b3f41dd9242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:92:b6:c7:5c:ef:cd:58:ae:de:43:6c:e7:1a:
39:43:c2:ef:d3:a3:bd:da:73:52:e8:47:ca:33:6a:
0b:7e:c0:33:41:3c:99:36:b6:06:d8:da:fd:cc:4f:
c3:f2:4b:c4:4f:c1:79:0a:96:a3:90:11:07:71:bd:
39:32:9b:8c:d9:55:cb:02:69:58:b0:0e:a9:f6:ff:
9c:00:5c:b1:67:73:3f:37:b0:3f:88:6e:d8:7e:18:
6a:19:33:9d:cb:dd:e5:08:6f:bb:21:7a:ed:3a:78:
fb:a8:ef:34:4e:24:e4:33:9a:87:7a:02:44:37:aa:
81:45:a0:e3:fc:6e:8a:d2:28:e1:3d:ea:31:9f:be:
3c:21:23:99:63:5e:25:39:2c:b4:cd:cf:af:66:d9:
4c:e5:fb:f6:be:24:de:ab:84:82:3e:2b:de:d4:9b:
a9:ec:c2:a5:8c:9d:0f:ff:8e:dc:31:30:b4:1b:e5:
f3:17:32:97:af:70:c6:f1:d7:7a:25:79:0a:2b:46:
c6:b3:a7:5d:8a:77:a1:9a:fb:b4:43:75:f1:44:99:
e2:36:27:86:0a:49:86:4f:aa:db:b0:e9:33:c7:87:
4b:93:82:f3:79:48:1e:24:a6:75:f8:82:a6:19:d5:
2b:7d:04:e4:4d:fe:32:26:6e:76:8c:50:d7:5d:4b:
a2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:E1:4A:F6:35:21:29:5C:B0:81:55:3B:61:D3:5B:3F:41:DD:92:42
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KOFK9jUhKVywgVU7YdNbP0HdkkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
64:9e:0b:8e:38:27:83:9b:41:25:d4:d5:f5:fa:38:04:17:51:
e7:6d:bc:92:50:cf:f4:31:7e:ff:9c:09:22:50:da:9d:6a:e7:
41:0c:98:2d:a7:08:1d:dc:33:6b:7f:bb:3f:4a:c0:7d:d5:99:
55:f9:e5:87:c1:a3:9a:9d:fd:35:6c:df:d4:66:5e:b4:6b:1d:
08:e4:ad:19:ba:f8:40:17:a4:15:f2:8d:15:42:c3:e2:52:b9:
63:6f:2b:6d:d5:ef:30:41:69:52:ec:8c:bd:96:8f:5a:c4:91:
7b:c2:a1:18:40:5e:69:9b:7f:fc:34:04:7f:c1:c5:4c:27:f6:
8e:16:7a:3b:37:b0:15:f8:32:32:6b:51:af:b9:3c:99:93:b1:
27:fe:7f:74:97:0b:af:3e:17:1b:fe:02:56:fb:f1:ec:37:d8:
c1:a3:ca:77:d1:6d:bd:6b:d5:79:72:12:5c:48:b6:f5:e9:71:
c5:6b:ce:f5:1d:cb:b9:78:20:cd:1e:1d:ea:0d:ac:be:c6:31:
90:70:3b:69:e0:94:8e:03:cc:38:5c:f8:d9:aa:41:98:3b:0b:
fe:63:3f:31:3d:68:12:22:b6:ea:3c:d4:3f:21:82:8d:24:e1:
3b:09:be:70:98:c2:f4:eb:04:28:bb:95:7e:c1:43:b5:63:44:
2f:14:18:2b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuMS87TlQMr7u4ynn9pPH6UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAxMTkxMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGUxNGFmNjM1MjEyOTVjYjA4MTU1M2I2MWQzNWIzZjQxZGQ5MjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5K2x1zvzViu3kNs5xo5Q8Lv06O9
2nNS6EfKM2oLfsAzQTyZNrYG2Nr9zE/D8kvET8F5CpajkBEHcb05MpuM2VXLAmlY
sA6p9v+cAFyxZ3M/N7A/iG7YfhhqGTOdy93lCG+7IXrtOnj7qO80TiTkM5qHegJE
N6qBRaDj/G6K0ijhPeoxn748ISOZY14lOSy0zc+vZtlM5fv2viTeq4SCPive1Jup
7MKljJ0P/47cMTC0G+XzFzKXr3DG8dd6JXkKK0bGs6ddinehmvu0Q3XxRJniNieG
CkmGT6rbsOkzx4dLk4LzeUgeJKZ1+IKmGdUrfQTkTf4yJm52jFDXXUuiNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCjhSvY1ISlcsIFVO2HTWz9B3ZJCMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvS09GSzlqVWhLVnl3Z1ZVN1lkTmJQMEhka2tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGSeC444J4ObQSXU1fX6
OAQXUedtvJJQz/Qxfv+cCSJQ2p1q50EMmC2nCB3cM2t/uz9KwH3VmVX55YfBo5qd
/TVs39RmXrRrHQjkrRm6+EAXpBXyjRVCw+JSuWNvK23V7zBBaVLsjL2Wj1rEkXvC
oRhAXmmbf/w0BH/BxUwn9o4Wejs3sBX4MjJrUa+5PJmTsSf+f3SXC68+Fxv+Alb7
8ew32MGjynfRbb1r1XlyElxItvXpccVrzvUdy7l4IM0eHeoNrL7GMZBwO2nglI4D
zDhc+NmqQZg7C/5jPzE9aBIituo81D8hgo0k4TsJvnCYwvTrBCi7lX7BQ7VjRC8U
GCs=
-----END CERTIFICATE-----
Generated at Sat May 10 12:15:06 2025 by rpki-client