Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KOKiHf7ykjhkP_f1hYBTJzPF3WQ.roa
File: KOKiHf7ykjhkP_f1hYBTJzPF3WQ.roa (raw, json)
Hash identifier: KjJ6QJ8K8JwvBveBCKpaUK1FTzvOY8hbWS8Ceyh9src=
Subject key identifier: 28:E2:A2:1D:FE:F2:92:38:64:3F:F7:F5:85:80:53:27:33:C5:DD:64
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C75583ECDB2B5294072EA5FF7AF1AF0F3
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KOKiHf7ykjhkP_f1hYBTJzPF3WQ.roa
Signing time: Sun 17 Dec 2023 01:16:06 +0000
ROA not before: Sun 17 Dec 2023 01:16:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:75:58:3e:cd:b2:b5:29:40:72:ea:5f:f7:af:1a:f0:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 17 01:16:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28e2a21dfef29238643ff7f58580532733c5dd64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5c:45:13:e3:79:6b:74:f1:6f:e9:6d:f0:f2:
4e:75:5c:e1:f5:f2:57:0a:00:c3:03:96:1f:be:24:
d3:73:43:ef:d1:10:83:45:88:ef:b3:cd:2a:a8:93:
b3:8f:0c:af:86:9b:bd:d3:29:a3:bf:e1:77:34:b6:
d4:26:d3:ea:4b:b5:3d:1e:32:c4:c9:6d:81:68:dc:
75:12:4e:52:a7:6c:bf:d0:66:92:e4:f3:a5:a7:df:
fd:87:01:2c:61:11:49:1a:ba:f4:6c:43:00:fc:2d:
11:f3:c2:8b:a6:cb:b4:59:66:0b:29:76:98:6b:2e:
47:c1:8e:70:ec:52:4b:84:eb:ed:84:0e:cf:2d:0e:
86:c4:cd:6f:c7:60:ba:6e:d7:15:65:0e:fe:7a:83:
52:de:02:c3:55:c7:47:6d:bc:4d:34:5d:69:9c:d8:
77:01:fd:ec:2b:dc:a0:6d:d0:02:f4:83:65:49:fd:
1f:89:49:98:4a:45:b9:78:53:18:d2:4e:f1:44:ed:
14:7f:8f:ba:24:5f:16:8c:19:6c:16:44:ff:b6:a6:
53:3c:3c:50:24:6d:64:3c:c7:fe:5b:41:3a:61:8a:
bf:7d:b4:27:f1:51:09:04:57:f9:85:52:b3:29:21:
79:d0:e1:40:db:cd:0d:c9:69:66:54:54:f8:9a:13:
db:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:E2:A2:1D:FE:F2:92:38:64:3F:F7:F5:85:80:53:27:33:C5:DD:64
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KOKiHf7ykjhkP_f1hYBTJzPF3WQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
25:72:25:f1:2f:9e:1c:3e:a9:f1:9f:95:f7:7f:e6:f6:17:79:
1f:90:f5:18:05:09:e3:b2:a7:f6:67:6b:0f:0b:69:df:ff:80:
e6:90:d3:0c:ac:13:b0:26:93:30:be:79:79:0c:98:91:6b:00:
52:1c:fa:9d:64:25:3f:50:c2:5e:10:d1:d2:12:26:c9:ca:b5:
ba:b8:9d:4d:da:9e:38:24:db:4e:76:f8:f1:7b:2b:27:c1:9f:
8b:6f:eb:1d:03:b6:29:71:3d:d1:61:10:d1:5d:7f:6b:1a:4e:
41:57:3e:20:b8:d2:9d:80:90:0a:a3:66:83:a3:78:62:8c:c0:
dc:53:ee:37:8b:95:aa:56:6f:c8:70:81:bd:5b:96:cc:ca:02:
b0:27:42:45:44:f8:ef:fc:83:b3:2d:3c:85:b2:9a:33:27:39:
e3:c8:bb:ea:bd:ea:d7:a9:ec:fc:c9:73:7a:26:34:dc:d9:54:
30:c9:12:80:d4:a5:16:1b:69:85:8e:19:34:87:bf:81:3d:b3:
e3:f3:19:c9:78:ce:b0:32:96:e5:ea:0b:ce:f1:e6:8b:b1:c9:
79:4b:26:ee:92:af:bd:cd:64:e5:d8:d1:7d:e2:8e:65:bb:2d:
70:be:cf:29:4e:fc:c2:96:66:b0:84:9d:72:90:a9:7d:dd:9e:
a6:1b:a2:b3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx1WD7NsrUpQHLqX/evGvDzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE3MDExNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGUyYTIxZGZlZjI5MjM4NjQzZmY3ZjU4NTgwNTMyNzMzYzVkZDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVxFE+N5a3Txb+lt8PJOdVzh9fJX
CgDDA5YfviTTc0Pv0RCDRYjvs80qqJOzjwyvhpu90ymjv+F3NLbUJtPqS7U9HjLE
yW2BaNx1Ek5Sp2y/0GaS5POlp9/9hwEsYRFJGrr0bEMA/C0R88KLpsu0WWYLKXaY
ay5HwY5w7FJLhOvthA7PLQ6GxM1vx2C6btcVZQ7+eoNS3gLDVcdHbbxNNF1pnNh3
Af3sK9ygbdAC9INlSf0fiUmYSkW5eFMY0k7xRO0Uf4+6JF8WjBlsFkT/tqZTPDxQ
JG1kPMf+W0E6YYq/fbQn8VEJBFf5hVKzKSF50OFA280NyWlmVFT4mhPbtQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCjioh3+8pI4ZD/39YWAUyczxd1kMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvS09LaUhmN3lramhrUF9mMWhZQlRKelBGM1dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACVyJfEvnhw+qfGflfd/
5vYXeR+Q9RgFCeOyp/Znaw8Lad//gOaQ0wysE7AmkzC+eXkMmJFrAFIc+p1kJT9Q
wl4Q0dISJsnKtbq4nU3anjgk2052+PF7KyfBn4tv6x0DtilxPdFhENFdf2saTkFX
PiC40p2AkAqjZoOjeGKMwNxT7jeLlapWb8hwgb1blszKArAnQkVE+O/8g7MtPIWy
mjMnOePIu+q96tep7PzJc3omNNzZVDDJEoDUpRYbaYWOGTSHv4E9s+PzGcl4zrAy
luXqC87x5ouxyXlLJu6Sr73NZOXY0X3ijmW7LXC+zylO/MKWZrCEnXKQqX3dnqYb
orM=
-----END CERTIFICATE-----
Generated at Tue May 13 04:09:22 2025 by rpki-client