Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KhJ5opqLWzqtXkw6J_ThdWhHJmU.roa
File: KhJ5opqLWzqtXkw6J_ThdWhHJmU.roa (raw, json)
Hash identifier: t0NtoWiXRaO6imKsc/oeWBFLtYQLOorgA7BgdlfIx+k=
Subject key identifier: 2A:12:79:A2:9A:8B:5B:3A:AD:5E:4C:3A:27:F4:E1:75:68:47:26:65
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B601BCB973E24C08E3DD595A2A1E199B5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KhJ5opqLWzqtXkw6J_ThdWhHJmU.roa
Signing time: Tue 24 Oct 2023 05:15:16 +0000
ROA not before: Tue 24 Oct 2023 05:15:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:60:1b:cb:97:3e:24:c0:8e:3d:d5:95:a2:a1:e1:99:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 24 05:15:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a1279a29a8b5b3aad5e4c3a27f4e17568472665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d0:64:4c:35:f5:c5:36:f2:6a:13:1f:c1:88:
cb:e7:41:45:1b:c5:31:ce:47:46:5f:a1:b8:89:62:
34:85:f9:a0:cc:4a:9e:d4:28:2b:35:77:d7:e9:33:
cb:c2:b1:38:6c:37:62:9d:d8:b4:55:82:3f:23:94:
b5:9c:49:0c:3a:cb:b4:90:17:ff:45:02:f4:dd:85:
a2:16:e2:0e:42:af:a1:5c:c3:55:ad:3e:5f:0a:2d:
a2:76:96:4f:be:24:fb:a6:b7:40:6b:21:73:91:77:
f4:d4:85:6b:42:b0:f4:54:63:31:d2:47:51:f6:e3:
7f:93:c6:68:ca:0b:0d:8c:aa:16:d6:0b:de:7d:ee:
53:45:e4:d3:f4:25:1b:95:23:21:a3:93:08:fd:1c:
6f:81:53:ab:40:d5:ba:9c:31:4f:3b:7f:57:6f:eb:
d2:21:2d:58:7d:d3:14:d1:93:79:75:9e:36:d3:2f:
60:73:7c:f9:95:07:57:38:2c:0d:86:04:ad:1e:0f:
e7:66:9b:54:ab:8d:a8:db:63:dd:bf:1e:e4:32:f3:
12:10:13:61:bd:72:08:59:53:33:18:73:b0:63:df:
1f:e9:dd:da:f2:97:28:93:cb:5e:9a:18:ff:48:d2:
90:f1:0c:e2:94:68:1f:2f:34:f3:0b:70:21:14:96:
7f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:12:79:A2:9A:8B:5B:3A:AD:5E:4C:3A:27:F4:E1:75:68:47:26:65
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KhJ5opqLWzqtXkw6J_ThdWhHJmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c3:62:1a:11:ac:6f:da:15:f0:41:b0:10:d1:01:4e:6a:a9:6f:
70:06:ea:36:e1:5b:d3:70:57:2a:a8:06:ac:76:74:8d:bb:65:
6a:2a:d1:55:7c:fb:f2:49:b9:4f:35:44:95:0c:2e:6b:72:b3:
05:2c:8b:8c:65:89:89:2f:f4:81:09:fe:cb:8c:a7:8c:70:68:
27:ac:8e:15:27:28:a7:ea:0d:e3:a3:b3:d5:97:59:90:94:ec:
1b:a0:b9:7a:52:c7:e6:b2:32:43:16:5e:ae:9f:4b:48:df:9c:
e6:64:f3:3a:b1:28:47:16:4f:aa:ad:42:4a:e6:0c:72:54:6e:
ec:df:7d:0e:63:2d:e9:e5:b7:6d:01:a3:fa:dc:a7:e5:f5:a3:
47:77:f2:65:25:2c:d8:c1:8e:c9:ce:a6:59:88:86:de:3e:4c:
b2:0c:10:4f:36:a4:1e:2e:d7:60:72:6d:f8:40:fb:2a:03:98:
83:05:2e:17:0c:82:31:ec:a8:6a:cd:ed:b5:7b:ab:86:8c:cf:
d5:48:cc:6e:5b:c8:8d:55:95:62:29:b7:21:0f:aa:d0:26:23:
37:9a:22:a0:c9:6b:2f:6d:cd:96:4e:37:7f:60:07:59:3f:1d:
ed:ea:75:61:07:ed:b8:bc:d1:8c:70:12:f2:b5:4f:29:41:bf:
4d:22:21:a7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtgG8uXPiTAjj3VlaKh4Zm1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI0MDUxNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTEyNzlhMjlhOGI1YjNhYWQ1ZTRjM2EyN2Y0ZTE3NTY4NDcyNjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dBkTDX1xTbyahMfwYjL50FFG8Ux
zkdGX6G4iWI0hfmgzEqe1CgrNXfX6TPLwrE4bDdindi0VYI/I5S1nEkMOsu0kBf/
RQL03YWiFuIOQq+hXMNVrT5fCi2idpZPviT7prdAayFzkXf01IVrQrD0VGMx0kdR
9uN/k8ZoygsNjKoW1gvefe5TReTT9CUblSMho5MI/RxvgVOrQNW6nDFPO39Xb+vS
IS1YfdMU0ZN5dZ420y9gc3z5lQdXOCwNhgStHg/nZptUq42o22Pdvx7kMvMSEBNh
vXIIWVMzGHOwY98f6d3a8pcok8temhj/SNKQ8QzilGgfLzTzC3AhFJZ/wwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCoSeaKai1s6rV5MOif04XVoRyZlMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvS2hKNW9wcUxXenF0WGt3NkpfVGhkV2hISm1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMNiGhGsb9oV8EGwENEB
Tmqpb3AG6jbhW9NwVyqoBqx2dI27ZWoq0VV8+/JJuU81RJUMLmtyswUsi4xliYkv
9IEJ/suMp4xwaCesjhUnKKfqDeOjs9WXWZCU7BuguXpSx+ayMkMWXq6fS0jfnOZk
8zqxKEcWT6qtQkrmDHJUbuzffQ5jLenlt20Bo/rcp+X1o0d38mUlLNjBjsnOplmI
ht4+TLIMEE82pB4u12BybfhA+yoDmIMFLhcMgjHsqGrN7bV7q4aMz9VIzG5byI1V
lWIptyEPqtAmIzeaIqDJay9tzZZON39gB1k/He3qdWEH7bi80YxwEvK1TylBv00i
Iac=
-----END CERTIFICATE-----
Generated at Fri May 16 00:54:44 2025 by rpki-client