Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ki4dZnMup2DRt2rV24hr8RKSIRE.roa
File: Ki4dZnMup2DRt2rV24hr8RKSIRE.roa (raw, json)
Hash identifier: OOVQVQpg9v8YSEUFjlPdtGByNkHwOagTz2/CqNgHiJs=
Subject key identifier: 2A:2E:1D:66:73:2E:A7:60:D1:B7:6A:D5:DB:88:6B:F1:12:92:21:11
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B18378E3983C91EC4C9A0E0CC6410BF15
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ki4dZnMup2DRt2rV24hr8RKSIRE.roa
Signing time: Tue 10 Oct 2023 06:12:55 +0000
ROA not before: Tue 10 Oct 2023 06:12:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:18:37:8e:39:83:c9:1e:c4:c9:a0:e0:cc:64:10:bf:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 10 06:12:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a2e1d66732ea760d1b76ad5db886bf112922111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:cf:fd:fb:a7:9e:5e:e2:d6:1b:a7:6a:68:9d:
95:3b:3b:22:6d:ee:90:99:67:49:98:e0:9a:e8:fc:
03:d0:1a:85:e4:91:84:74:42:6b:c9:92:31:79:fb:
a3:8f:79:7c:d9:04:41:95:9c:19:ca:5a:5b:14:a4:
18:6d:a1:20:4c:4e:78:c1:02:ef:48:75:a7:c9:f6:
25:8c:a7:18:4e:1c:57:f6:b8:87:bc:dd:c1:76:31:
af:c1:5c:d2:f8:e3:62:15:9e:f3:e7:12:dd:fa:99:
29:d2:1a:ba:4f:9e:d4:9b:0a:22:c1:e0:4d:83:f6:
32:35:d3:f5:a1:d0:a7:eb:11:ab:bf:7b:c1:86:9c:
28:91:ce:73:29:57:92:85:b2:de:5c:86:73:60:eb:
6d:3a:c2:95:a7:ad:9a:57:c7:02:b3:21:ef:52:6b:
f7:b6:bb:cf:75:00:73:07:ee:69:88:88:e3:45:72:
7c:61:b6:6d:08:a2:26:6a:10:19:75:d6:6c:a8:76:
f3:6d:5d:34:7d:41:7c:48:04:8d:de:43:02:81:c4:
6e:6d:5c:67:82:7d:e8:29:61:06:6f:44:22:60:fd:
15:97:9e:f6:fe:55:90:98:f1:8b:11:ae:49:2d:0a:
b7:36:8b:06:56:35:20:25:55:d1:c4:6b:f4:ca:ab:
3d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:2E:1D:66:73:2E:A7:60:D1:B7:6A:D5:DB:88:6B:F1:12:92:21:11
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ki4dZnMup2DRt2rV24hr8RKSIRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:7c:b1:da:00:90:6e:bb:98:a9:6b:34:aa:78:75:49:a5:2a:
c0:4c:f4:4a:09:e2:f2:f6:8a:7d:3b:35:c2:c3:5d:aa:c0:35:
6d:d0:c4:cd:0c:85:af:57:53:7c:e5:a6:72:80:b4:8b:c0:dc:
bb:91:fc:d0:ab:b6:4d:ca:51:29:6a:d1:08:31:e4:54:00:1c:
85:59:b6:76:14:f5:5e:b6:38:25:4e:66:63:2f:b4:8c:cb:01:
12:9f:ac:97:84:45:d5:d7:b6:31:7f:bb:83:05:8d:07:3d:9a:
e5:15:ce:0a:78:f7:6c:7a:f0:2b:b8:b6:d6:0e:88:d7:2c:96:
83:d2:8e:64:5b:08:d9:05:c6:86:fa:1b:df:e7:27:c7:c4:a0:
0c:3b:38:dd:12:e4:c4:15:19:bc:10:ef:57:d4:81:56:9b:91:
cf:27:05:c0:32:1b:f7:13:e7:e5:31:f4:cb:55:12:79:17:35:
07:5a:ff:6e:87:8b:2a:0e:e6:02:bf:13:36:55:22:e0:76:f2:
e3:ba:18:1b:40:90:44:5c:0f:7f:ec:57:7a:04:cc:8d:cf:16:
c1:88:36:e9:9e:4b:a2:87:56:6a:e9:74:ee:85:66:c5:fe:9b:
01:c9:12:ed:f3:b8:48:5b:0e:8c:ce:27:63:20:d4:01:25:03:
81:ac:07:cf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsYN445g8kexMmg4MxkEL8VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEwMDYxMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTJlMWQ2NjczMmVhNzYwZDFiNzZhZDVkYjg4NmJmMTEyOTIyMTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhs/9+6eeXuLWG6dqaJ2VOzsibe6Q
mWdJmOCa6PwD0BqF5JGEdEJryZIxefujj3l82QRBlZwZylpbFKQYbaEgTE54wQLv
SHWnyfYljKcYThxX9riHvN3BdjGvwVzS+ONiFZ7z5xLd+pkp0hq6T57UmwoiweBN
g/YyNdP1odCn6xGrv3vBhpwokc5zKVeShbLeXIZzYOttOsKVp62aV8cCsyHvUmv3
trvPdQBzB+5piIjjRXJ8YbZtCKImahAZddZsqHbzbV00fUF8SASN3kMCgcRubVxn
gn3oKWEGb0QiYP0Vl572/lWQmPGLEa5JLQq3NosGVjUgJVXRxGv0yqs9YQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCouHWZzLqdg0bdq1duIa/ESkiERMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvS2k0ZFpuTXVwMkRSdDJyVjI0aHI4UktTSVJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA18sdoAkG67mKlrNKp4
dUmlKsBM9EoJ4vL2in07NcLDXarANW3QxM0Mha9XU3zlpnKAtIvA3LuR/NCrtk3K
USlq0Qgx5FQAHIVZtnYU9V62OCVOZmMvtIzLARKfrJeERdXXtjF/u4MFjQc9muUV
zgp492x68Cu4ttYOiNcsloPSjmRbCNkFxob6G9/nJ8fEoAw7ON0S5MQVGbwQ71fU
gVabkc8nBcAyG/cT5+Ux9MtVEnkXNQda/26HiyoO5gK/EzZVIuB28uO6GBtAkERc
D3/sV3oEzI3PFsGINumeS6KHVmrpdO6FZsX+mwHJEu3zuEhbDozOJ2Mg1AElA4Gs
B88=
-----END CERTIFICATE-----
Generated at Sun May 11 16:03:36 2025 by rpki-client