Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KmfIkNTFDsWbJzqcO0t5Z2NP4cU.roa
File: KmfIkNTFDsWbJzqcO0t5Z2NP4cU.roa (raw, json)
Hash identifier: vP5+z703H0yoLj50ACoBUweg1mRVk4JLEFESmpo/fis=
Subject key identifier: 2A:67:C8:90:D4:C5:0E:C5:9B:27:3A:9C:3B:4B:79:67:63:4F:E1:C5
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B80BB3B2B3C8A5A97F032CC27A8A8631B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KmfIkNTFDsWbJzqcO0t5Z2NP4cU.roa
Signing time: Mon 30 Oct 2023 13:17:15 +0000
ROA not before: Mon 30 Oct 2023 13:17:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:80:bb:3b:2b:3c:8a:5a:97:f0:32:cc:27:a8:a8:63:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 30 13:17:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a67c890d4c50ec59b273a9c3b4b7967634fe1c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:f0:a9:e6:1f:f5:4f:34:6d:62:97:48:d0:7b:
c7:ea:96:d8:e7:81:ce:62:a1:c0:23:66:5b:25:e2:
93:a2:b5:4e:21:6b:ef:de:b7:05:5a:da:da:3e:7f:
46:41:64:f4:38:45:ad:ab:8f:86:94:31:f0:bf:01:
fd:dd:f9:7d:98:9e:cd:15:71:07:3e:6c:22:8b:05:
34:4f:48:f8:4a:c4:27:49:fd:1e:33:8a:31:db:95:
eb:36:11:21:2c:55:c9:ec:69:70:ce:3e:48:60:d2:
f8:c3:33:a4:0c:6f:f9:e4:ad:de:be:63:33:37:29:
18:5b:3c:02:91:8a:6c:84:37:3e:28:9d:0d:b6:04:
78:d6:25:dd:d9:7d:92:95:f4:c4:e2:80:6a:02:e1:
c3:f7:51:a9:e1:f7:b8:47:8e:17:4a:7a:42:67:91:
f4:57:e7:6a:12:01:8a:59:ed:23:61:c0:0c:00:3e:
8e:a9:75:21:61:ed:7d:48:80:22:67:8a:36:02:4a:
fe:ca:84:0a:f1:2c:bb:95:bf:6a:81:1c:74:79:ab:
78:74:55:53:13:eb:e6:4a:ae:64:cf:67:d1:16:68:
78:c4:e6:02:7d:81:d3:87:b9:b7:11:03:80:59:d6:
2f:1f:a5:d5:27:88:2f:5c:fd:22:26:01:53:59:f4:
d2:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:67:C8:90:D4:C5:0E:C5:9B:27:3A:9C:3B:4B:79:67:63:4F:E1:C5
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KmfIkNTFDsWbJzqcO0t5Z2NP4cU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
17:37:dc:12:12:c6:5c:aa:cc:d3:ad:1a:8d:da:f2:4e:ec:97:
b0:a1:2b:88:43:0a:33:19:d4:92:0a:8d:9c:3e:28:df:1b:ef:
ca:9c:92:65:ab:24:dc:cd:cf:2a:fd:0e:5d:54:ad:c6:51:3e:
b4:2f:eb:cc:96:4e:fb:59:81:15:ba:5d:a0:f9:ff:b5:76:e5:
0b:8f:0a:91:99:35:26:37:2a:73:57:d3:2f:f0:6d:8e:94:fd:
08:ea:6a:f5:51:f0:1a:d7:47:25:44:31:99:89:0c:ef:20:f0:
f5:e7:30:60:a0:86:2b:54:67:43:4b:a5:1b:fa:2f:83:cf:db:
4d:0f:a8:ce:f2:36:b2:20:2c:06:0a:18:5e:96:f1:38:49:31:
47:44:1d:b7:ac:4b:9d:1b:fb:a5:25:7d:55:03:d4:ab:88:79:
b5:c6:90:b1:ba:50:6b:ae:c3:8f:82:3a:0b:59:f3:55:6b:14:
38:88:86:f0:24:83:79:9b:a1:18:d4:ab:87:c0:a5:2e:04:ae:
b6:41:7c:00:3e:d6:c1:63:2a:71:36:f8:44:e2:21:6e:e9:61:
34:bf:6d:4b:fa:c0:93:79:e6:21:9a:b0:d4:af:12:df:05:25:
36:b1:ec:48:b2:f3:75:c9:50:2b:c7:26:d2:40:f0:83:1c:94:
8a:cd:8b:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuAuzsrPIpal/AyzCeoqGMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDMwMTMxNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTY3Yzg5MGQ0YzUwZWM1OWIyNzNhOWMzYjRiNzk2NzYzNGZlMWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5PCp5h/1TzRtYpdI0HvH6pbY54HO
YqHAI2ZbJeKTorVOIWvv3rcFWtraPn9GQWT0OEWtq4+GlDHwvwH93fl9mJ7NFXEH
PmwiiwU0T0j4SsQnSf0eM4ox25XrNhEhLFXJ7Glwzj5IYNL4wzOkDG/55K3evmMz
NykYWzwCkYpshDc+KJ0NtgR41iXd2X2SlfTE4oBqAuHD91Gp4fe4R44XSnpCZ5H0
V+dqEgGKWe0jYcAMAD6OqXUhYe19SIAiZ4o2Akr+yoQK8Sy7lb9qgRx0eat4dFVT
E+vmSq5kz2fRFmh4xOYCfYHTh7m3EQOAWdYvH6XVJ4gvXP0iJgFTWfTS4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCpnyJDUxQ7Fmyc6nDtLeWdjT+HFMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvS21mSWtOVEZEc1diSnpxY08wdDVaMk5QNGNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABc33BISxlyqzNOtGo3a
8k7sl7ChK4hDCjMZ1JIKjZw+KN8b78qckmWrJNzNzyr9Dl1UrcZRPrQv68yWTvtZ
gRW6XaD5/7V25QuPCpGZNSY3KnNX0y/wbY6U/QjqavVR8BrXRyVEMZmJDO8g8PXn
MGCghitUZ0NLpRv6L4PP200PqM7yNrIgLAYKGF6W8ThJMUdEHbesS50b+6UlfVUD
1KuIebXGkLG6UGuuw4+COgtZ81VrFDiIhvAkg3mboRjUq4fApS4ErrZBfAA+1sFj
KnE2+ETiIW7pYTS/bUv6wJN55iGasNSvEt8FJTax7Eiy83XJUCvHJtJA8IMclIrN
iwA=
-----END CERTIFICATE-----
Generated at Sun May 11 22:09:13 2025 by rpki-client