Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KvKUmIVt71Pkzzb-I8blfYIat20.roa
File: KvKUmIVt71Pkzzb-I8blfYIat20.roa (raw, json)
Hash identifier: w5GkAnpdjDdhX2reTC/nAUQnrj7c1Pbh8J5Xzw0gGHs=
Subject key identifier: 2A:F2:94:98:85:6D:EF:53:E4:CF:36:FE:23:C6:E5:7D:82:1A:B7:6D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AD50D83808C0BFA37F3E1D27E67EAA2F0
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KvKUmIVt71Pkzzb-I8blfYIat20.roa
Signing time: Wed 27 Sep 2023 05:12:27 +0000
ROA not before: Wed 27 Sep 2023 05:12:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d5:0d:83:80:8c:0b:fa:37:f3:e1:d2:7e:67:ea:a2:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 27 05:12:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2af29498856def53e4cf36fe23c6e57d821ab76d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ac:30:2b:f1:a8:31:bc:90:a3:4e:54:24:84:
70:9c:af:39:de:9a:c9:47:45:49:9e:5a:04:61:a9:
dc:8a:07:7d:8a:b5:ab:81:24:a0:1c:46:12:85:fb:
50:dd:f9:69:e9:01:3d:65:12:ba:e7:b1:9e:2d:42:
c7:ee:94:c4:08:0b:79:d3:c0:43:9f:22:89:7e:29:
29:eb:58:51:b2:85:cd:a4:0d:a5:44:8d:ab:22:3c:
9d:23:ad:38:74:8d:bd:50:43:b9:20:07:7c:0c:dd:
3e:a1:02:58:06:17:f2:09:8c:91:07:9b:6a:76:9b:
16:d1:8c:a6:14:98:43:d3:7f:2a:b7:80:54:71:2b:
44:fc:f1:10:05:77:a1:cd:1e:6d:c0:81:65:27:82:
9c:fd:90:68:9f:59:f1:4b:a4:ee:cc:2c:11:95:84:
76:5a:ff:7c:32:6b:03:9d:44:0e:95:14:7d:31:6b:
55:2b:45:0a:33:24:70:03:f5:6d:1c:8e:e1:be:85:
94:1f:ca:75:50:ab:69:ce:22:91:22:41:3b:26:9b:
25:45:51:d0:7d:2b:02:14:b4:c3:87:47:81:3a:29:
f5:1c:6c:be:ea:28:b4:ad:c1:9b:0f:71:19:b1:c5:
34:29:21:ec:ca:42:35:1e:93:72:3e:35:7b:8c:a9:
63:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F2:94:98:85:6D:EF:53:E4:CF:36:FE:23:C6:E5:7D:82:1A:B7:6D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KvKUmIVt71Pkzzb-I8blfYIat20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
56:3f:7e:d6:09:9f:25:70:27:e6:da:7e:39:99:ed:6f:8d:90:
74:9a:b6:e2:a5:b0:c0:65:e6:68:95:cb:b0:0a:e0:38:ba:c6:
3d:fa:f5:5f:11:70:d5:b5:3f:a2:21:83:ab:b2:ff:d5:99:0a:
70:63:69:0d:4d:01:9b:a7:f1:f8:ce:63:38:e1:58:96:e3:8f:
7b:ff:d6:b3:7a:72:41:6b:f5:f6:64:46:a8:5d:13:0d:36:2f:
82:4d:0d:95:79:ca:a4:98:ab:24:3a:a7:ce:38:3c:9c:90:2a:
a6:c1:51:7a:65:74:22:6b:eb:77:de:45:35:c4:b3:c3:f3:cd:
ab:c9:bd:c1:75:4f:05:f6:87:a2:30:76:93:c1:4c:95:f5:b8:
14:3c:c4:bd:f1:c1:f6:3f:d6:4c:30:9e:e1:9d:74:8e:fb:92:
79:c2:fc:a9:c8:41:76:5f:a0:a4:c0:e8:0b:f6:3d:59:62:e1:
f0:2b:c9:63:cc:72:03:79:f3:3f:91:38:80:ff:1f:17:22:7a:
d5:69:94:fa:56:79:32:93:c5:70:39:15:b9:df:35:1a:7a:65:
9e:d3:f3:69:e1:0c:45:b5:ea:cd:d2:6a:45:53:e3:a2:98:dc:
e6:39:58:92:09:57:04:e6:fc:ec:66:7b:f1:8f:45:03:04:5d:
17:e9:9d:8b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrVDYOAjAv6N/Ph0n5n6qLwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI3MDUxMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWYyOTQ5ODg1NmRlZjUzZTRjZjM2ZmUyM2M2ZTU3ZDgyMWFiNzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqwwK/GoMbyQo05UJIRwnK853prJ
R0VJnloEYancigd9irWrgSSgHEYShftQ3flp6QE9ZRK657GeLULH7pTECAt508BD
nyKJfikp61hRsoXNpA2lRI2rIjydI604dI29UEO5IAd8DN0+oQJYBhfyCYyRB5tq
dpsW0YymFJhD038qt4BUcStE/PEQBXehzR5twIFlJ4Kc/ZBon1nxS6TuzCwRlYR2
Wv98MmsDnUQOlRR9MWtVK0UKMyRwA/VtHI7hvoWUH8p1UKtpziKRIkE7JpslRVHQ
fSsCFLTDh0eBOin1HGy+6ii0rcGbD3EZscU0KSHsykI1HpNyPjV7jKlj1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCrylJiFbe9T5M82/iPG5X2CGrdtMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvS3ZLVW1JVnQ3MVBrenpiLUk4YmxmWUlhdDIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFY/ftYJnyVwJ+bafjmZ
7W+NkHSatuKlsMBl5miVy7AK4Di6xj369V8RcNW1P6Ihg6uy/9WZCnBjaQ1NAZun
8fjOYzjhWJbjj3v/1rN6ckFr9fZkRqhdEw02L4JNDZV5yqSYqyQ6p844PJyQKqbB
UXpldCJr63feRTXEs8PzzavJvcF1TwX2h6IwdpPBTJX1uBQ8xL3xwfY/1kwwnuGd
dI77knnC/KnIQXZfoKTA6Av2PVli4fAryWPMcgN58z+ROID/HxcietVplPpWeTKT
xXA5FbnfNRp6ZZ7T82nhDEW16s3SakVT46KY3OY5WJIJVwTm/Oxme/GPRQMEXRfp
nYs=
-----END CERTIFICATE-----
Generated at Mon May 12 04:27:14 2025 by rpki-client