Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KwGopYTK0lIekLu3EgGtoZ0NTTQ.roa
File: KwGopYTK0lIekLu3EgGtoZ0NTTQ.roa (raw, json)
Hash identifier: Eqf4KSpej2u93hf58ZoMh0MAcT64u37QD+AHo8vqYzQ=
Subject key identifier: 2B:01:A8:A5:84:CA:D2:52:1E:90:BB:B7:12:01:AD:A1:9D:0D:4D:34
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B55630AF97289C655EF1523CF5E8073A5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KwGopYTK0lIekLu3EgGtoZ0NTTQ.roa
Signing time: Sun 22 Oct 2023 03:17:16 +0000
ROA not before: Sun 22 Oct 2023 03:17:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:55:63:0a:f9:72:89:c6:55:ef:15:23:cf:5e:80:73:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 22 03:17:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b01a8a584cad2521e90bbb71201ada19d0d4d34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ad:d0:7d:24:26:37:65:40:02:fc:57:d9:eb:
55:f8:75:4b:5f:4c:ee:a8:73:2e:70:e9:f3:18:0a:
67:e1:d1:3d:f4:c0:3c:c4:9e:eb:e7:c4:23:ad:d2:
46:ee:70:9b:3f:54:38:d2:15:5e:0e:f6:9c:bf:7a:
68:b5:60:5f:a7:a6:08:8b:11:3b:ec:a6:45:6f:d9:
18:dc:78:c3:31:43:4f:b1:da:73:da:d5:ee:b4:8c:
df:99:90:72:12:ef:a0:3f:dd:75:ff:66:fb:03:2a:
65:a3:4a:2c:54:7e:20:f9:90:23:8d:34:95:cd:3c:
c9:d3:6a:34:38:48:5c:2d:2d:e1:f9:c5:ef:ef:f6:
71:d5:9e:03:0b:5d:1f:8a:f9:cf:77:a6:63:3b:8e:
d9:04:16:97:b7:fe:6e:b5:a4:d2:09:f8:25:c2:35:
d8:95:1d:02:dc:02:50:44:48:c0:ec:84:65:c3:40:
84:25:5e:77:0e:2a:4f:c3:1b:cc:49:2e:a5:fe:c5:
bd:26:44:c9:3c:7e:a2:ba:57:70:c5:60:4f:50:a9:
8e:a0:f0:4d:79:43:d0:84:94:85:15:f9:80:21:5b:
71:f1:d1:e1:8e:29:b8:3d:82:b8:70:08:61:d7:89:
60:f9:04:57:a4:8e:47:7b:0c:4e:08:0c:69:a9:1d:
69:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:01:A8:A5:84:CA:D2:52:1E:90:BB:B7:12:01:AD:A1:9D:0D:4D:34
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KwGopYTK0lIekLu3EgGtoZ0NTTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
86:a4:be:22:21:61:e1:34:6c:da:ce:42:dd:81:3e:e9:e6:da:
5d:19:f1:2a:08:b9:40:19:08:b4:f7:fe:9c:a0:31:56:65:11:
65:cd:34:87:ed:f4:fc:16:cc:55:06:59:23:75:db:c3:5b:13:
8c:a8:45:89:42:48:e8:71:0f:2a:99:a3:c4:ae:df:00:88:91:
fa:3c:35:43:69:e5:dd:cc:35:f1:a7:89:0a:f4:0c:e7:8d:2e:
89:f4:e3:ec:b0:04:98:8b:99:b3:cb:83:4e:c4:c4:0e:c8:6f:
5d:54:39:40:36:f4:62:79:52:4c:ad:84:e4:6b:b6:3e:a4:6b:
39:68:f6:cc:de:6d:71:e1:61:1e:70:ae:4b:9d:6a:e8:76:b3:
27:13:29:36:fc:e2:25:d2:47:32:2d:01:5e:91:eb:ef:3e:64:
e4:e2:4d:01:7c:c0:d9:0b:04:ba:29:37:17:e0:2f:29:93:63:
67:62:2a:d2:66:4d:4e:8b:f4:79:31:8c:ab:38:92:39:9c:79:
70:21:60:46:6c:66:bb:f1:96:fd:bd:b1:b1:da:f5:01:f3:f3:
35:5c:68:16:ec:52:35:95:ec:37:9d:05:2c:15:b8:a2:e6:8e:
b6:85:db:a3:41:07:ef:90:53:ca:2a:98:e1:54:91:cc:29:bd:
a6:cd:57:81
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtVYwr5conGVe8VI89egHOlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIyMDMxNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjAxYThhNTg0Y2FkMjUyMWU5MGJiYjcxMjAxYWRhMTlkMGQ0ZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAja3QfSQmN2VAAvxX2etV+HVLX0zu
qHMucOnzGApn4dE99MA8xJ7r58QjrdJG7nCbP1Q40hVeDvacv3potWBfp6YIixE7
7KZFb9kY3HjDMUNPsdpz2tXutIzfmZByEu+gP911/2b7Ayplo0osVH4g+ZAjjTSV
zTzJ02o0OEhcLS3h+cXv7/Zx1Z4DC10fivnPd6ZjO47ZBBaXt/5utaTSCfglwjXY
lR0C3AJQREjA7IRlw0CEJV53DipPwxvMSS6l/sW9JkTJPH6iuldwxWBPUKmOoPBN
eUPQhJSFFfmAIVtx8dHhjim4PYK4cAhh14lg+QRXpI5HewxOCAxpqR1psQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCsBqKWEytJSHpC7txIBraGdDU00MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvS3dHb3BZVEswbElla0x1M0VnR3RvWjBOVFRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIakviIhYeE0bNrOQt2B
Punm2l0Z8SoIuUAZCLT3/pygMVZlEWXNNIft9PwWzFUGWSN128NbE4yoRYlCSOhx
DyqZo8Su3wCIkfo8NUNp5d3MNfGniQr0DOeNLon04+ywBJiLmbPLg07ExA7Ib11U
OUA29GJ5UkythORrtj6kazlo9szebXHhYR5wrkudauh2sycTKTb84iXSRzItAV6R
6+8+ZOTiTQF8wNkLBLopNxfgLymTY2diKtJmTU6L9HkxjKs4kjmceXAhYEZsZrvx
lv29sbHa9QHz8zVcaBbsUjWV7DedBSwVuKLmjraF26NBB++QU8oqmOFUkcwpvabN
V4E=
-----END CERTIFICATE-----
Generated at Tue May 13 09:20:36 2025 by rpki-client