Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TKidR-B6sOajjzvuXaQ_FH5fZQE.roa
File: TKidR-B6sOajjzvuXaQ_FH5fZQE.roa (raw, json)
Hash identifier: 3HpLfKK7TiiAYABQrjz/UntJauo5S+/5p/D+WgKVSmc=
Subject key identifier: 4C:A8:9D:47:E0:7A:B0:E6:A3:8F:3B:EE:5D:A4:3F:14:7E:5F:65:01
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C42E862F3D09CCF047B9D7DA3D5708E27
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TKidR-B6sOajjzvuXaQ_FH5fZQE.roa
Signing time: Thu 07 Dec 2023 06:12:54 +0000
ROA not before: Thu 07 Dec 2023 06:12:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:42:e8:62:f3:d0:9c:cf:04:7b:9d:7d:a3:d5:70:8e:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 7 06:12:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ca89d47e07ab0e6a38f3bee5da43f147e5f6501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8e:64:30:6d:47:02:4b:39:61:4e:24:e0:01:
ce:c7:9f:1a:5a:9c:36:ca:68:a8:2e:77:c0:14:39:
a1:4f:f4:d7:09:61:19:2c:f3:b5:48:02:0c:a5:a5:
c0:3d:7f:e1:d9:c0:35:10:59:38:b2:a4:cf:47:16:
d2:6a:95:01:a2:84:44:61:df:b6:de:2a:25:3e:23:
2d:d2:48:51:43:22:43:77:45:57:d6:8f:92:c4:71:
e7:30:38:9e:5d:29:20:e6:b4:3e:13:85:d5:7f:8a:
fb:84:03:7d:44:83:03:6e:b1:dc:75:42:5c:40:0e:
2d:05:c8:23:ab:e6:d6:2c:b4:bc:10:f8:4f:a1:21:
c1:d5:32:40:7b:a6:31:5a:cc:1e:9b:24:59:5a:b1:
f2:93:ab:ca:38:bd:be:d0:7b:7b:21:2c:87:b5:c9:
72:44:93:94:5d:92:04:fe:f5:f8:bb:13:38:cb:3e:
0d:65:86:20:a2:4b:53:d7:6a:36:59:20:02:3e:2a:
8c:b4:bd:89:d8:4f:8a:9a:ef:08:bc:c8:d8:65:c6:
35:2f:98:c3:d7:5d:f5:05:e2:4c:a3:8e:07:6e:63:
b0:fc:13:40:80:5d:6e:45:27:ee:a7:25:34:1b:bb:
13:cb:4f:1e:c7:e4:0f:d2:b6:0f:a0:7e:7a:e6:53:
05:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:A8:9D:47:E0:7A:B0:E6:A3:8F:3B:EE:5D:A4:3F:14:7E:5F:65:01
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TKidR-B6sOajjzvuXaQ_FH5fZQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
cc:6b:a9:8f:73:b9:14:41:56:f4:3b:2f:c8:ea:0b:88:c3:ee:
5e:a7:9a:8c:db:dd:42:5e:f2:bd:c3:78:49:dd:7d:c9:a6:74:
29:42:7d:ea:9d:ec:df:c5:26:9f:68:0f:b7:81:ae:dd:08:a5:
09:94:23:b2:81:f7:ba:ae:37:25:0b:c5:b1:81:fb:6d:e0:fc:
95:16:4e:cd:de:f1:f5:60:15:c5:1f:16:4a:b5:de:0c:8b:cb:
ca:54:14:5c:ba:40:55:de:e6:21:c2:f1:de:12:46:11:f2:90:
a0:98:0b:a2:e9:dd:01:ef:85:a1:70:7f:d9:62:46:7e:1e:0a:
b7:4d:80:7d:7b:a8:63:c8:17:0a:b5:23:22:e8:c4:09:ec:91:
f0:a7:07:2d:f6:2c:dc:2b:e5:25:4e:bc:c5:d8:85:89:11:9f:
1d:75:bc:55:2c:35:8e:78:f4:4b:63:dd:ed:1f:e2:12:41:3f:
13:c3:9f:b1:4a:15:56:66:45:fd:1f:42:fc:c3:18:bc:a7:6b:
1b:88:1c:f2:5f:85:d2:0d:a1:77:28:9d:90:67:f5:ff:66:ad:
5c:9b:7d:49:52:b4:c8:d4:aa:01:1d:84:15:33:99:42:07:93:
aa:13:d1:67:9c:a8:df:ed:8d:42:cc:08:27:3d:6f:03:b4:a5:
ba:42:e8:e6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxC6GLz0JzPBHudfaPVcI4nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA3MDYxMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2E4OWQ0N2UwN2FiMGU2YTM4ZjNiZWU1ZGE0M2YxNDdlNWY2NTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAso5kMG1HAks5YU4k4AHOx58aWpw2
ymioLnfAFDmhT/TXCWEZLPO1SAIMpaXAPX/h2cA1EFk4sqTPRxbSapUBooREYd+2
3iolPiMt0khRQyJDd0VX1o+SxHHnMDieXSkg5rQ+E4XVf4r7hAN9RIMDbrHcdUJc
QA4tBcgjq+bWLLS8EPhPoSHB1TJAe6YxWswemyRZWrHyk6vKOL2+0Ht7ISyHtcly
RJOUXZIE/vX4uxM4yz4NZYYgoktT12o2WSACPiqMtL2J2E+Kmu8IvMjYZcY1L5jD
1131BeJMo44HbmOw/BNAgF1uRSfupyU0G7sTy08ex+QP0rYPoH565lMF9QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEyonUfgerDmo4877l2kPxR+X2UBMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVEtpZFItQjZzT2Fqanp2dVhhUV9GSDVmWlFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMxrqY9zuRRBVvQ7L8jq
C4jD7l6nmozb3UJe8r3DeEndfcmmdClCfeqd7N/FJp9oD7eBrt0IpQmUI7KB97qu
NyULxbGB+23g/JUWTs3e8fVgFcUfFkq13gyLy8pUFFy6QFXe5iHC8d4SRhHykKCY
C6Lp3QHvhaFwf9liRn4eCrdNgH17qGPIFwq1IyLoxAnskfCnBy32LNwr5SVOvMXY
hYkRnx11vFUsNY549Etj3e0f4hJBPxPDn7FKFVZmRf0fQvzDGLynaxuIHPJfhdIN
oXconZBn9f9mrVybfUlStMjUqgEdhBUzmUIHk6oT0WecqN/tjULMCCc9bwO0pbpC
6OY=
-----END CERTIFICATE-----
Generated at Wed May 14 07:09:29 2025 by rpki-client