Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kBJvxBuVr1qaJ2W4spHhLzU06ZM.roa
File: kBJvxBuVr1qaJ2W4spHhLzU06ZM.roa (raw, json)
Hash identifier: J0aiL0duVmVE2mssLe8XICK0omGNQEM0YimizY8Hj8k=
Subject key identifier: 90:12:6F:C4:1B:95:AF:5A:9A:27:65:B8:B2:91:E1:2F:35:34:E9:93
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AB5B33CF7A65FFBFA008ABBEECFF1E9A4
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kBJvxBuVr1qaJ2W4spHhLzU06ZM.roa
Signing time: Thu 21 Sep 2023 03:05:37 +0000
ROA not before: Thu 21 Sep 2023 03:05:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:b5b2:50c4/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b5:b3:3c:f7:a6:5f:fb:fa:00:8a:bb:ee:cf:f1:e9:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 21 03:05:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90126fc41b95af5a9a2765b8b291e12f3534e993
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4f:01:f1:cc:60:23:d2:47:d4:cb:48:1c:ea:
56:b4:e6:44:a4:2e:97:0c:de:ae:05:d2:16:2b:b4:
e2:9a:80:de:66:18:63:fa:f2:91:d0:30:16:8d:93:
60:6d:d1:ee:7e:df:60:93:af:ff:81:79:f4:cd:01:
64:e4:51:92:c1:62:41:46:25:af:00:89:42:e0:5a:
37:d9:38:46:27:96:12:ce:38:bc:1b:6a:a9:2f:a7:
24:f6:58:06:43:22:f6:1a:0d:24:fc:08:8d:5b:0e:
9f:33:48:08:1b:3b:cc:92:99:05:40:21:7a:8d:15:
3b:12:61:de:80:89:bf:85:a1:5c:c8:5d:bb:f1:aa:
a2:55:c2:9d:85:ce:f0:b0:89:ac:50:a5:f3:1f:77:
e2:84:d9:f3:80:56:62:1c:bc:e2:22:2f:c4:55:bb:
63:ca:bf:05:6d:36:f8:b2:95:d9:c0:a2:f3:a2:91:
52:48:d8:f0:7f:7b:6d:21:f9:8f:6d:04:c1:e2:59:
5a:cb:f2:fc:4b:60:13:f5:23:ce:a6:f2:85:17:6f:
13:df:8f:59:ba:cf:e8:2c:48:bd:9c:c9:50:68:39:
97:eb:5f:21:37:56:82:86:a5:ec:ce:ac:68:31:b1:
b8:7d:a3:a5:cf:98:8b:e0:c8:62:e4:46:44:76:8a:
69:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:12:6F:C4:1B:95:AF:5A:9A:27:65:B8:B2:91:E1:2F:35:34:E9:93
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kBJvxBuVr1qaJ2W4spHhLzU06ZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
46:f5:23:02:0e:3e:0c:38:90:0a:c0:f8:86:b0:eb:b5:d1:18:
79:27:ad:bd:d6:22:ed:5b:fd:57:2c:75:ed:d2:ca:1c:ec:72:
9c:98:4e:62:22:4f:38:73:dc:0b:98:73:16:80:87:16:54:12:
f5:85:15:66:f5:4a:63:88:1d:b7:cc:b0:3a:43:47:c1:1c:5b:
13:a3:44:9f:33:97:86:e5:b7:40:25:fb:98:86:b9:b7:8d:a3:
ad:f5:77:77:41:ee:a2:72:ea:b6:15:f9:e9:b6:79:f7:d7:17:
35:9f:4f:a8:78:b4:fb:80:a6:f4:d7:64:29:69:e1:d1:58:b2:
60:79:bb:91:bc:10:d7:e2:24:f0:de:f2:00:74:d5:7a:30:4e:
20:d4:2f:b1:23:32:04:39:55:ae:7f:f1:fa:31:af:5b:da:a6:
e1:d3:a4:ea:9b:13:3d:d8:c6:b4:fb:55:ec:14:49:44:fe:9e:
12:e2:4b:04:bd:1b:4d:6d:cd:6e:3d:70:8f:fe:36:51:00:c2:
f6:95:85:3a:4e:ce:26:d4:a8:cd:ef:a2:34:de:67:9a:7c:6b:
93:56:b4:06:a2:f4:55:9f:9a:b2:e4:89:d5:b9:47:28:c0:c5:
30:a4:ea:91:89:96:7a:2f:a4:2e:24:40:21:9b:dc:11:9c:88:
c5:b9:26:e0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq1szz3pl/7+gCKu+7P8emkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIxMDMwNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDEyNmZjNDFiOTVhZjVhOWEyNzY1YjhiMjkxZTEyZjM1MzRlOTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqk8B8cxgI9JH1MtIHOpWtOZEpC6X
DN6uBdIWK7TimoDeZhhj+vKR0DAWjZNgbdHuft9gk6//gXn0zQFk5FGSwWJBRiWv
AIlC4Fo32ThGJ5YSzji8G2qpL6ck9lgGQyL2Gg0k/AiNWw6fM0gIGzvMkpkFQCF6
jRU7EmHegIm/haFcyF278aqiVcKdhc7wsImsUKXzH3fihNnzgFZiHLziIi/EVbtj
yr8FbTb4spXZwKLzopFSSNjwf3ttIfmPbQTB4llay/L8S2AT9SPOpvKFF28T349Z
us/oLEi9nMlQaDmX618hN1aChqXszqxoMbG4faOlz5iL4Mhi5EZEdoppGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJASb8Qbla9amidluLKR4S81NOmTMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEva0JKdnhCdVZyMXFhSjJXNHNwSGhMelUwNlpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEb1IwIOPgw4kArA+Iaw
67XRGHknrb3WIu1b/Vcsde3SyhzscpyYTmIiTzhz3AuYcxaAhxZUEvWFFWb1SmOI
HbfMsDpDR8EcWxOjRJ8zl4blt0Al+5iGubeNo631d3dB7qJy6rYV+em2effXFzWf
T6h4tPuApvTXZClp4dFYsmB5u5G8ENfiJPDe8gB01XowTiDUL7EjMgQ5Va5/8fox
r1vapuHTpOqbEz3YxrT7VewUSUT+nhLiSwS9G01tzW49cI/+NlEAwvaVhTpOzibU
qM3vojTeZ5p8a5NWtAai9FWfmrLkidW5RyjAxTCk6pGJlnovpC4kQCGb3BGciMW5
JuA=
-----END CERTIFICATE-----
Generated at Mon May 12 19:58:13 2025 by rpki-client