Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kROEPhq0P-llNkjagXkhbs-3kQc.roa
File: kROEPhq0P-llNkjagXkhbs-3kQc.roa (raw, json)
Hash identifier: MpIp4hrJz4hiayBwFPdHigpDB1c8B+kf9uil1I5t1XE=
Subject key identifier: 91:13:84:3E:1A:B4:3F:E9:65:36:48:DA:81:79:21:6E:CF:B7:91:07
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B9553C152A5EB8FBA683023458DEE0B68
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kROEPhq0P-llNkjagXkhbs-3kQc.roa
Signing time: Fri 03 Nov 2023 13:16:15 +0000
ROA not before: Fri 03 Nov 2023 13:16:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:95:53:c1:52:a5:eb:8f:ba:68:30:23:45:8d:ee:0b:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 3 13:16:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9113843e1ab43fe9653648da8179216ecfb79107
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:fd:85:7a:16:1c:47:cf:fb:7b:9e:ae:f1:37:
74:5d:6b:8a:13:41:4c:9f:78:55:8a:4e:15:a6:01:
df:e3:9b:80:81:fd:17:8d:26:49:17:cb:29:34:1c:
69:8c:a1:70:d9:be:9b:7e:c7:2d:fa:40:58:be:12:
17:0f:56:21:2b:e5:6a:ed:0c:c9:e5:c7:9d:2d:17:
34:e8:d2:41:99:5b:cd:56:14:58:68:97:0a:88:9a:
28:61:b6:3c:be:ae:38:3b:c5:13:84:37:02:a6:b6:
b5:38:fc:16:98:24:ea:73:e9:91:cf:37:25:41:b7:
55:df:8e:4a:42:d6:0f:eb:18:be:1f:3f:1b:86:8c:
5d:0d:70:d9:63:68:6a:08:0f:6b:99:ea:5c:4e:44:
f0:e0:d8:02:7e:a4:d6:5b:7a:27:41:03:b4:0e:e5:
6b:86:ce:83:22:3e:5c:99:6a:33:1b:51:9e:b7:6d:
fd:57:34:1b:b4:6f:9d:8c:59:b5:20:11:f1:95:8e:
39:c2:03:5d:08:a7:f4:f8:8e:82:e6:dc:3f:4a:f2:
e3:e7:39:71:4f:74:39:28:8c:f8:94:11:d8:a3:aa:
81:4a:9a:ba:cf:c1:ad:06:ee:43:44:20:52:42:58:
d2:11:e7:db:78:c1:6a:ad:1f:08:ef:21:d9:a3:8a:
c1:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:13:84:3E:1A:B4:3F:E9:65:36:48:DA:81:79:21:6E:CF:B7:91:07
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kROEPhq0P-llNkjagXkhbs-3kQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5a:6e:56:a8:42:07:da:1e:d6:e0:6a:c2:7d:85:b9:f8:64:9b:
c6:62:aa:1e:3c:db:d8:11:31:59:27:ba:16:d8:dd:f4:9a:1e:
ab:4b:44:4a:0e:67:7f:05:83:ae:74:be:9b:73:9c:a7:c0:43:
f3:c1:ab:44:43:58:49:c1:0a:49:b7:5c:6b:eb:e5:28:1f:9d:
bb:44:18:21:c6:93:65:fd:d4:07:23:8c:64:d7:a2:5b:42:fe:
14:f7:33:2c:dd:39:e0:19:1a:b1:df:ae:fd:20:71:cc:9f:14:
22:50:17:0d:9d:d0:89:82:f1:55:cc:1d:0b:66:0a:b7:11:64:
01:12:40:2c:18:af:d5:a2:e0:ce:97:46:6b:66:8a:b5:2a:24:
11:90:13:54:a3:c5:7e:ec:4b:a8:e8:f5:84:a6:50:74:86:cd:
b1:72:66:59:15:f0:0c:3d:97:89:05:7c:37:17:6e:f5:37:e8:
f2:9b:10:1f:de:1c:d8:48:f2:a8:6b:bd:5f:92:45:e2:90:83:
25:6c:83:52:c7:e5:61:fc:58:80:86:60:ea:60:a5:03:e8:0c:
98:35:c6:05:4d:34:53:6e:26:2a:13:91:1c:cd:d1:b9:e3:d1:
2a:2d:8d:db:12:d3:03:26:cf:15:56:e7:f7:10:56:97:28:ac:
62:5a:5b:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuVU8FSpeuPumgwI0WN7gtoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAzMTMxNjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTEzODQzZTFhYjQzZmU5NjUzNjQ4ZGE4MTc5MjE2ZWNmYjc5MTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmv2FehYcR8/7e56u8Td0XWuKE0FM
n3hVik4VpgHf45uAgf0XjSZJF8spNBxpjKFw2b6bfsct+kBYvhIXD1YhK+Vq7QzJ
5cedLRc06NJBmVvNVhRYaJcKiJooYbY8vq44O8UThDcCpra1OPwWmCTqc+mRzzcl
QbdV345KQtYP6xi+Hz8bhoxdDXDZY2hqCA9rmepcTkTw4NgCfqTWW3onQQO0DuVr
hs6DIj5cmWozG1Get239VzQbtG+djFm1IBHxlY45wgNdCKf0+I6C5tw/SvLj5zlx
T3Q5KIz4lBHYo6qBSpq6z8GtBu5DRCBSQljSEefbeMFqrR8I7yHZo4rBJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJEThD4atD/pZTZI2oF5IW7Pt5EHMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEva1JPRVBocTBQLWxsTmtqYWdYa2hicy0za1FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFpuVqhCB9oe1uBqwn2F
ufhkm8Ziqh4829gRMVknuhbY3fSaHqtLREoOZ38Fg650vptznKfAQ/PBq0RDWEnB
Ckm3XGvr5SgfnbtEGCHGk2X91AcjjGTXoltC/hT3MyzdOeAZGrHfrv0gccyfFCJQ
Fw2d0ImC8VXMHQtmCrcRZAESQCwYr9Wi4M6XRmtmirUqJBGQE1SjxX7sS6jo9YSm
UHSGzbFyZlkV8Aw9l4kFfDcXbvU36PKbEB/eHNhI8qhrvV+SReKQgyVsg1LH5WH8
WICGYOpgpQPoDJg1xgVNNFNuJioTkRzN0bnj0SotjdsS0wMmzxVW5/cQVpcorGJa
W8s=
-----END CERTIFICATE-----
Generated at Tue May 13 22:32:20 2025 by rpki-client