Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kish1sWDdA7Zx3hC_3u4mDpgbos.roa
File: kish1sWDdA7Zx3hC_3u4mDpgbos.roa (raw, json)
Hash identifier: 6OOP+p+Ai+zrA285Ru9TWIN3YMOXzFYiXAZL4G5JsU0=
Subject key identifier: 92:2B:21:D6:C5:83:74:0E:D9:C7:78:42:FF:7B:B8:98:3A:60:6E:8B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AEC6A3CA74093528BC75EFAF5A4E5204C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kish1sWDdA7Zx3hC_3u4mDpgbos.roa
Signing time: Sun 01 Oct 2023 18:04:59 +0000
ROA not before: Sun 01 Oct 2023 18:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:ec69:c4c2/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ec:6a:3c:a7:40:93:52:8b:c7:5e:fa:f5:a4:e5:20:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 1 18:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=922b21d6c583740ed9c77842ff7bb8983a606e8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e4:40:1d:c3:f6:ec:0f:49:af:b2:5f:90:eb:
e5:89:e0:c9:b5:21:a6:79:4b:92:9a:b1:b7:38:3e:
d1:88:0d:75:26:6b:b3:fb:21:06:2c:d0:78:7f:74:
0b:62:a4:44:d8:f4:13:07:e4:17:47:d4:e3:0b:e7:
c8:f1:f9:a5:08:b4:16:8f:a8:4a:22:59:d0:2b:03:
74:ac:6b:59:a2:fe:aa:6a:6d:04:5f:d0:98:ff:3a:
0f:c6:e4:4c:f0:e1:26:61:cd:6a:0d:f7:0b:5a:15:
da:89:a0:cb:f6:3f:77:14:ce:36:a3:ff:20:35:2c:
c2:03:e7:57:83:dd:08:f8:3c:bb:10:37:3f:bf:af:
e3:a3:ea:c0:5f:01:cb:c4:92:ae:98:b3:91:a1:2d:
17:8a:47:1c:52:49:fb:79:12:f9:b9:87:81:e6:d5:
f8:f4:c2:9f:8f:d0:15:c0:bd:62:aa:b4:84:e7:2a:
30:51:96:6d:4f:cb:e0:b5:a4:94:08:19:83:87:77:
31:c3:c0:4b:4e:f5:67:5f:eb:41:69:21:eb:ec:ac:
1f:35:73:11:63:5d:70:a5:28:70:47:e9:fe:c2:44:
31:a3:0d:35:26:5f:11:70:52:b5:c0:01:d5:ff:d7:
eb:25:eb:ab:73:7e:04:00:54:cc:16:42:3a:07:79:
fc:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:2B:21:D6:C5:83:74:0E:D9:C7:78:42:FF:7B:B8:98:3A:60:6E:8B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kish1sWDdA7Zx3hC_3u4mDpgbos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
35:c9:62:26:d9:a7:9b:5f:a0:e2:4f:2c:ee:77:8e:17:1d:6a:
ee:a7:55:80:9d:a8:44:22:74:07:17:35:37:8c:87:19:83:f8:
26:4b:18:25:55:fe:de:cb:fc:33:83:fe:e7:5c:cb:65:d4:2e:
99:2b:e8:4d:46:5c:2c:8a:dc:93:34:0b:34:be:55:5e:f6:9e:
ee:05:53:e7:3a:6c:78:96:cc:51:df:05:a4:b3:b1:73:06:fe:
d5:a5:89:88:64:6d:47:cb:27:1d:f2:ab:7c:90:9c:1e:b3:a8:
e9:4f:49:a8:d3:45:11:86:b7:5e:7c:14:6d:0d:c3:ac:d7:ee:
cf:13:94:9b:34:58:8e:eb:d1:48:c9:48:50:82:8b:72:70:d1:
48:23:d4:9e:6d:11:b8:b3:2c:86:41:71:19:0a:3b:79:d8:98:
f9:b1:3a:be:bc:db:a8:23:d0:c1:09:a7:0b:d8:f2:e1:c0:f8:
05:6c:76:8e:6b:76:1c:5c:2e:51:25:0a:e3:43:4c:23:8e:bd:
56:dc:06:72:1c:cb:59:d9:dd:9d:e0:08:18:7a:c5:95:12:b9:
fa:3e:d2:5b:92:80:45:89:ef:7c:16:4a:f5:00:63:ab:bc:67:
53:63:e9:c8:c7:b7:13:bb:79:2e:df:6f:27:74:80:0c:ca:ff:
93:bf:b7:f5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrsajynQJNSi8de+vWk5SBMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAxMTgwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjJiMjFkNmM1ODM3NDBlZDljNzc4NDJmZjdiYjg5ODNhNjA2ZThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquRAHcP27A9Jr7JfkOvlieDJtSGm
eUuSmrG3OD7RiA11Jmuz+yEGLNB4f3QLYqRE2PQTB+QXR9TjC+fI8fmlCLQWj6hK
IlnQKwN0rGtZov6qam0EX9CY/zoPxuRM8OEmYc1qDfcLWhXaiaDL9j93FM42o/8g
NSzCA+dXg90I+Dy7EDc/v6/jo+rAXwHLxJKumLORoS0XikccUkn7eRL5uYeB5tX4
9MKfj9AVwL1iqrSE5yowUZZtT8vgtaSUCBmDh3cxw8BLTvVnX+tBaSHr7KwfNXMR
Y11wpShwR+n+wkQxow01Jl8RcFK1wAHV/9frJeurc34EAFTMFkI6B3n8bQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJIrIdbFg3QO2cd4Qv97uJg6YG6LMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEva2lzaDFzV0RkQTdaeDNoQ18zdTRtRHBnYm9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADXJYibZp5tfoOJPLO53
jhcdau6nVYCdqEQidAcXNTeMhxmD+CZLGCVV/t7L/DOD/udcy2XULpkr6E1GXCyK
3JM0CzS+VV72nu4FU+c6bHiWzFHfBaSzsXMG/tWliYhkbUfLJx3yq3yQnB6zqOlP
SajTRRGGt158FG0Nw6zX7s8TlJs0WI7r0UjJSFCCi3Jw0Ugj1J5tEbizLIZBcRkK
O3nYmPmxOr6826gj0MEJpwvY8uHA+AVsdo5rdhxcLlElCuNDTCOOvVbcBnIcy1nZ
3Z3gCBh6xZUSufo+0luSgEWJ73wWSvUAY6u8Z1Nj6cjHtxO7eS7fbyd0gAzK/5O/
t/U=
-----END CERTIFICATE-----
Generated at Mon May 12 07:24:37 2025 by rpki-client