Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kvQC7QsyrM0EnSFkosebUtg5OHE.roa
File: kvQC7QsyrM0EnSFkosebUtg5OHE.roa (raw, json)
Hash identifier: z+N8+CkO7Lk4QUWAGZkY68o8ugKcnYIfAAieCrvr1EY=
Subject key identifier: 92:F4:02:ED:0B:32:AC:CD:04:9D:21:64:A2:C7:9B:52:D8:39:38:71
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C57464397C4E11EAFBDE584A2B69617EC
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kvQC7QsyrM0EnSFkosebUtg5OHE.roa
Signing time: Mon 11 Dec 2023 05:07:51 +0000
ROA not before: Mon 11 Dec 2023 05:07:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18c:5743:35be/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:57:46:43:97:c4:e1:1e:af:bd:e5:84:a2:b6:96:17:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 11 05:07:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92f402ed0b32accd049d2164a2c79b52d8393871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e5:0b:03:a6:d8:bf:63:98:39:74:5b:48:c5:
07:8b:fd:67:ad:99:b8:29:9c:4b:6d:e0:3d:cf:63:
79:bc:2f:88:c9:f7:99:3c:85:6d:17:c5:2e:67:dd:
58:96:fa:ce:06:2c:0c:d6:95:f9:25:fe:08:37:00:
33:8b:34:64:42:8f:f0:6a:2e:81:b3:a6:37:3d:b9:
9f:ca:3a:72:c1:06:8e:6e:89:99:cc:0e:ce:31:16:
cb:68:36:1e:cd:10:58:e6:70:08:39:4b:4d:80:af:
de:d6:6d:f2:5b:78:77:d3:e6:f7:c8:04:21:da:af:
3f:13:70:a3:d1:9f:5a:04:45:8a:c5:ff:7d:8a:8a:
6f:34:10:85:39:b5:ae:f5:f7:e0:41:ad:53:32:67:
e9:19:2c:c7:ca:09:12:50:67:00:cc:33:7c:da:0f:
08:53:0e:7c:59:ac:c0:bc:17:19:5e:fd:85:30:ec:
1c:76:48:96:9b:9f:c9:13:e8:cb:02:a0:91:55:24:
ff:37:af:48:30:7f:56:67:0b:89:65:53:4d:31:95:
73:08:fc:3e:3b:8f:5f:81:cb:b4:50:21:9d:50:84:
2b:ee:d4:1e:b1:a7:f1:95:c5:f3:25:fc:dd:05:72:
78:4a:ea:f9:c8:7b:6f:71:48:bd:0c:40:ab:8c:2d:
66:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:F4:02:ED:0B:32:AC:CD:04:9D:21:64:A2:C7:9B:52:D8:39:38:71
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kvQC7QsyrM0EnSFkosebUtg5OHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
22:ed:3d:4e:ed:b7:53:1c:4c:35:b4:12:fe:54:59:03:26:9e:
3d:b2:df:bc:1c:1e:e6:44:3e:46:f3:96:8e:60:7c:ca:bf:ce:
29:12:10:16:0d:24:6d:85:be:29:5f:08:f3:ed:74:bb:99:f7:
01:00:8c:04:bb:66:1d:9a:4b:ea:06:5c:fb:7d:39:57:49:f0:
65:1f:56:97:2b:40:2b:9d:1c:f3:7b:ab:8d:d6:f3:5c:57:b4:
77:cb:25:1c:07:17:bd:5d:bc:a9:d3:8e:46:7b:07:74:b5:4d:
c7:a0:e0:67:00:29:60:3f:a1:90:5b:60:ee:20:30:ba:ea:8f:
05:35:81:e6:1d:a4:e0:79:f2:71:14:77:d5:31:39:d0:e3:5c:
83:90:03:34:09:8e:f0:4c:bd:14:47:ad:3f:17:79:d8:49:de:
1f:90:0c:6b:bb:a5:a8:bd:ab:b3:01:0d:d0:63:a8:a9:fc:39:
e1:c1:c2:e7:e8:0c:06:14:d8:4d:f1:4b:9f:5e:2a:c2:ab:4a:
35:35:e5:69:20:84:99:00:52:b4:74:11:5c:86:cd:e0:98:a9:
3b:7f:c3:63:4d:fa:78:5c:bd:f0:d8:31:64:96:c8:ed:30:3d:
4e:67:b7:d1:70:98:2e:43:dc:86:d9:cb:16:5a:42:93:82:4a:
79:60:0a:d9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxXRkOXxOEer73lhKK2lhfsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjExMDUwNzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmY0MDJlZDBiMzJhY2NkMDQ5ZDIxNjRhMmM3OWI1MmQ4MzkzODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOULA6bYv2OYOXRbSMUHi/1nrZm4
KZxLbeA9z2N5vC+IyfeZPIVtF8UuZ91YlvrOBiwM1pX5Jf4INwAzizRkQo/wai6B
s6Y3PbmfyjpywQaObomZzA7OMRbLaDYezRBY5nAIOUtNgK/e1m3yW3h30+b3yAQh
2q8/E3Cj0Z9aBEWKxf99iopvNBCFObWu9ffgQa1TMmfpGSzHygkSUGcAzDN82g8I
Uw58WazAvBcZXv2FMOwcdkiWm5/JE+jLAqCRVST/N69IMH9WZwuJZVNNMZVzCPw+
O49fgcu0UCGdUIQr7tQesafxlcXzJfzdBXJ4Sur5yHtvcUi9DECrjC1mGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJL0Au0LMqzNBJ0hZKLHm1LYOThxMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEva3ZRQzdRc3lyTTBFblNGa29zZWJVdGc1T0hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACLtPU7tt1McTDW0Ev5U
WQMmnj2y37wcHuZEPkbzlo5gfMq/zikSEBYNJG2FvilfCPPtdLuZ9wEAjAS7Zh2a
S+oGXPt9OVdJ8GUfVpcrQCudHPN7q43W81xXtHfLJRwHF71dvKnTjkZ7B3S1Tceg
4GcAKWA/oZBbYO4gMLrqjwU1geYdpOB58nEUd9UxOdDjXIOQAzQJjvBMvRRHrT8X
edhJ3h+QDGu7pai9q7MBDdBjqKn8OeHBwufoDAYU2E3xS59eKsKrSjU15WkghJkA
UrR0EVyGzeCYqTt/w2NN+nhcvfDYMWSWyO0wPU5nt9FwmC5D3IbZyxZaQpOCSnlg
Ctk=
-----END CERTIFICATE-----
Generated at Wed May 14 10:17:24 2025 by rpki-client