Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kvw8gpuDY0SioA-3FTnpDlKsE_Y.roa
File: kvw8gpuDY0SioA-3FTnpDlKsE_Y.roa (raw, json)
Hash identifier: at/LDOSMrfPp6+secwZoL2+ZthYKt/A9XkqinfIJK5U=
Subject key identifier: 92:FC:3C:82:9B:83:63:44:A2:A0:0F:B7:15:39:E9:0E:52:AC:13:F6
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B99317043022A416CE506BB2A4D2DDD71
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kvw8gpuDY0SioA-3FTnpDlKsE_Y.roa
Signing time: Sat 04 Nov 2023 07:17:15 +0000
ROA not before: Sat 04 Nov 2023 07:17:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:99:31:70:43:02:2a:41:6c:e5:06:bb:2a:4d:2d:dd:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 4 07:17:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92fc3c829b836344a2a00fb71539e90e52ac13f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:32:75:c8:b0:05:8e:c7:2f:f9:23:60:6d:4e:
55:bb:ac:ed:50:d5:fa:04:85:c0:c5:1d:b0:03:8f:
41:5d:5f:f3:70:ab:36:a1:a2:95:d5:c9:b0:8f:6d:
42:85:8a:53:4a:15:76:1f:d8:e3:09:5e:cd:d4:d6:
24:d2:25:6d:9a:e4:fd:1b:db:30:2a:92:f1:fb:75:
6b:5e:9e:a3:ef:9a:47:c0:1a:17:3e:4a:9c:9d:19:
4b:5b:ae:c6:f1:04:3a:a1:35:d5:0f:8f:fb:63:0b:
50:13:b5:fb:6f:d2:8c:ad:a4:e6:cf:19:66:5e:ce:
ae:fe:c3:cd:04:d1:ab:67:06:55:1c:a8:eb:bc:17:
17:86:4c:47:a0:7c:63:5b:bc:86:de:52:bd:56:c0:
08:1a:51:50:2a:1b:b9:8b:d5:e4:2d:21:e8:89:45:
0a:4d:5d:bc:2c:d1:c3:85:1d:1d:52:de:33:d8:02:
43:ac:e2:5c:76:a8:be:ed:1d:7a:a6:6d:61:04:71:
85:b2:66:14:7f:8d:c0:39:cc:eb:66:d9:67:5b:0c:
02:3e:e5:fd:39:f8:a3:58:e2:3e:d5:d3:08:c2:a9:
5a:be:e4:79:b6:ef:dc:d9:6c:ae:d2:7d:ee:53:d9:
13:bd:90:82:0b:69:31:5c:e1:c1:2a:57:81:b7:86:
3e:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:FC:3C:82:9B:83:63:44:A2:A0:0F:B7:15:39:E9:0E:52:AC:13:F6
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kvw8gpuDY0SioA-3FTnpDlKsE_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c4:44:4f:15:d2:39:fb:d6:2e:ac:e6:84:98:67:28:d0:14:d9:
4e:0d:36:d7:60:61:39:f3:7f:7b:96:26:2f:fd:24:29:fd:9b:
c7:34:e0:45:7e:5a:b2:f4:6a:03:ed:6e:fa:b6:9e:27:14:92:
c5:fb:86:d6:62:fd:5f:76:75:c1:41:55:35:83:1a:db:06:d6:
07:d3:83:ed:19:3b:6f:73:54:e7:18:02:a1:c5:b0:0c:c2:eb:
a4:2e:a9:90:96:d2:46:65:74:af:83:f5:31:86:fa:90:cb:fe:
88:76:48:88:aa:b9:a3:c8:a3:ed:1d:50:41:52:93:8e:1a:72:
b0:ae:1e:2b:4d:36:af:c9:3b:88:de:a6:7a:f7:32:9e:4d:0a:
14:8f:eb:82:84:c2:4b:b2:a4:af:ba:11:3f:f9:bc:8d:46:64:
7e:2a:53:79:e0:ac:e8:c4:2b:73:b6:9c:b7:9b:d2:ba:20:79:
26:0f:88:3d:16:18:06:a4:dd:ed:14:fc:21:59:8d:51:cd:db:
9c:02:82:38:4a:17:bc:b3:af:33:bc:33:78:e0:2b:45:0f:be:
63:82:d7:0a:de:46:ff:67:21:54:f3:79:43:3f:29:2b:b6:cd:
bd:c6:f8:47:f8:48:f4:82:ed:f8:2f:bd:2b:b2:05:80:10:5f:
d1:5d:96:f0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuZMXBDAipBbOUGuypNLd1xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA0MDcxNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmZjM2M4MjliODM2MzQ0YTJhMDBmYjcxNTM5ZTkwZTUyYWMxM2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzJ1yLAFjscv+SNgbU5Vu6ztUNX6
BIXAxR2wA49BXV/zcKs2oaKV1cmwj21ChYpTShV2H9jjCV7N1NYk0iVtmuT9G9sw
KpLx+3VrXp6j75pHwBoXPkqcnRlLW67G8QQ6oTXVD4/7YwtQE7X7b9KMraTmzxlm
Xs6u/sPNBNGrZwZVHKjrvBcXhkxHoHxjW7yG3lK9VsAIGlFQKhu5i9XkLSHoiUUK
TV28LNHDhR0dUt4z2AJDrOJcdqi+7R16pm1hBHGFsmYUf43AOczrZtlnWwwCPuX9
OfijWOI+1dMIwqlavuR5tu/c2Wyu0n3uU9kTvZCCC2kxXOHBKleBt4Y+lwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJL8PIKbg2NEoqAPtxU56Q5SrBP2MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEva3Z3OGdwdURZMFNpb0EtM0ZUbnBEbEtzRV9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMRETxXSOfvWLqzmhJhn
KNAU2U4NNtdgYTnzf3uWJi/9JCn9m8c04EV+WrL0agPtbvq2nicUksX7htZi/V92
dcFBVTWDGtsG1gfTg+0ZO29zVOcYAqHFsAzC66QuqZCW0kZldK+D9TGG+pDL/oh2
SIiquaPIo+0dUEFSk44acrCuHitNNq/JO4jepnr3Mp5NChSP64KEwkuypK+6ET/5
vI1GZH4qU3ngrOjEK3O2nLeb0rogeSYPiD0WGAak3e0U/CFZjVHN25wCgjhKF7yz
rzO8M3jgK0UPvmOC1wreRv9nIVTzeUM/KSu2zb3G+Ef4SPSC7fgvvSuyBYAQX9Fd
lvA=
-----END CERTIFICATE-----
Generated at Tue May 13 04:00:12 2025 by rpki-client