Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KSuALEbi03gWHwRKNzYwqXvzJ3Y.roa
File: KSuALEbi03gWHwRKNzYwqXvzJ3Y.roa (raw, json)
Hash identifier: +Kf/egys53gMXrgbAxgmXnkRk3Kn1NYvrgb/h4YwTtY=
Subject key identifier: 29:2B:80:2C:46:E2:D3:78:16:1F:04:4A:37:36:30:A9:7B:F3:27:76
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4767E0155F098248BCA387270D3CC4B6
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KSuALEbi03gWHwRKNzYwqXvzJ3Y.roa
Signing time: Wed 30 Aug 2023 17:05:04 +0000
ROA not before: Wed 30 Aug 2023 17:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:4767:1311/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:47:67:e0:15:5f:09:82:48:bc:a3:87:27:0d:3c:c4:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 30 17:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=292b802c46e2d378161f044a373630a97bf32776
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:93:a2:7c:06:86:b2:46:b7:ed:ef:d6:13:bd:
f9:24:a3:d4:40:89:1b:74:79:d6:b5:a9:f7:6d:46:
b5:0e:b9:af:91:39:eb:0a:7b:55:8a:90:ad:61:9b:
af:e1:ff:c9:b2:09:9c:af:ac:58:ec:22:c8:d6:8d:
0f:e8:78:7f:21:c0:75:5c:0a:7c:28:e2:96:e3:cd:
b9:d9:f7:fd:c3:a1:79:44:57:6a:ee:5d:53:83:01:
df:88:bf:4b:0e:05:2b:d8:e6:22:a9:5c:e1:92:de:
48:ba:72:41:d7:39:a0:a5:95:f0:d2:a7:a8:a8:be:
9a:97:95:2d:68:47:90:3c:88:cf:c1:ec:72:0b:dd:
c5:31:16:b5:ac:05:59:bb:5a:4e:ef:6d:22:77:cf:
18:a9:30:b5:ff:c3:c5:7d:6d:b8:0d:0f:58:e2:2f:
4f:43:ce:ef:3b:54:c8:0b:1d:fd:9b:d9:43:2e:92:
ae:db:7a:02:03:1a:48:2a:5c:08:b8:23:8d:f6:5a:
87:3c:59:bb:cd:94:9c:34:a6:9d:25:fb:1c:75:84:
00:82:e2:58:12:a2:b4:fd:d9:30:53:1f:2c:bc:94:
c1:6c:a2:22:43:77:5c:57:cb:b3:53:35:af:55:d0:
40:15:fb:75:5a:2b:96:3a:cd:33:c1:3f:14:52:05:
5b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:2B:80:2C:46:E2:D3:78:16:1F:04:4A:37:36:30:A9:7B:F3:27:76
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/KSuALEbi03gWHwRKNzYwqXvzJ3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:f1:d9:c6:f8:f0:67:11:58:9b:e6:fe:df:91:d5:6e:b1:34:
77:52:c0:35:3b:1c:26:58:46:b7:e2:4b:07:78:9e:15:68:7a:
1a:2c:53:cd:6f:84:c0:3f:c6:6b:1b:db:4c:a0:3a:8f:63:44:
25:64:93:e1:91:b2:20:57:c1:ed:e8:9f:e3:1d:76:ae:14:8d:
21:d8:6c:72:bd:b9:64:5e:76:8b:45:30:05:9e:5c:8c:ee:6e:
42:bf:cf:9c:cb:6e:88:ef:64:4f:86:01:2f:2d:b4:9c:44:f9:
86:d0:0b:15:fd:26:93:be:fc:96:7c:de:a7:49:d1:03:75:34:
13:31:0a:7c:dd:c2:b8:5c:66:ae:80:1a:2b:5b:3c:85:8c:65:
64:6d:d9:f7:fc:53:7e:df:a0:2e:91:e1:85:82:18:a1:cc:e6:
3f:dd:6c:da:8a:c5:62:97:1a:69:e8:db:c8:05:24:f0:4c:68:
be:68:a4:c9:aa:c2:33:53:e4:5f:5a:5c:fd:28:db:c5:3d:f2:
c8:0f:a2:e6:5c:d6:d1:37:53:4c:91:60:62:33:66:a0:1b:74:
da:10:2a:c0:c8:fc:b0:60:b1:f4:1e:d5:7f:e3:3b:c5:e8:7e:
93:cc:4f:50:d2:75:4a:20:39:17:22:5d:cc:2c:52:22:fb:ed:
2f:3f:2b:90
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpHZ+AVXwmCSLyjhycNPMS2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMwMTcwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTJiODAyYzQ2ZTJkMzc4MTYxZjA0NGEzNzM2MzBhOTdiZjMyNzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJOifAaGska37e/WE735JKPUQIkb
dHnWtan3bUa1DrmvkTnrCntVipCtYZuv4f/Jsgmcr6xY7CLI1o0P6Hh/IcB1XAp8
KOKW48252ff9w6F5RFdq7l1TgwHfiL9LDgUr2OYiqVzhkt5IunJB1zmgpZXw0qeo
qL6al5UtaEeQPIjPwexyC93FMRa1rAVZu1pO720id88YqTC1/8PFfW24DQ9Y4i9P
Q87vO1TICx39m9lDLpKu23oCAxpIKlwIuCON9lqHPFm7zZScNKadJfscdYQAguJY
EqK0/dkwUx8svJTBbKIiQ3dcV8uzUzWvVdBAFft1WiuWOs0zwT8UUgVbBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCkrgCxG4tN4Fh8ESjc2MKl78yd2MB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvS1N1QUxFYmkwM2dXSHdSS056WXdxWHZ6SjNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEvx2cb48GcRWJvm/t+R
1W6xNHdSwDU7HCZYRrfiSwd4nhVoehosU81vhMA/xmsb20ygOo9jRCVkk+GRsiBX
we3on+Mddq4UjSHYbHK9uWRedotFMAWeXIzubkK/z5zLbojvZE+GAS8ttJxE+YbQ
CxX9JpO+/JZ83qdJ0QN1NBMxCnzdwrhcZq6AGitbPIWMZWRt2ff8U37foC6R4YWC
GKHM5j/dbNqKxWKXGmno28gFJPBMaL5opMmqwjNT5F9aXP0o28U98sgPouZc1tE3
U0yRYGIzZqAbdNoQKsDI/LBgsfQe1X/jO8XofpPMT1DSdUogORciXcwsUiL77S8/
K5A=
-----END CERTIFICATE-----
Generated at Sun May 11 18:27:39 2025 by rpki-client