Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kt8TaYWpDxWSedFgmGYCGTTVUJE.roa
File: kt8TaYWpDxWSedFgmGYCGTTVUJE.roa (raw, json)
Hash identifier: heWw823sFTCWJNIUo29rkS7C6on3SPjmIMYFJEAovUQ=
Subject key identifier: 92:DF:13:69:85:A9:0F:15:92:79:D1:60:98:66:02:19:34:D5:50:91
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C423C4458BD4D673E40F65DA17537AAC6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kt8TaYWpDxWSedFgmGYCGTTVUJE.roa
Signing time: Thu 07 Dec 2023 03:04:54 +0000
ROA not before: Thu 07 Dec 2023 03:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18c:423b:eba8/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:42:3c:44:58:bd:4d:67:3e:40:f6:5d:a1:75:37:aa:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 7 03:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92df136985a90f159279d1609866021934d55091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d2:11:c1:47:2b:22:90:ed:1a:86:3e:f5:4b:
77:10:a3:d0:22:e5:ff:08:9c:1e:57:3b:d8:82:97:
a3:c6:4b:f9:57:9f:1c:79:36:7f:61:29:ce:f2:01:
dc:55:26:c9:03:e9:75:2a:86:58:57:71:9d:95:fd:
31:c3:8c:f7:f4:b8:fa:74:eb:e4:2e:f2:07:38:ac:
db:c6:c0:3f:de:05:2a:9c:2b:7e:12:db:0f:b0:c0:
7f:9a:bc:00:3a:ee:46:a6:4c:92:fb:a1:ea:aa:34:
ef:e5:65:11:40:8f:bf:9d:59:e0:d2:69:b6:79:46:
80:0f:df:2f:19:a0:b6:f4:bf:19:de:57:98:0e:05:
47:be:f8:06:20:68:58:4f:f8:67:5a:2a:3d:da:85:
b4:8f:95:cc:7c:6e:50:30:7c:a7:ff:2c:55:3f:fc:
f9:54:c2:80:8e:3d:5a:42:96:32:65:ed:c6:4f:56:
c2:c9:f4:e1:9b:e3:39:d2:cd:b5:dc:4c:91:fa:09:
0f:82:44:f5:b0:84:fa:b6:01:61:7c:32:d4:84:4a:
76:38:3d:5a:10:07:d7:5e:05:38:df:85:3b:85:54:
57:32:b7:a3:1e:7f:34:10:7f:e0:a7:1e:01:d9:bc:
66:a2:80:4d:7e:af:60:06:34:f3:3f:e4:b5:df:29:
86:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:DF:13:69:85:A9:0F:15:92:79:D1:60:98:66:02:19:34:D5:50:91
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kt8TaYWpDxWSedFgmGYCGTTVUJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
00:d4:e2:63:d2:49:5d:3b:82:dd:f7:3d:53:93:d9:7a:75:0e:
ca:80:c4:3f:3f:c2:f7:e4:0e:82:21:2c:c8:c1:09:5f:89:99:
ce:c6:a6:f3:f8:8f:04:6c:94:4e:02:36:ae:7e:36:10:7f:21:
ad:22:0f:50:dd:77:e2:24:c3:0b:a9:6c:b6:97:2f:9b:01:5c:
a5:f7:2a:c5:52:2c:b8:f4:29:49:7a:0f:49:27:b4:4c:25:8c:
af:81:05:4a:3c:67:b0:51:01:59:fd:3e:7f:39:6e:9a:a1:da:
90:d7:1c:49:29:01:1c:88:e6:a6:c1:31:2c:ac:f6:10:ba:e0:
65:77:da:87:40:d0:6d:47:0b:c6:0e:86:41:98:04:1a:60:8e:
d2:11:b4:9b:a6:33:5a:99:05:ee:c3:70:95:03:06:62:c2:2a:
ea:5c:e7:90:e2:b1:47:56:da:4c:6f:ac:e6:67:f6:24:da:87:
7c:49:e6:87:a4:66:d4:79:df:92:3b:4a:16:63:f9:7b:62:f3:
06:df:5a:a6:64:54:92:f9:b8:fd:cc:1f:a6:e8:8d:50:17:b4:
cf:2e:8c:d6:76:a2:0b:cb:a8:12:2c:6a:4f:15:8b:cf:29:67:
a1:f7:b7:ed:f4:7c:9e:bc:9e:81:4c:b1:f5:1b:43:61:43:a5:
df:48:a5:56
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxCPERYvU1nPkD2XaF1N6rGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA3MDMwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmRmMTM2OTg1YTkwZjE1OTI3OWQxNjA5ODY2MDIxOTM0ZDU1MDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotIRwUcrIpDtGoY+9Ut3EKPQIuX/
CJweVzvYgpejxkv5V58ceTZ/YSnO8gHcVSbJA+l1KoZYV3Gdlf0xw4z39Lj6dOvk
LvIHOKzbxsA/3gUqnCt+EtsPsMB/mrwAOu5GpkyS+6HqqjTv5WURQI+/nVng0mm2
eUaAD98vGaC29L8Z3leYDgVHvvgGIGhYT/hnWio92oW0j5XMfG5QMHyn/yxVP/z5
VMKAjj1aQpYyZe3GT1bCyfThm+M50s213EyR+gkPgkT1sIT6tgFhfDLUhEp2OD1a
EAfXXgU434U7hVRXMrejHn80EH/gpx4B2bxmooBNfq9gBjTzP+S13ymGrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJLfE2mFqQ8VknnRYJhmAhk01VCRMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEva3Q4VGFZV3BEeFdTZWRGZ21HWUNHVFRWVUpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAADU4mPSSV07gt33PVOT
2Xp1DsqAxD8/wvfkDoIhLMjBCV+Jmc7GpvP4jwRslE4CNq5+NhB/Ia0iD1Ddd+Ik
wwupbLaXL5sBXKX3KsVSLLj0KUl6D0kntEwljK+BBUo8Z7BRAVn9Pn85bpqh2pDX
HEkpARyI5qbBMSys9hC64GV32odA0G1HC8YOhkGYBBpgjtIRtJumM1qZBe7DcJUD
BmLCKupc55DisUdW2kxvrOZn9iTah3xJ5oekZtR535I7ShZj+Xti8wbfWqZkVJL5
uP3MH6bojVAXtM8ujNZ2ogvLqBIsak8Vi88pZ6H3t+30fJ68noFMsfUbQ2FDpd9I
pVY=
-----END CERTIFICATE-----
Generated at Wed Jun 18 08:27:36 2025 by rpki-client