Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0KfwKeNAEXON55mC6fyym5wLtwY.roa
File: 0KfwKeNAEXON55mC6fyym5wLtwY.roa (raw, json)
Hash identifier: FnJgByotxQq/h/Us08oAcLVUsuR+Zs0uPA/AC1Ek5Xw=
Subject key identifier: D0:A7:F0:29:E3:40:11:73:8D:E7:99:82:E9:FC:B2:9B:9C:0B:B7:06
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 7592D18E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0KfwKeNAEXON55mC6fyym5wLtwY.roa
Signing time: Fri 25 Mar 2022 13:11:21 +0000
ROA not before: Fri 25 Mar 2022 13:11:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64:ffff:0:17f:20ac:a2bd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:17f:87e3:2531/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1972556174 (0x7592d18e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 25 13:11:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d0a7f029e34011738de79982e9fcb29b9c0bb706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d7:0e:62:85:58:44:73:e2:07:4b:e0:e7:7b:
ff:85:b6:57:d9:ae:2d:3a:55:e8:c0:26:22:5d:57:
cc:41:cb:0b:bb:03:45:8a:35:7b:8a:85:33:b0:9c:
79:77:fa:ba:25:fc:73:6c:c9:33:15:13:b6:b9:37:
90:60:5d:51:bc:6d:8c:8e:da:b6:a4:f6:9d:64:3d:
ac:57:00:e2:eb:61:11:42:70:7b:84:fb:3d:3e:8d:
af:e7:1e:92:ca:3e:cd:0f:e7:3b:20:99:63:6f:cb:
ac:a0:30:c0:75:c6:57:dd:2b:40:cb:3a:9d:db:6f:
fc:25:ce:ef:ed:b1:77:d9:40:d7:b8:8b:02:d6:06:
2c:61:48:fc:96:78:76:c4:d0:fd:e1:5f:67:76:73:
b0:8e:f1:0d:2e:d5:d0:09:61:f1:35:1f:bc:f6:ea:
da:c8:01:a4:da:d7:7a:70:3c:cd:41:30:c5:d9:70:
05:ec:7a:da:10:db:eb:24:60:43:a0:e3:60:f4:3a:
6f:81:09:a9:94:b2:31:02:50:3c:59:5f:f3:dd:89:
65:fc:0d:7c:77:95:c7:26:45:b2:1e:06:df:58:09:
65:3d:21:45:50:73:3b:77:bf:1c:a2:77:13:5d:f7:
d1:20:e8:3f:1e:81:1d:fc:6e:e4:aa:90:97:c4:a1:
0d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:A7:F0:29:E3:40:11:73:8D:E7:99:82:E9:FC:B2:9B:9C:0B:B7:06
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/0KfwKeNAEXON55mC6fyym5wLtwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
32:4e:a9:b5:01:01:47:7d:18:94:c7:bd:49:e0:22:2c:76:6d:
41:7e:09:53:9d:54:6d:8b:0b:65:f7:ef:4e:8f:80:5c:14:68:
9e:bf:5a:b5:01:2d:ea:45:be:4e:a7:90:37:51:e7:98:46:51:
7c:b9:38:f1:ee:71:df:96:10:b2:40:a8:42:bf:3b:4a:52:38:
e5:1d:c7:19:fa:87:24:b8:02:f1:eb:63:17:5c:1d:d5:b7:94:
69:93:6b:7f:92:92:ba:cb:ca:52:53:76:ed:81:e4:73:89:58:
93:c8:61:6d:5c:01:39:02:af:90:85:32:99:2e:13:21:3d:13:
06:b9:f1:10:d8:e6:85:49:13:6d:42:73:3f:d0:77:e9:e4:15:
8f:66:6e:66:3f:0f:02:bb:23:bc:00:18:6c:41:45:d2:2f:8e:
48:6d:99:38:d5:59:d9:4c:5e:61:e8:79:7c:f6:97:fb:70:92:
7d:08:fb:83:a7:a9:ae:64:71:f8:b3:ee:8b:f8:b3:5e:9f:0a:
02:ce:4c:f3:65:30:3f:ec:11:f8:12:a6:31:a9:48:d7:60:89:
28:ef:04:d8:dc:3a:29:91:a4:4a:62:e2:54:f6:ea:96:c4:e3:
89:5e:d9:62:7d:75:a1:4a:bb:94:8e:c1:a5:5c:7a:05:99:20:
84:d1:21:b0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEdZLRjjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDMy
NTEzMTEyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDBhN2YwMjllMzQw
MTE3MzhkZTc5OTgyZTlmY2IyOWI5YzBiYjcwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALvXDmKFWERz4gdL4Od7/4W2V9muLTpV6MAmIl1XzEHLC7sD
RYo1e4qFM7CceXf6uiX8c2zJMxUTtrk3kGBdUbxtjI7atqT2nWQ9rFcA4uthEUJw
e4T7PT6Nr+cekso+zQ/nOyCZY2/LrKAwwHXGV90rQMs6ndtv/CXO7+2xd9lA17iL
AtYGLGFI/JZ4dsTQ/eFfZ3ZzsI7xDS7V0Alh8TUfvPbq2sgBpNrXenA8zUEwxdlw
Bex62hDb6yRgQ6DjYPQ6b4EJqZSyMQJQPFlf892JZfwNfHeVxyZFsh4G31gJZT0h
RVBzO3e/HKJ3E1330SDoPx6BHfxu5KqQl8ShDXsCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTQp/Ap40ARc43nmYLp/LKbnAu3BjAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
LzBLZndLZU5BRVhPTjU1bUM2Znl5bTV3THR3WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQAyTqm1AQFHfRiUx71J4CIsdm1BfglTnVRtiwtl
9+9Oj4BcFGiev1q1AS3qRb5Op5A3UeeYRlF8uTjx7nHflhCyQKhCvztKUjjlHccZ
+ockuALx62MXXB3Vt5Rpk2t/kpK6y8pSU3btgeRziViTyGFtXAE5Aq+QhTKZLhMh
PRMGufEQ2OaFSRNtQnM/0Hfp5BWPZm5mPw8CuyO8ABhsQUXSL45IbZk41VnZTF5h
6Hl89pf7cJJ9CPuDp6muZHH4s+6L+LNenwoCzkzzZTA/7BH4EqYxqUjXYIko7wTY
3DopkaRKYuJU9uqWxOOJXtlifXWhSruUjsGlXHoFmSCE0SGw
-----END CERTIFICATE-----
Generated at Fri May 2 12:35:34 2025 by rpki-client