Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3KYxtBgV-cLnIfs6fSe6paESeHQ.roa
File: 3KYxtBgV-cLnIfs6fSe6paESeHQ.roa (raw, json)
Hash identifier: CZJki78BlF2alOWpHpp2ly9+OkmTaWSNlfBDovn1cBI=
Subject key identifier: DC:A6:31:B4:18:15:F9:C2:E7:21:FB:3A:7D:27:BA:A5:A1:12:78:74
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018294C569C7584AF3198DC56F0B08D1FFAF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3KYxtBgV-cLnIfs6fSe6paESeHQ.roa
Signing time: Sat 13 Aug 2022 01:15:41 +0000
ROA not before: Sat 13 Aug 2022 01:15:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:94:c5:69:c7:58:4a:f3:19:8d:c5:6f:0b:08:d1:ff:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 13 01:15:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dca631b41815f9c2e721fb3a7d27baa5a1127874
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e1:83:04:1d:54:94:24:64:53:88:b5:95:3e:
ec:0e:9c:d3:2a:1d:02:b4:28:88:7b:35:8c:2a:f4:
48:c6:21:9e:f9:e6:9d:cf:d4:25:23:c9:ff:bb:23:
2e:fe:16:42:5f:98:37:48:68:51:46:2d:29:77:29:
3b:33:17:78:56:ac:7d:b5:0d:b1:e9:d6:34:e1:18:
49:c2:04:d6:be:dd:e7:37:0f:72:92:21:7b:ff:b5:
ee:b0:6b:99:57:fe:d5:c9:25:b2:ad:1d:52:86:21:
15:c1:d3:43:5d:9f:6b:02:a7:ae:7a:52:f0:77:23:
ee:dc:7f:e7:c8:73:94:08:66:26:36:a3:16:b2:a2:
27:4f:8e:4a:79:29:58:fd:6a:f2:cc:37:95:73:27:
07:84:61:ff:2c:89:92:39:77:98:34:d8:7a:85:5f:
10:4d:2d:6c:5d:4c:09:f9:9e:b8:59:26:01:d4:76:
5c:0d:5d:f4:92:51:47:1c:03:cc:2b:cc:46:c4:2b:
e9:23:1d:73:6d:f4:ef:91:bb:92:d0:26:4b:3c:c3:
30:f8:20:38:12:ae:27:f6:81:09:d7:ff:92:15:7c:
98:19:5f:30:93:82:53:54:a3:c1:76:2d:73:4c:12:
14:af:e4:8d:e3:3d:bb:87:54:47:73:f0:75:8e:66:
e5:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A6:31:B4:18:15:F9:C2:E7:21:FB:3A:7D:27:BA:A5:A1:12:78:74
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/3KYxtBgV-cLnIfs6fSe6paESeHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:23:71:d1:7a:4f:a2:14:92:c0:a5:5b:e4:e5:48:62:28:ba:
0b:38:e3:22:28:ec:ad:60:f1:5e:4b:f2:51:63:0f:0e:82:99:
88:33:d4:ff:76:7f:ba:e4:9f:28:04:06:c3:b9:92:9f:20:c5:
03:54:83:89:bd:1a:ec:f9:91:72:94:5f:d3:50:4f:fe:26:bb:
d8:0e:45:e2:53:cf:a8:a2:0c:f7:77:67:e0:55:93:6d:96:1f:
29:6e:64:0b:02:5f:99:bd:c3:7f:78:30:70:bf:b2:ec:97:2a:
69:50:58:16:57:f9:d6:29:b2:47:f6:69:bf:4d:46:b4:e0:05:
bf:f5:2d:5a:0c:4d:98:fc:9f:ef:64:fe:7d:78:8d:b9:d7:46:
a7:1d:0f:1c:eb:fe:78:c0:16:db:07:de:84:11:8d:d5:8f:88:
17:16:34:b1:fa:b8:56:10:f0:53:dc:01:14:c2:ef:1f:65:aa:
97:95:73:91:a0:cf:17:79:7e:70:90:b9:13:cb:b2:e0:2a:a0:
5e:f0:84:52:a7:92:cf:68:74:19:6c:61:0e:ab:05:98:59:dd:
29:76:99:ae:44:47:92:88:e0:55:dd:eb:2e:6f:2c:0d:cb:5c:
2d:df:cc:59:62:aa:3f:15:fa:6d:6d:52:99:b4:e8:57:ea:89:
3e:22:b2:a8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYKUxWnHWErzGY3FbwsI0f+vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwODEzMDExNTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2E2MzFiNDE4MTVmOWMyZTcyMWZiM2E3ZDI3YmFhNWExMTI3ODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguGDBB1UlCRkU4i1lT7sDpzTKh0C
tCiIezWMKvRIxiGe+eadz9QlI8n/uyMu/hZCX5g3SGhRRi0pdyk7Mxd4Vqx9tQ2x
6dY04RhJwgTWvt3nNw9ykiF7/7XusGuZV/7VySWyrR1ShiEVwdNDXZ9rAqeuelLw
dyPu3H/nyHOUCGYmNqMWsqInT45KeSlY/WryzDeVcycHhGH/LImSOXeYNNh6hV8Q
TS1sXUwJ+Z64WSYB1HZcDV30klFHHAPMK8xGxCvpIx1zbfTvkbuS0CZLPMMw+CA4
Eq4n9oEJ1/+SFXyYGV8wk4JTVKPBdi1zTBIUr+SN4z27h1RHc/B1jmblBQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNymMbQYFfnC5yH7On0nuqWhEnh0MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvM0tZeHRCZ1YtY0xuSWZzNmZTZTZwYUVTZUhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGEjcdF6T6IUksClW+Tl
SGIougs44yIo7K1g8V5L8lFjDw6CmYgz1P92f7rknygEBsO5kp8gxQNUg4m9Guz5
kXKUX9NQT/4mu9gOReJTz6iiDPd3Z+BVk22WHyluZAsCX5m9w394MHC/suyXKmlQ
WBZX+dYpskf2ab9NRrTgBb/1LVoMTZj8n+9k/n14jbnXRqcdDxzr/njAFtsH3oQR
jdWPiBcWNLH6uFYQ8FPcARTC7x9lqpeVc5Ggzxd5fnCQuRPLsuAqoF7whFKnks9o
dBlsYQ6rBZhZ3Sl2ma5ER5KI4FXd6y5vLA3LXC3fzFliqj8V+m1tUpm06FfqiT4i
sqg=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:42:41 2025 by rpki-client