Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/K21O3e7tfXa_jYCPRB3qZHR_HkA.roa
File: K21O3e7tfXa_jYCPRB3qZHR_HkA.roa (raw, json)
Hash identifier: uM08gkzw02grBOfoW76cg+PpsR90XVJ2KfwWIu+f/zQ=
Subject key identifier: 2B:6D:4E:DD:EE:ED:7D:76:BF:8D:80:8F:44:1D:EA:64:74:7F:1E:40
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01858EEC3179E6465541A77B142DEAAAF44F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/K21O3e7tfXa_jYCPRB3qZHR_HkA.roa
Signing time: Sun 08 Jan 2023 01:08:41 +0000
ROA not before: Sun 08 Jan 2023 01:08:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:8e:ec:31:79:e6:46:55:41:a7:7b:14:2d:ea:aa:f4:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 8 01:08:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b6d4eddeeed7d76bf8d808f441dea64747f1e40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:89:81:76:37:5f:ff:3e:22:77:79:26:48:10:
15:60:e4:d0:f1:a1:13:d6:fc:4f:41:3f:c4:3b:3e:
e1:18:eb:f1:17:31:ad:b3:40:28:3d:b6:72:d6:92:
3b:db:dc:af:91:94:98:a3:c9:7f:8d:6a:6e:9e:4e:
f6:b3:1c:07:2f:5a:aa:33:81:fc:a5:d3:e9:6a:cd:
e5:4c:c0:42:63:bc:e7:d9:10:02:cc:c5:5c:3c:23:
8a:8e:53:38:bd:a3:a0:89:ea:39:62:70:c1:77:fb:
de:bc:50:f8:23:a0:68:e8:d5:0b:81:7a:8a:61:0d:
55:45:5d:ca:56:0d:6f:6b:08:e0:ca:4d:c5:7b:47:
fc:a2:af:0f:8d:90:27:c7:48:4b:d1:01:e5:cd:17:
52:10:2e:dc:bb:7b:80:d6:f9:26:63:04:db:08:77:
19:1f:e1:34:78:e9:c7:93:08:b5:80:cd:19:89:74:
0b:86:79:ea:ad:bd:b4:05:66:31:28:31:f9:84:b6:
b5:b5:2e:2e:11:39:07:6f:d6:5f:87:41:6d:75:1d:
5b:be:5c:b5:a1:9b:c9:73:2d:8b:aa:09:b3:b5:4d:
34:7b:45:5d:d5:1f:14:e9:5e:95:31:ab:d9:bf:22:
6f:ac:4f:c4:1d:7f:ea:a8:59:4c:4e:76:26:eb:54:
9d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:6D:4E:DD:EE:ED:7D:76:BF:8D:80:8F:44:1D:EA:64:74:7F:1E:40
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/K21O3e7tfXa_jYCPRB3qZHR_HkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
87:2c:07:25:29:27:9d:4c:3e:d0:17:f5:d8:86:3e:c8:61:e1:
0e:fd:2d:6d:59:05:a5:ec:f6:31:1b:af:bb:67:90:83:9a:0d:
50:ac:7e:25:5c:83:40:1f:0e:ca:70:e0:3d:d5:5f:cf:77:3d:
fe:c7:c5:82:e8:79:86:8c:88:fa:b1:fd:7f:46:c7:36:81:9f:
cc:52:29:cd:54:ec:81:b2:31:1e:8c:1d:c1:ec:7d:f5:b9:24:
a0:96:ad:34:d9:d6:f1:b5:96:5b:a5:4f:46:13:c3:d7:aa:7d:
36:fa:89:0c:8b:f2:fa:70:b5:06:04:45:cc:15:3e:a8:f3:92:
ec:18:b9:69:67:dc:a2:62:74:a6:62:9c:45:4f:ca:7a:62:44:
cc:44:da:c1:28:74:00:49:a6:db:79:dc:83:2d:e3:01:d8:26:
2b:fa:b0:6a:ec:d6:d6:c1:fd:21:1a:59:ad:85:81:28:ec:59:
23:ed:85:4f:53:b6:25:ae:1e:e6:79:2a:4d:c0:64:38:5a:81:
eb:9a:7b:ee:bc:02:bc:fa:a2:04:c2:7e:65:d1:57:93:f2:69:
4b:b5:7d:24:5d:49:76:3b:05:7b:cf:17:dc:7b:3d:33:f1:a2:
d8:ae:ae:0a:9d:1f:08:6b:44:02:e2:31:59:2d:ee:36:ff:e1:
3c:4c:58:8f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWO7DF55kZVQad7FC3qqvRPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA4MDEwODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjZkNGVkZGVlZWQ3ZDc2YmY4ZDgwOGY0NDFkZWE2NDc0N2YxZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYmBdjdf/z4id3kmSBAVYOTQ8aET
1vxPQT/EOz7hGOvxFzGts0AoPbZy1pI729yvkZSYo8l/jWpunk72sxwHL1qqM4H8
pdPpas3lTMBCY7zn2RACzMVcPCOKjlM4vaOgieo5YnDBd/vevFD4I6Bo6NULgXqK
YQ1VRV3KVg1vawjgyk3Fe0f8oq8PjZAnx0hL0QHlzRdSEC7cu3uA1vkmYwTbCHcZ
H+E0eOnHkwi1gM0ZiXQLhnnqrb20BWYxKDH5hLa1tS4uETkHb9Zfh0FtdR1bvly1
oZvJcy2LqgmztU00e0Vd1R8U6V6VMavZvyJvrE/EHX/qqFlMTnYm61SdIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCttTt3u7X12v42Aj0Qd6mR0fx5AMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSzIxTzNlN3RmWGFfallDUFJCM3FaSFJfSGtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIcsByUpJ51MPtAX9diG
Pshh4Q79LW1ZBaXs9jEbr7tnkIOaDVCsfiVcg0AfDspw4D3VX893Pf7HxYLoeYaM
iPqx/X9GxzaBn8xSKc1U7IGyMR6MHcHsffW5JKCWrTTZ1vG1llulT0YTw9eqfTb6
iQyL8vpwtQYERcwVPqjzkuwYuWln3KJidKZinEVPynpiRMxE2sEodABJptt53IMt
4wHYJiv6sGrs1tbB/SEaWa2FgSjsWSPthU9TtiWuHuZ5Kk3AZDhageuae+68Arz6
ogTCfmXRV5PyaUu1fSRdSXY7BXvPF9x7PTPxotiurgqdHwhrRALiMVkt7jb/4TxM
WI8=
-----END CERTIFICATE-----
Generated at Thu May 1 05:55:06 2025 by rpki-client