Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/K2JtCHSQZR2t79fFqnNWiro6FOk.roa
File: K2JtCHSQZR2t79fFqnNWiro6FOk.roa (raw, json)
Hash identifier: pRKICEorJ5ilXd3r969id9ZddZIOTSKJHGY15msVvm0=
Subject key identifier: 2B:62:6D:08:74:90:65:1D:AD:EF:D7:C5:AA:73:56:8A:BA:3A:14:E9
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018488F195D9AD62E33A0AF83134630D9FDA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/K2JtCHSQZR2t79fFqnNWiro6FOk.roa
Signing time: Fri 18 Nov 2022 04:14:04 +0000
ROA not before: Fri 18 Nov 2022 04:14:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:184:51c3:ad7c/128 maxlen: 128
2001:67c:64:ffff:0:184:3fbd:71f7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:184:4250:a4df/128 maxlen: 128
2001:67c:64:ffff:0:184:75cf:c8d9/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:88:f1:95:d9:ad:62:e3:3a:0a:f8:31:34:63:0d:9f:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Nov 18 04:14:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b626d087490651dadefd7c5aa73568aba3a14e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:27:bb:1e:5a:a5:53:1c:6c:d3:63:15:17:e1:
5a:c4:16:cf:39:13:1a:5c:e7:67:fd:98:25:9a:e3:
6e:4a:30:83:ca:67:f1:1d:8e:c9:ad:bf:45:ce:72:
9e:98:a9:06:c1:88:8d:d9:99:3b:14:c8:b9:c4:ea:
4b:ad:90:dc:9a:a6:5d:71:bf:21:a8:95:e5:e8:ac:
da:bc:66:2f:de:30:94:ae:6c:80:b4:c7:c5:92:ef:
4b:7d:44:c0:31:69:07:92:cc:25:e1:c2:92:7c:a1:
13:67:b7:1f:9e:66:95:cd:59:b1:72:52:5c:ce:b5:
6d:46:05:d5:62:1a:ac:db:72:a6:31:f9:a2:24:59:
22:12:89:a5:b5:c5:57:dd:ab:da:75:f7:0a:20:8d:
d5:cb:87:77:f2:d5:27:fc:2e:0b:90:f8:4e:8b:b8:
3b:19:bc:79:64:b3:d1:31:80:8b:90:88:f7:51:e4:
37:fd:c0:6d:b2:7e:bb:0f:35:91:bf:0f:be:d7:5d:
5b:22:55:71:b4:02:c7:17:4b:f8:99:3c:bc:b3:9b:
98:10:67:c7:cd:fb:e2:37:7c:cb:1d:70:b2:1e:fa:
2a:35:e2:c7:f5:65:9b:e7:69:46:bd:66:a3:47:17:
46:64:1b:97:ab:7e:8b:14:64:d2:6c:bd:45:9f:36:
47:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:62:6D:08:74:90:65:1D:AD:EF:D7:C5:AA:73:56:8A:BA:3A:14:E9
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/K2JtCHSQZR2t79fFqnNWiro6FOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:37:d0:7d:06:2d:33:af:a4:76:c2:d8:c9:45:68:32:33:f0:
9c:25:18:e7:1b:a1:be:68:d9:85:27:15:36:9d:88:2a:ed:34:
e6:a5:99:de:80:08:12:58:0f:cc:f3:d1:ff:14:a2:4b:38:63:
29:f5:7a:32:c4:15:aa:87:8c:f1:58:90:59:2a:64:29:0e:16:
d6:2d:1b:84:6b:bb:44:20:a1:fd:3a:f4:ca:ee:14:2a:62:b6:
72:56:cb:c6:d3:28:5f:5a:bb:fb:44:d3:ba:57:5d:3d:38:9c:
98:41:61:87:0e:7f:a5:70:86:f0:34:79:46:cd:4b:b1:3a:da:
83:e9:6f:69:0e:e7:0c:81:d8:90:cb:87:0b:fc:ae:45:43:3b:
ea:3d:65:e4:ad:8a:f4:f3:99:e4:c5:95:ae:63:a0:99:40:9e:
00:b1:0e:49:cd:85:d0:e5:73:a5:6f:08:29:fd:e8:1f:70:c5:
e9:fe:a2:e4:9e:63:22:44:9a:eb:50:c4:63:9a:5a:6b:98:38:
2c:ed:e7:f5:72:58:ef:b1:46:1e:c7:94:9a:26:1b:4d:6d:bc:
a2:2f:d3:6e:21:30:1d:64:86:1f:25:fc:8d:64:5f:36:94:58:
a6:d4:45:dd:c7:3f:a0:2b:ee:65:eb:6c:26:a2:89:e1:d1:83:
e6:b3:4c:67
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYSI8ZXZrWLjOgr4MTRjDZ/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMTE4MDQxNDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjYyNmQwODc0OTA2NTFkYWRlZmQ3YzVhYTczNTY4YWJhM2ExNGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiye7HlqlUxxs02MVF+FaxBbPORMa
XOdn/ZglmuNuSjCDymfxHY7Jrb9FznKemKkGwYiN2Zk7FMi5xOpLrZDcmqZdcb8h
qJXl6KzavGYv3jCUrmyAtMfFku9LfUTAMWkHkswl4cKSfKETZ7cfnmaVzVmxclJc
zrVtRgXVYhqs23KmMfmiJFkiEomltcVX3avadfcKII3Vy4d38tUn/C4LkPhOi7g7
Gbx5ZLPRMYCLkIj3UeQ3/cBtsn67DzWRvw++111bIlVxtALHF0v4mTy8s5uYEGfH
zfviN3zLHXCyHvoqNeLH9WWb52lGvWajRxdGZBuXq36LFGTSbL1FnzZHMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCtibQh0kGUdre/XxapzVoq6OhTpMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSzJKdENIU1FaUjJ0NzlmRnFuTldpcm82Rk9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGY30H0GLTOvpHbC2MlF
aDIz8JwlGOcbob5o2YUnFTadiCrtNOalmd6ACBJYD8zz0f8Uoks4Yyn1ejLEFaqH
jPFYkFkqZCkOFtYtG4Rru0Qgof069MruFCpitnJWy8bTKF9au/tE07pXXT04nJhB
YYcOf6VwhvA0eUbNS7E62oPpb2kO5wyB2JDLhwv8rkVDO+o9ZeStivTzmeTFla5j
oJlAngCxDknNhdDlc6VvCCn96B9wxen+ouSeYyJEmutQxGOaWmuYOCzt5/VyWO+x
Rh7HlJomG01tvKIv024hMB1khh8l/I1kXzaUWKbURd3HP6Ar7mXrbCaiieHRg+az
TGc=
-----END CERTIFICATE-----
Generated at Fri May 2 13:10:37 2025 by rpki-client