Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KBkVVwUXgn8GEm9bzASt2WpJdkk.roa
File: KBkVVwUXgn8GEm9bzASt2WpJdkk.roa (raw, json)
Hash identifier: +wsZvayTsAMMZ+HyBZbkrq+eDjryVIKFwWRz5L/qRfQ=
Subject key identifier: 28:19:15:57:05:17:82:7F:06:12:6F:5B:CC:04:AD:D9:6A:49:76:49
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018996D410DAB467C61027D21B5E5A8490CC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KBkVVwUXgn8GEm9bzASt2WpJdkk.roa
Signing time: Thu 27 Jul 2023 10:10:27 +0000
ROA not before: Thu 27 Jul 2023 10:10:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:96:d4:10:da:b4:67:c6:10:27:d2:1b:5e:5a:84:90:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 27 10:10:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=281915570517827f06126f5bcc04add96a497649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ef:d5:47:24:c1:1c:97:45:a7:7e:c9:d7:77:
01:1b:74:d8:be:f1:49:c5:fc:35:a3:95:25:d3:7d:
29:d9:ca:0c:05:c5:70:b9:e0:64:9f:ab:0f:b0:08:
91:bf:e6:69:fa:a2:08:e9:72:07:b3:ff:cb:f9:2a:
91:c4:e6:76:ed:0a:90:ab:c3:1f:36:d5:2e:e2:c1:
e3:6d:4d:7e:31:be:30:36:6c:ea:45:dc:66:2c:b6:
19:b6:3e:03:8a:ad:23:4e:cd:f7:5e:4f:0b:af:83:
e0:ce:60:bc:58:4f:8d:2b:fc:2f:aa:48:ff:21:38:
d6:98:f7:62:4a:4e:14:3c:f0:a8:33:8c:2b:14:dc:
ee:c5:18:d6:c3:17:73:08:4c:7d:ea:9d:d7:03:7a:
a2:c8:42:f1:e0:b7:06:2a:87:5a:8c:c7:4d:ec:62:
2d:1c:58:af:47:61:9d:63:ef:a3:c8:81:31:8d:7a:
18:1d:25:de:c8:46:76:36:de:9e:90:72:04:97:90:
cb:8d:a8:2a:c7:80:58:be:af:ba:01:cd:98:b5:7c:
bd:5c:73:d7:aa:16:48:d6:88:40:c0:88:f9:af:42:
1c:87:6e:41:2f:6a:43:d6:d3:e1:ea:ba:27:47:cb:
5b:b4:46:9d:43:eb:38:e5:e3:c0:50:c4:a9:67:4e:
f8:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:19:15:57:05:17:82:7F:06:12:6F:5B:CC:04:AD:D9:6A:49:76:49
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KBkVVwUXgn8GEm9bzASt2WpJdkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:0f:59:40:95:e5:78:7b:f2:e1:db:89:fc:50:1a:dc:d9:e4:
0b:b7:7d:01:76:3c:ae:8f:c9:ac:14:2e:23:9b:72:22:42:28:
ba:99:56:20:dd:1a:c8:4a:6a:d1:99:87:b7:5c:41:33:ce:29:
f8:3c:4a:f6:5e:3f:01:2d:bb:f6:e7:a4:c2:0a:fa:0c:4a:83:
e9:db:e1:10:2b:ad:bc:07:2b:f7:4f:46:db:66:b0:04:c2:f7:
40:42:d0:1d:dd:49:0c:67:0b:05:a3:43:18:5f:6f:62:f7:f8:
1f:c2:5b:d5:18:3d:05:84:b3:4d:13:f7:f6:1c:1f:4e:3a:1c:
e0:77:46:47:3a:3a:57:d4:f7:2a:3f:81:a3:72:f1:ea:59:18:
ec:91:cd:c6:38:33:fe:66:71:1c:01:cb:47:75:cd:36:6f:f3:
9d:c3:33:da:55:5d:35:3e:11:95:d2:2c:b2:4f:91:3a:da:48:
a4:9c:d6:64:1e:b3:10:75:ca:aa:96:73:d3:9e:bf:1b:be:b6:
cb:21:2a:70:0a:1f:fe:31:e8:dd:15:55:5d:2a:38:aa:d2:25:
fd:c3:5b:b4:6c:59:44:b8:27:fb:97:40:b5:c7:9f:f5:89:1b:
71:60:54:68:c6:7d:86:78:f9:8c:76:0a:3a:42:fb:2e:ae:5d:
d8:48:bd:a2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmW1BDatGfGECfSG15ahJDMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzI3MTAxMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODE5MTU1NzA1MTc4MjdmMDYxMjZmNWJjYzA0YWRkOTZhNDk3NjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgO/VRyTBHJdFp37J13cBG3TYvvFJ
xfw1o5Ul030p2coMBcVwueBkn6sPsAiRv+Zp+qII6XIHs//L+SqRxOZ27QqQq8Mf
NtUu4sHjbU1+Mb4wNmzqRdxmLLYZtj4Diq0jTs33Xk8Lr4PgzmC8WE+NK/wvqkj/
ITjWmPdiSk4UPPCoM4wrFNzuxRjWwxdzCEx96p3XA3qiyELx4LcGKodajMdN7GIt
HFivR2GdY++jyIExjXoYHSXeyEZ2Nt6ekHIEl5DLjagqx4BYvq+6Ac2YtXy9XHPX
qhZI1ohAwIj5r0Ich25BL2pD1tPh6ronR8tbtEadQ+s45ePAUMSpZ074/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCgZFVcFF4J/BhJvW8wErdlqSXZJMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS0JrVlZ3VVhnbjhHRW05YnpBU3QyV3BKZGtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB0PWUCV5Xh78uHbifxQ
GtzZ5Au3fQF2PK6PyawULiObciJCKLqZViDdGshKatGZh7dcQTPOKfg8SvZePwEt
u/bnpMIK+gxKg+nb4RArrbwHK/dPRttmsATC90BC0B3dSQxnCwWjQxhfb2L3+B/C
W9UYPQWEs00T9/YcH046HOB3Rkc6OlfU9yo/gaNy8epZGOyRzcY4M/5mcRwBy0d1
zTZv853DM9pVXTU+EZXSLLJPkTraSKSc1mQesxB1yqqWc9Oevxu+tsshKnAKH/4x
6N0VVV0qOKrSJf3DW7RsWUS4J/uXQLXHn/WJG3FgVGjGfYZ4+Yx2CjpC+y6uXdhI
vaI=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:41:52 2025 by rpki-client