Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KESea9XTUEsyrDMykQscyBxzkdg.roa
File: KESea9XTUEsyrDMykQscyBxzkdg.roa (raw, json)
Hash identifier: ZhKV8sTeXCYtU0f5jMJMTc87PCP9Nm3seEQYh7sFiK4=
Subject key identifier: 28:44:9E:6B:D5:D3:50:4B:32:AC:33:32:91:0B:1C:C8:1C:73:91:D8
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185D8F562513EFB09BB7A1C4100EB8E46A9
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KESea9XTUEsyrDMykQscyBxzkdg.roa
Signing time: Sun 22 Jan 2023 10:10:38 +0000
ROA not before: Sun 22 Jan 2023 10:10:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:d8:f5:62:51:3e:fb:09:bb:7a:1c:41:00:eb:8e:46:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 22 10:10:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28449e6bd5d3504b32ac3332910b1cc81c7391d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:cc:ef:2c:84:c8:2f:75:92:e1:b9:75:d7:4d:
b1:7c:df:b0:bb:89:37:3c:38:05:03:66:d3:f5:7d:
5f:ac:aa:9c:c3:f4:d6:90:1f:bd:40:84:ee:51:32:
6b:bf:cb:32:64:31:e7:da:52:00:dc:2d:87:4b:ba:
6a:24:f7:39:02:28:b0:99:44:48:e0:b3:b2:a7:77:
e1:13:55:56:9d:00:c6:6d:45:30:64:fd:cb:90:48:
8b:e0:65:e4:27:cc:f1:1a:95:2b:77:5d:0c:e7:e5:
06:07:42:f1:69:16:3b:d1:78:28:ca:76:74:e3:aa:
b5:3e:7d:1d:a7:83:d8:f8:03:be:15:1a:cd:bc:32:
d1:4d:37:a0:56:c6:56:78:e3:00:3b:bf:c0:1c:a5:
61:31:48:f9:c9:1b:49:ec:9d:f3:18:24:67:d8:5d:
24:0d:c2:6b:91:eb:a1:65:a5:08:ba:7c:bf:e9:6d:
a8:0c:82:b4:97:2d:a5:4d:7b:18:8d:15:43:30:8a:
99:1e:40:08:a4:d0:f8:f7:a9:6e:90:04:58:a6:3a:
fb:1a:5c:36:21:0a:d9:ae:a4:9e:8f:16:87:a3:9b:
3f:6c:0b:59:75:39:cf:96:1f:c5:9d:f5:9e:d1:70:
22:46:13:0f:f7:f3:40:17:d1:78:2f:1f:7c:a9:61:
e0:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:44:9E:6B:D5:D3:50:4B:32:AC:33:32:91:0B:1C:C8:1C:73:91:D8
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KESea9XTUEsyrDMykQscyBxzkdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
00:0d:e2:da:b8:5d:68:c1:8a:55:59:8b:4d:9e:b1:c6:63:e2:
47:63:d6:b0:fc:71:fb:72:68:02:db:43:6c:d1:fe:c1:cc:a9:
9d:45:b7:46:da:59:60:00:e4:0e:a9:d4:9e:68:25:34:86:78:
1d:f7:78:de:12:00:02:bd:72:79:ed:b8:78:52:77:e3:e4:6f:
e5:fb:7f:5f:52:aa:4c:f9:ba:e3:df:0b:e1:cc:e8:88:38:8d:
7d:90:8d:3f:07:1f:d8:78:7f:04:bd:e8:eb:94:07:94:0e:23:
4c:95:32:9a:7d:06:0c:32:b9:3c:f5:d5:b9:c1:fc:e5:26:af:
27:16:6c:a7:71:4e:cd:43:80:5b:bf:eb:d5:79:20:d0:27:6b:
98:0c:93:4c:ce:56:35:a1:d4:7e:ed:55:3d:b6:ef:5f:19:8d:
ae:5b:22:43:b6:1e:18:2a:dc:dc:37:18:94:97:e2:e9:40:ec:
a2:2a:7e:80:e6:20:2a:74:24:7f:cb:41:88:3a:22:92:db:9a:
a3:7c:e8:e6:17:14:a0:28:a6:c9:e0:b9:7b:d0:e7:77:bd:9d:
a2:d0:7c:dd:fa:77:76:2a:c8:30:9a:52:f0:14:4c:30:34:fe:
d8:5d:d4:91:c6:22:20:ac:78:53:30:d3:80:e3:06:b7:08:c5:
c2:ef:17:6b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXY9WJRPvsJu3ocQQDrjkapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTIyMTAxMDM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODQ0OWU2YmQ1ZDM1MDRiMzJhYzMzMzI5MTBiMWNjODFjNzM5MWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMzvLITIL3WS4bl1102xfN+wu4k3
PDgFA2bT9X1frKqcw/TWkB+9QITuUTJrv8syZDHn2lIA3C2HS7pqJPc5AiiwmURI
4LOyp3fhE1VWnQDGbUUwZP3LkEiL4GXkJ8zxGpUrd10M5+UGB0LxaRY70XgoynZ0
46q1Pn0dp4PY+AO+FRrNvDLRTTegVsZWeOMAO7/AHKVhMUj5yRtJ7J3zGCRn2F0k
DcJrkeuhZaUIuny/6W2oDIK0ly2lTXsYjRVDMIqZHkAIpND496lukARYpjr7Glw2
IQrZrqSejxaHo5s/bAtZdTnPlh/FnfWe0XAiRhMP9/NAF9F4Lx98qWHgqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFChEnmvV01BLMqwzMpELHMgcc5HYMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS0VTZWE5WFRVRXN5ckRNeWtRc2N5Qnh6a2RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAAN4tq4XWjBilVZi02e
scZj4kdj1rD8cftyaALbQ2zR/sHMqZ1Ft0baWWAA5A6p1J5oJTSGeB33eN4SAAK9
cnntuHhSd+Pkb+X7f19Sqkz5uuPfC+HM6Ig4jX2QjT8HH9h4fwS96OuUB5QOI0yV
Mpp9BgwyuTz11bnB/OUmrycWbKdxTs1DgFu/69V5INAna5gMk0zOVjWh1H7tVT22
718Zja5bIkO2Hhgq3Nw3GJSX4ulA7KIqfoDmICp0JH/LQYg6IpLbmqN86OYXFKAo
psnguXvQ53e9naLQfN36d3YqyDCaUvAUTDA0/thd1JHGIiCseFMw04DjBrcIxcLv
F2s=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:35:01 2025 by rpki-client