Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KGMl8TUpEyRvXTJR2fDC4MO2oqI.roa
File: KGMl8TUpEyRvXTJR2fDC4MO2oqI.roa (raw, json)
Hash identifier: HdnMkm8kFQjm5vnuUuGmzPc7datf4zhKlVqytTOtKVc=
Subject key identifier: 28:63:25:F1:35:29:13:24:6F:5D:32:51:D9:F0:C2:E0:C3:B6:A2:A2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01851DD71E56776B12BF6739BA408C75FBAE
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KGMl8TUpEyRvXTJR2fDC4MO2oqI.roa
Signing time: Sat 17 Dec 2022 02:08:35 +0000
ROA not before: Sat 17 Dec 2022 02:08:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1d:d7:1e:56:77:6b:12:bf:67:39:ba:40:8c:75:fb:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 17 02:08:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=286325f1352913246f5d3251d9f0c2e0c3b6a2a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:90:76:9d:56:9c:00:22:e5:85:72:93:cc:fe:
ce:e4:67:a5:2b:88:86:7c:5f:12:be:e3:b9:8c:e2:
bc:d7:f0:d5:aa:a4:c8:79:03:16:a2:e8:e9:a9:7b:
43:74:69:ae:17:5d:0f:5b:8e:1b:fc:7c:59:ea:5d:
de:a3:28:af:d0:1d:69:97:75:ee:7d:d8:3f:03:66:
53:ec:f1:eb:30:55:59:22:fe:36:21:1c:d4:0a:2b:
aa:a6:27:d8:15:3d:ac:8f:c9:27:55:4f:e9:26:f5:
5c:91:c9:0c:cf:72:d0:80:ee:2c:1a:f6:72:e8:e4:
be:f2:0a:3e:6f:5b:cb:1b:b6:1b:7f:11:6c:b4:2e:
42:55:fe:8d:74:f1:bf:d6:49:a8:79:18:3d:b0:01:
05:b4:97:43:a0:74:be:d7:aa:71:45:5e:ee:e1:9c:
89:05:95:77:64:55:c7:db:02:47:c2:71:e8:5f:92:
ec:24:33:18:c2:d3:da:33:6c:9a:30:4a:91:12:af:
80:d5:8c:8e:52:0c:35:01:13:30:d0:41:0e:c6:16:
55:7f:af:e9:43:d4:c8:08:0f:0f:8d:7b:b2:06:00:
e9:f5:12:c8:9c:59:dc:d6:9e:9f:70:0e:ea:e4:47:
f1:00:98:0b:43:3e:8e:5e:f1:45:8d:6b:00:55:bb:
3a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:63:25:F1:35:29:13:24:6F:5D:32:51:D9:F0:C2:E0:C3:B6:A2:A2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KGMl8TUpEyRvXTJR2fDC4MO2oqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
37:d5:12:5f:e2:34:f7:06:cf:9c:2b:78:56:32:7c:29:8a:dc:
c4:5d:c8:7b:e9:f1:7f:b6:d9:d3:71:61:ea:25:fa:f2:3b:21:
51:7a:8c:78:81:17:66:fa:09:a2:e4:4a:aa:1a:1b:02:8b:5d:
31:dd:30:fa:a1:9e:44:15:93:32:fb:21:16:d8:b0:30:f0:35:
f0:a9:ef:41:eb:fe:ce:53:7f:5c:22:78:8b:67:bf:66:2d:d2:
4f:f0:e7:9d:80:85:bb:11:b1:2f:ba:2b:09:8d:86:37:99:06:
9b:a7:8f:3f:4c:ae:07:d2:93:d1:10:b1:5a:93:57:f1:27:75:
a3:1a:20:d7:90:22:c4:21:cc:9e:e2:35:94:a2:68:ef:2d:07:
a0:ff:c9:3a:79:e8:05:28:c7:9a:77:8d:62:c2:a8:96:62:bc:
2e:36:37:18:14:4d:4b:81:9a:fc:16:67:d4:b0:3b:f5:fd:c5:
2f:b5:26:52:71:1d:61:34:5a:54:49:49:83:5a:3d:89:34:a7:
9a:d3:9e:f3:93:70:14:a0:a4:44:52:36:ae:0c:97:9b:38:39:
f0:e8:e7:c7:99:45:37:39:c4:7f:f4:7c:5f:dc:fb:4b:4d:35:
d9:59:a9:20:95:14:e8:25:95:65:88:97:6b:ad:ed:6c:90:b5:
ff:59:26:83
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUd1x5Wd2sSv2c5ukCMdfuuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE3MDIwODM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODYzMjVmMTM1MjkxMzI0NmY1ZDMyNTFkOWYwYzJlMGMzYjZhMmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZB2nVacACLlhXKTzP7O5GelK4iG
fF8SvuO5jOK81/DVqqTIeQMWoujpqXtDdGmuF10PW44b/HxZ6l3eoyiv0B1pl3Xu
fdg/A2ZT7PHrMFVZIv42IRzUCiuqpifYFT2sj8knVU/pJvVckckMz3LQgO4sGvZy
6OS+8go+b1vLG7YbfxFstC5CVf6NdPG/1kmoeRg9sAEFtJdDoHS+16pxRV7u4ZyJ
BZV3ZFXH2wJHwnHoX5LsJDMYwtPaM2yaMEqREq+A1YyOUgw1ARMw0EEOxhZVf6/p
Q9TICA8PjXuyBgDp9RLInFnc1p6fcA7q5EfxAJgLQz6OXvFFjWsAVbs6EQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFChjJfE1KRMkb10yUdnwwuDDtqKiMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS0dNbDhUVXBFeVJ2WFRKUjJmREM0TU8yb3FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADfVEl/iNPcGz5wreFYy
fCmK3MRdyHvp8X+22dNxYeol+vI7IVF6jHiBF2b6CaLkSqoaGwKLXTHdMPqhnkQV
kzL7IRbYsDDwNfCp70Hr/s5Tf1wieItnv2Yt0k/w552AhbsRsS+6KwmNhjeZBpun
jz9MrgfSk9EQsVqTV/EndaMaINeQIsQhzJ7iNZSiaO8tB6D/yTp56AUox5p3jWLC
qJZivC42NxgUTUuBmvwWZ9SwO/X9xS+1JlJxHWE0WlRJSYNaPYk0p5rTnvOTcBSg
pERSNq4Ml5s4OfDo58eZRTc5xH/0fF/c+0tNNdlZqSCVFOgllWWIl2ut7WyQtf9Z
JoM=
-----END CERTIFICATE-----
Generated at Thu May 1 07:06:42 2025 by rpki-client