Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KJPD0LvNUXLY-b9z8KYj7iLDKkE.roa
File: KJPD0LvNUXLY-b9z8KYj7iLDKkE.roa (raw, json)
Hash identifier: RivzDXYHTV1bSw/sGvkcIwpSc2aMvA0huR3Z7izurv8=
Subject key identifier: 28:93:C3:D0:BB:CD:51:72:D8:F9:BF:73:F0:A6:23:EE:22:C3:2A:41
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01867C0AF2A567A46AE64EE5255BAF48EC41
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KJPD0LvNUXLY-b9z8KYj7iLDKkE.roa
Signing time: Thu 23 Feb 2023 02:12:17 +0000
ROA not before: Thu 23 Feb 2023 02:12:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7c:0a:f2:a5:67:a4:6a:e6:4e:e5:25:5b:af:48:ec:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 23 02:12:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2893c3d0bbcd5172d8f9bf73f0a623ee22c32a41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:86:e3:b4:50:19:47:f6:b8:f3:44:87:c1:b9:
31:4d:91:cc:77:87:43:ca:a1:79:7c:e5:0f:ac:95:
9e:18:ca:12:48:97:b8:b8:aa:38:4a:56:df:57:fb:
c1:ba:e3:fe:b6:ad:10:7d:ca:e2:38:6b:b7:fb:80:
59:2c:40:87:0d:9b:6c:6f:f9:c7:31:dc:dd:96:63:
b4:26:46:f2:6b:ca:38:93:83:6a:03:62:9c:52:d4:
8e:69:0d:4c:92:0f:08:b4:e1:65:08:36:19:92:06:
75:9f:ed:d4:ae:9c:c2:50:ef:58:37:95:65:ac:92:
df:d5:e6:50:0d:87:73:1c:09:37:ea:dc:62:9f:a5:
5c:c3:e5:d2:03:d6:68:43:c8:81:bc:49:f8:9e:37:
9c:e8:b3:9a:fc:43:b1:71:a2:dc:1d:31:06:ef:80:
00:4b:c0:84:e7:13:20:5d:5b:06:6d:82:de:76:3a:
d9:da:65:b0:19:59:71:71:d3:cc:47:25:83:00:5c:
ce:71:07:7b:d1:98:db:80:bb:78:f8:aa:a1:b3:58:
17:00:34:98:28:24:f2:e5:8a:d2:fa:c8:63:8e:db:
e1:83:33:be:ad:d4:dd:d9:b9:2f:bc:f2:2e:a6:7d:
7c:e3:2e:f5:ef:c5:f3:9d:a8:ab:fa:e2:08:0f:8d:
74:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:93:C3:D0:BB:CD:51:72:D8:F9:BF:73:F0:A6:23:EE:22:C3:2A:41
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KJPD0LvNUXLY-b9z8KYj7iLDKkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
52:60:bc:21:91:05:c8:b6:cb:dd:45:d8:94:48:69:ea:0d:c4:
5a:52:64:bf:73:e8:6d:5c:b0:c4:a8:d1:33:6f:3d:9d:7d:f4:
b0:65:2e:bf:eb:9d:7f:c1:6b:e8:4f:7a:99:2c:98:16:8e:d9:
9a:82:72:fd:f0:61:28:13:96:06:3f:b3:f3:c5:75:6d:f6:8d:
ec:d6:0d:4e:48:15:87:24:05:58:c2:10:55:9b:51:64:52:6b:
f5:c4:35:60:ee:68:aa:f0:86:42:9d:84:d4:d3:fc:26:31:70:
63:4b:5b:ac:c4:c7:d6:32:2c:88:cc:10:73:f2:eb:f3:01:7b:
cf:78:58:d9:d5:2b:53:1b:92:a0:df:77:fe:e8:ba:1f:2d:5f:
18:8b:83:fd:2e:98:ef:3e:6f:41:57:4b:46:af:0d:ca:fc:30:
0c:2f:c4:60:18:79:12:61:07:31:be:e9:42:f0:6c:ca:59:28:
b6:72:ca:df:c4:99:68:25:e4:fb:d3:79:6a:75:a7:da:f7:6d:
c3:ce:4f:48:d7:4e:9a:2c:1a:7f:cd:02:a8:15:74:51:be:8b:
3b:e7:ad:b4:46:88:57:ef:45:7f:d9:e5:ba:8a:6d:58:a0:bf:
94:2e:9a:17:0f:09:69:e4:56:6d:c8:a4:d4:c4:2b:fe:60:ff:
a4:fc:e2:c4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ8CvKlZ6Rq5k7lJVuvSOxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIzMDIxMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODkzYzNkMGJiY2Q1MTcyZDhmOWJmNzNmMGE2MjNlZTIyYzMyYTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhobjtFAZR/a480SHwbkxTZHMd4dD
yqF5fOUPrJWeGMoSSJe4uKo4SlbfV/vBuuP+tq0QfcriOGu3+4BZLECHDZtsb/nH
MdzdlmO0Jkbya8o4k4NqA2KcUtSOaQ1Mkg8ItOFlCDYZkgZ1n+3UrpzCUO9YN5Vl
rJLf1eZQDYdzHAk36txin6Vcw+XSA9ZoQ8iBvEn4njec6LOa/EOxcaLcHTEG74AA
S8CE5xMgXVsGbYLedjrZ2mWwGVlxcdPMRyWDAFzOcQd70ZjbgLt4+Kqhs1gXADSY
KCTy5YrS+shjjtvhgzO+rdTd2bkvvPIupn184y7178Xznair+uIID410jQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCiTw9C7zVFy2Pm/c/CmI+4iwypBMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS0pQRDBMdk5VWExZLWI5ejhLWWo3aUxES2tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFJgvCGRBci2y91F2JRI
aeoNxFpSZL9z6G1csMSo0TNvPZ199LBlLr/rnX/Ba+hPepksmBaO2ZqCcv3wYSgT
lgY/s/PFdW32jezWDU5IFYckBVjCEFWbUWRSa/XENWDuaKrwhkKdhNTT/CYxcGNL
W6zEx9YyLIjMEHPy6/MBe894WNnVK1MbkqDfd/7ouh8tXxiLg/0umO8+b0FXS0av
Dcr8MAwvxGAYeRJhBzG+6ULwbMpZKLZyyt/EmWgl5PvTeWp1p9r3bcPOT0jXTpos
Gn/NAqgVdFG+izvnrbRGiFfvRX/Z5bqKbVigv5QumhcPCWnkVm3IpNTEK/5g/6T8
4sQ=
-----END CERTIFICATE-----
Generated at Thu May 1 18:54:58 2025 by rpki-client