Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KN9GakKQX3YjG648e9bH7tLyDZ4.roa
File: KN9GakKQX3YjG648e9bH7tLyDZ4.roa (raw, json)
Hash identifier: 87ZPs9+9+/7QisIOJs6csN8+qXYocont7m+3tKDDb0I=
Subject key identifier: 28:DF:46:6A:42:90:5F:76:23:1B:AE:3C:7B:D6:C7:EE:D2:F2:0D:9E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0183B0A5B75C460EBC16BBD462503265CAFD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KN9GakKQX3YjG648e9bH7tLyDZ4.roa
Signing time: Fri 07 Oct 2022 04:13:13 +0000
ROA not before: Fri 07 Oct 2022 04:13:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:183:50b3:5643/128 maxlen: 128
2001:67c:64:ffff:0:183:5f81:ab13/128 maxlen: 128
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:183:1279:659d/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b0:a5:b7:5c:46:0e:bc:16:bb:d4:62:50:32:65:ca:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Oct 7 04:13:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28df466a42905f76231bae3c7bd6c7eed2f20d9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:0d:9e:fa:ab:38:eb:b7:eb:90:33:18:a8:8b:
fa:cb:5f:f6:98:fb:40:ec:e2:30:c6:f9:e5:4a:60:
2b:3b:d7:d8:2f:3a:03:36:8e:6c:8a:0f:2a:f6:0c:
bc:11:73:5c:d8:fe:6d:e8:ac:14:fd:81:df:63:1f:
a0:62:22:45:57:ca:85:7e:04:1b:72:10:ae:aa:51:
93:85:ef:f4:f3:0b:00:48:b1:68:35:39:0c:88:06:
ac:1b:f5:16:d8:63:d9:8b:94:0f:c0:1c:ec:ff:93:
95:61:fc:1b:6c:36:ae:b6:ca:e3:99:a5:d6:91:3d:
9b:c9:ff:9a:b6:75:db:73:96:fa:3a:4d:80:fc:9d:
f0:23:c6:da:ba:99:f0:c0:d3:af:9e:38:48:60:1d:
81:69:2a:dc:f4:08:90:0b:f9:ff:34:2c:b9:a0:16:
2c:4a:50:fb:fe:2d:0a:b6:c5:85:3e:4b:0f:30:91:
a2:ca:6e:2f:02:30:d1:52:db:a3:df:22:69:4d:df:
ef:18:3d:46:a0:4f:38:ef:b3:ac:1f:ff:01:af:15:
d1:37:10:a9:3e:d2:3c:8f:55:37:df:57:0f:97:e9:
ae:17:22:78:30:4c:ac:df:5d:62:b4:e9:6c:9f:51:
e6:06:bb:13:8a:05:70:ff:26:8c:0e:01:7c:31:f7:
98:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:DF:46:6A:42:90:5F:76:23:1B:AE:3C:7B:D6:C7:EE:D2:F2:0D:9E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KN9GakKQX3YjG648e9bH7tLyDZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:5f:36:85:49:92:f3:d3:68:12:03:86:30:10:43:1d:39:a9:
61:96:4e:20:c3:7a:ab:08:ef:40:78:9b:49:75:c4:f6:99:f4:
4e:4d:23:1e:20:2d:e0:64:56:bf:f9:b1:ca:e8:69:80:cd:ac:
a3:3a:da:67:98:5d:eb:be:8c:38:b5:d1:52:e3:d2:b6:0c:e4:
a2:83:e9:d7:2f:60:79:9e:ec:9f:11:df:54:c4:cb:60:f2:35:
c5:b5:70:28:b9:95:04:e9:7d:41:04:8b:70:90:7d:2c:ff:0d:
a8:da:c7:4a:19:70:40:6c:51:0b:e3:bf:df:a5:0b:93:8f:3a:
2d:b3:8f:a1:13:db:8d:ae:e5:27:aa:71:50:51:aa:6c:76:3e:
26:de:b5:00:4f:79:20:c4:b6:5c:43:12:bf:24:4e:31:26:6e:
a2:5e:13:25:a2:85:a4:f3:f1:9f:7d:6c:28:65:1b:aa:9a:2a:
a1:3d:79:91:a0:e5:18:29:be:98:b4:e0:dc:99:89:97:42:e4:
e5:77:84:f5:a1:0b:da:40:aa:b8:c1:49:10:03:c1:47:14:ee:
6d:1e:c6:c3:93:f2:f0:fb:94:62:21:9c:de:75:e8:e6:e6:7b:
7e:09:84:de:b7:a8:ed:fe:07:e9:f5:84:a1:44:50:4e:06:b3:
d1:b9:3d:34
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYOwpbdcRg68FrvUYlAyZcr9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMDA3MDQxMzEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGRmNDY2YTQyOTA1Zjc2MjMxYmFlM2M3YmQ2YzdlZWQyZjIwZDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkg2e+qs467frkDMYqIv6y1/2mPtA
7OIwxvnlSmArO9fYLzoDNo5sig8q9gy8EXNc2P5t6KwU/YHfYx+gYiJFV8qFfgQb
chCuqlGThe/08wsASLFoNTkMiAasG/UW2GPZi5QPwBzs/5OVYfwbbDautsrjmaXW
kT2byf+atnXbc5b6Ok2A/J3wI8baupnwwNOvnjhIYB2BaSrc9AiQC/n/NCy5oBYs
SlD7/i0KtsWFPksPMJGiym4vAjDRUtuj3yJpTd/vGD1GoE8477OsH/8BrxXRNxCp
PtI8j1U331cPl+muFyJ4MEys311itOlsn1HmBrsTigVw/yaMDgF8MfeYLwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCjfRmpCkF92IxuuPHvWx+7S8g2eMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS045R2FrS1FYM1lqRzY0OGU5Ykg3dEx5RFo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF9fNoVJkvPTaBIDhjAQ
Qx05qWGWTiDDeqsI70B4m0l1xPaZ9E5NIx4gLeBkVr/5scroaYDNrKM62meYXeu+
jDi10VLj0rYM5KKD6dcvYHme7J8R31TEy2DyNcW1cCi5lQTpfUEEi3CQfSz/Daja
x0oZcEBsUQvjv9+lC5OPOi2zj6ET242u5SeqcVBRqmx2PibetQBPeSDEtlxDEr8k
TjEmbqJeEyWihaTz8Z99bChlG6qaKqE9eZGg5Rgpvpi04NyZiZdC5OV3hPWhC9pA
qrjBSRADwUcU7m0exsOT8vD7lGIhnN516Obme34JhN63qO3+B+n1hKFEUE4Gs9G5
PTQ=
-----END CERTIFICATE-----
Generated at Sat May 3 08:58:35 2025 by rpki-client