Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KNbuf1ehJtuR2sh6joGHahvWf28.roa
File: KNbuf1ehJtuR2sh6joGHahvWf28.roa (raw, json)
Hash identifier: MRp4c8GG6TrT3T5lSSZSRrODwGd/GduiA44K/qdDU3o=
Subject key identifier: 28:D6:EE:7F:57:A1:26:DB:91:DA:C8:7A:8E:81:87:6A:1B:D6:7F:6F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01869D4F5CAA7D19B0542E63D6D73CD545ED
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KNbuf1ehJtuR2sh6joGHahvWf28.roa
Signing time: Wed 01 Mar 2023 13:14:29 +0000
ROA not before: Wed 01 Mar 2023 13:14:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9d:4f:5c:aa:7d:19:b0:54:2e:63:d6:d7:3c:d5:45:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 1 13:14:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28d6ee7f57a126db91dac87a8e81876a1bd67f6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:72:a9:08:dc:2c:cf:3a:2b:14:4f:a4:7a:cf:
42:8a:58:94:1c:8e:ad:46:39:6a:ac:1b:d8:cf:fc:
4e:ac:52:14:24:5d:53:6b:fa:a4:e2:6a:e9:0d:b7:
b6:65:e5:ab:1f:b8:9d:28:6c:dc:ab:a5:f8:56:91:
23:6f:ef:bb:32:8e:c3:95:80:13:66:1c:a7:6e:5d:
78:62:46:0a:21:dd:6d:5c:ee:8b:e3:22:48:06:78:
8f:e0:3e:8a:6f:ca:16:5a:08:ae:a8:87:9b:06:a0:
c0:c2:ee:a7:9c:47:9f:93:1f:0d:50:fc:a6:29:83:
2d:83:74:5e:61:99:dc:24:f1:d5:10:2a:be:5c:9f:
c7:d2:57:58:3a:07:36:ae:f5:4c:2c:e0:eb:1f:22:
19:b5:01:9c:ba:d1:e4:2a:de:f1:1f:bd:2d:d9:60:
55:2d:97:64:4d:6b:55:4f:a6:d7:57:97:ef:ac:0b:
0a:20:89:1d:d2:7e:d8:97:91:3f:07:d3:35:63:08:
d4:62:e5:4a:ea:29:27:2d:f5:83:5f:6f:33:22:f1:
df:38:b0:38:5b:34:fc:43:1e:fe:9d:63:de:b1:d3:
b8:e8:f0:73:58:ab:b4:9f:4b:39:76:87:fb:69:eb:
99:c2:7b:22:e0:75:34:63:29:e2:65:ec:be:15:68:
72:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D6:EE:7F:57:A1:26:DB:91:DA:C8:7A:8E:81:87:6A:1B:D6:7F:6F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KNbuf1ehJtuR2sh6joGHahvWf28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9c:bd:a9:c4:2c:cb:4f:34:d1:bc:ff:71:2b:76:09:04:c0:7f:
d8:bb:0b:79:f0:e3:bb:b3:fb:bb:bc:b9:fc:23:14:b7:01:8d:
4b:01:87:0e:5d:f0:2b:8d:21:fa:83:0d:f5:1b:96:15:03:86:
f3:ee:5c:97:e3:b2:10:fd:fd:cf:04:7e:f9:37:dc:b5:ea:5d:
c2:b7:dd:1b:d1:c8:ed:28:a4:49:15:03:21:9d:42:cb:cd:f9:
cf:d9:98:85:32:b2:4f:53:09:aa:e2:b7:1d:c1:f5:4a:24:06:
ac:41:13:76:a3:f3:6e:7c:f9:d2:df:dc:41:6a:d3:a2:f9:d7:
49:62:87:0c:94:29:d8:bf:5c:6a:de:2d:e6:36:85:be:97:8d:
94:7b:af:b0:29:63:24:e5:5a:85:db:86:a4:6a:01:d4:53:10:
b5:1c:75:10:41:3e:05:43:64:89:b0:85:9d:9a:86:78:67:43:
5d:5e:e9:79:bc:70:2e:8e:d1:62:1c:1f:dd:ee:24:67:92:02:
41:5d:70:22:44:a3:02:f6:0d:c3:67:9a:5f:b5:f6:83:0e:c1:
cd:b6:7a:57:b5:18:b6:9c:22:61:aa:ab:14:c6:f2:d7:18:10:
08:24:5b:d4:8e:f8:d3:a4:2b:1a:02:bc:88:4a:9d:12:54:7f:
8c:de:d5:e3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYadT1yqfRmwVC5j1tc81UXtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzAxMTMxNDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGQ2ZWU3ZjU3YTEyNmRiOTFkYWM4N2E4ZTgxODc2YTFiZDY3ZjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHKpCNwszzorFE+kes9CiliUHI6t
RjlqrBvYz/xOrFIUJF1Ta/qk4mrpDbe2ZeWrH7idKGzcq6X4VpEjb++7Mo7DlYAT
Zhynbl14YkYKId1tXO6L4yJIBniP4D6Kb8oWWgiuqIebBqDAwu6nnEefkx8NUPym
KYMtg3ReYZncJPHVECq+XJ/H0ldYOgc2rvVMLODrHyIZtQGcutHkKt7xH70t2WBV
LZdkTWtVT6bXV5fvrAsKIIkd0n7Yl5E/B9M1YwjUYuVK6iknLfWDX28zIvHfOLA4
WzT8Qx7+nWPesdO46PBzWKu0n0s5dof7aeuZwnsi4HU0YyniZey+FWhyzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCjW7n9XoSbbkdrIeo6Bh2ob1n9vMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS05idWYxZWhKdHVSMnNoNmpvR0hhaHZXZjI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJy9qcQsy0800bz/cSt2
CQTAf9i7C3nw47uz+7u8ufwjFLcBjUsBhw5d8CuNIfqDDfUblhUDhvPuXJfjshD9
/c8Efvk33LXqXcK33RvRyO0opEkVAyGdQsvN+c/ZmIUysk9TCaritx3B9UokBqxB
E3aj8258+dLf3EFq06L510lihwyUKdi/XGreLeY2hb6XjZR7r7ApYyTlWoXbhqRq
AdRTELUcdRBBPgVDZImwhZ2ahnhnQ11e6Xm8cC6O0WIcH93uJGeSAkFdcCJEowL2
DcNnml+19oMOwc22ele1GLacImGqqxTG8tcYEAgkW9SO+NOkKxoCvIhKnRJUf4ze
1eM=
-----END CERTIFICATE-----
Generated at Thu May 1 04:28:52 2025 by rpki-client