Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KQOmu9NM8kKrGWWPnel7sHgk11E.roa
File: KQOmu9NM8kKrGWWPnel7sHgk11E.roa (raw, json)
Hash identifier: HDs53QwZgkSeDNi7cWLuFYV9E76j8m4P7AuWIM+PT7g=
Subject key identifier: 29:03:A6:BB:D3:4C:F2:42:AB:19:65:8F:9D:E9:7B:B0:78:24:D7:51
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A304F6BF03DAD752D5A673EC8B2AD8516
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KQOmu9NM8kKrGWWPnel7sHgk11E.roa
Signing time: Sat 26 Aug 2023 05:27:05 +0000
ROA not before: Sat 26 Aug 2023 05:27:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:30:4f:6b:f0:3d:ad:75:2d:5a:67:3e:c8:b2:ad:85:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 26 05:27:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2903a6bbd34cf242ab19658f9de97bb07824d751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:bc:2a:77:e7:f8:7e:61:5b:1c:61:2e:dc:4f:
b2:18:2a:4c:f9:dc:89:03:96:f9:a1:5c:96:fc:ad:
df:89:5b:ae:38:d6:e6:1d:24:01:86:95:a5:99:3e:
13:10:f2:19:cd:d2:95:60:a2:87:fd:f7:ec:9d:ea:
a4:89:ed:c7:77:27:51:2f:b0:d2:2e:da:7c:45:44:
d8:10:33:44:9b:6a:b4:94:cf:f1:61:04:44:e1:19:
2d:22:74:7b:19:33:ff:fe:4f:79:9f:64:85:a6:21:
aa:7a:9d:da:61:61:29:a3:70:31:70:a7:c6:58:40:
88:3b:2b:62:85:9d:a4:b7:fd:9f:7e:7b:d8:8e:48:
f2:bc:d6:98:7a:33:f6:ed:9f:6c:a0:d1:9c:9b:8a:
2f:eb:55:eb:89:9a:6c:a9:15:64:02:bd:40:26:aa:
0a:10:2a:ae:ed:63:1b:a6:c7:2c:74:3e:9c:14:b5:
26:7e:56:9a:b8:75:d0:ef:7f:72:ff:59:08:1d:ff:
b4:82:26:41:7e:ac:7a:8e:86:48:36:d1:62:64:ee:
a1:56:1e:a8:68:a6:b5:32:c2:0e:dd:86:c4:9b:da:
10:33:45:1b:35:5a:82:08:dd:7a:7c:dc:7d:08:e5:
7c:6a:68:94:f8:7b:76:48:9e:3d:4d:d3:99:8e:d9:
23:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:03:A6:BB:D3:4C:F2:42:AB:19:65:8F:9D:E9:7B:B0:78:24:D7:51
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KQOmu9NM8kKrGWWPnel7sHgk11E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3e:fd:6f:f5:54:75:76:69:b3:a2:de:77:2c:dd:e8:4a:ed:41:
1d:54:f4:1b:ce:75:67:9b:45:3e:12:41:7e:42:ca:3f:9f:10:
b2:5f:46:ed:67:f2:29:9f:28:d3:5a:62:9e:af:e1:ad:d5:6d:
91:a7:60:39:84:8a:ed:bd:be:fe:3e:3f:fe:93:7b:3a:b5:1a:
ac:7c:f3:48:d7:41:f5:35:63:09:01:94:8a:ef:eb:1d:5e:1d:
8b:c0:14:c9:8a:6b:b6:63:5e:bf:29:a2:27:dd:9d:03:74:6b:
6f:f9:e8:bc:83:80:68:37:6d:40:2b:7b:59:60:41:2a:dc:c0:
8b:19:c7:3a:64:6a:3f:05:a9:61:9b:75:c1:5e:6f:3f:7b:32:
54:5a:c5:6f:5f:fa:c0:36:e6:6a:60:f2:38:c1:ec:d0:21:2c:
af:26:b4:ab:26:9a:71:e9:8d:ef:d3:04:1f:7e:21:13:85:de:
2f:72:ac:88:1b:88:0a:2b:ea:fb:7f:bc:98:c8:e3:de:c8:5e:
48:a1:15:46:06:13:06:46:92:61:f9:8f:4f:85:4d:4e:25:68:
f7:4f:eb:6e:58:6a:1b:92:1d:30:21:a2:ff:d8:82:06:6b:ef:
3c:54:3a:1b:08:ba:19:19:b0:10:bc:79:1f:94:24:10:83:35:
2a:f9:28:16
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYowT2vwPa11LVpnPsiyrYUWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI2MDUyNzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTAzYTZiYmQzNGNmMjQyYWIxOTY1OGY5ZGU5N2JiMDc4MjRkNzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbwqd+f4fmFbHGEu3E+yGCpM+dyJ
A5b5oVyW/K3fiVuuONbmHSQBhpWlmT4TEPIZzdKVYKKH/ffsneqkie3HdydRL7DS
Ltp8RUTYEDNEm2q0lM/xYQRE4RktInR7GTP//k95n2SFpiGqep3aYWEpo3AxcKfG
WECIOytihZ2kt/2ffnvYjkjyvNaYejP27Z9soNGcm4ov61XriZpsqRVkAr1AJqoK
ECqu7WMbpscsdD6cFLUmflaauHXQ739y/1kIHf+0giZBfqx6joZINtFiZO6hVh6o
aKa1MsIO3YbEm9oQM0UbNVqCCN16fNx9COV8amiU+Ht2SJ49TdOZjtkjhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCkDprvTTPJCqxllj53pe7B4JNdRMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS1FPbXU5Tk04a0tyR1dXUG5lbDdzSGdrMTFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD79b/VUdXZps6Ledyzd
6ErtQR1U9BvOdWebRT4SQX5Cyj+fELJfRu1n8imfKNNaYp6v4a3VbZGnYDmEiu29
vv4+P/6Tezq1Gqx880jXQfU1YwkBlIrv6x1eHYvAFMmKa7ZjXr8poifdnQN0a2/5
6LyDgGg3bUAre1lgQSrcwIsZxzpkaj8FqWGbdcFebz97MlRaxW9f+sA25mpg8jjB
7NAhLK8mtKsmmnHpje/TBB9+IROF3i9yrIgbiAor6vt/vJjI497IXkihFUYGEwZG
kmH5j0+FTU4laPdP625YahuSHTAhov/YggZr7zxUOhsIuhkZsBC8eR+UJBCDNSr5
KBY=
-----END CERTIFICATE-----
Generated at Fri May 2 20:46:09 2025 by rpki-client