Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KV1CBdzp8oqq3SU7gmNr8wTpdZ8.roa
File: KV1CBdzp8oqq3SU7gmNr8wTpdZ8.roa (raw, json)
Hash identifier: 2HT8CT3nFnvbmGLNzPsrsdtzHUYaSjyBxvL4NOVlgO8=
Subject key identifier: 29:5D:42:05:DC:E9:F2:8A:AA:DD:25:3B:82:63:6B:F3:04:E9:75:9F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186D13D7D54A58059E93D5659FDE5BFF70C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KV1CBdzp8oqq3SU7gmNr8wTpdZ8.roa
Signing time: Sat 11 Mar 2023 15:15:13 +0000
ROA not before: Sat 11 Mar 2023 15:15:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d1:3d:7d:54:a5:80:59:e9:3d:56:59:fd:e5:bf:f7:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 11 15:15:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=295d4205dce9f28aaadd253b82636bf304e9759f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:99:a2:0b:65:ec:af:35:c5:88:4a:2b:87:f7:
ca:0b:4c:90:19:92:f5:63:e2:80:1f:c9:e1:cb:da:
8d:f8:93:e9:bc:b0:68:b1:0b:e5:32:3a:76:6e:ac:
da:da:d9:96:53:6c:1d:9a:0f:89:b3:d8:b8:78:2d:
e4:ac:ad:d2:ad:84:6e:9c:ac:e2:91:f0:d5:d0:98:
bf:aa:e1:e8:3c:96:70:68:e8:0d:e2:e8:6c:b0:a6:
9f:58:cc:09:be:42:5f:25:b6:16:df:2a:1e:0c:7f:
21:e6:1d:cf:d7:96:68:64:66:4b:fc:ec:8c:4a:3e:
fa:f2:49:62:62:c9:a6:28:41:3f:43:2c:47:66:76:
9c:0d:5d:96:40:dc:11:6f:9c:aa:dc:27:a6:dc:04:
fb:79:4d:10:58:3c:2e:09:77:40:fa:2a:8d:53:d0:
f6:30:37:0e:9e:b8:c8:ac:d0:45:d0:5d:dc:6b:05:
ce:d4:91:bf:8f:c9:37:dc:2d:35:ac:a0:24:16:63:
c6:63:1e:fc:a5:6b:62:59:3d:02:2a:b4:15:37:13:
ce:87:6d:d6:ea:7f:59:4b:dc:15:27:a7:5b:cd:29:
9a:4d:35:a1:c7:20:d3:d1:54:43:f7:f5:84:df:0f:
68:df:c8:a3:b5:ca:2c:a8:c0:7b:c6:14:8f:c7:68:
22:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:5D:42:05:DC:E9:F2:8A:AA:DD:25:3B:82:63:6B:F3:04:E9:75:9F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KV1CBdzp8oqq3SU7gmNr8wTpdZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3c:06:10:b1:80:24:83:0e:28:07:61:27:af:f2:ab:65:94:29:
0f:1a:0b:cb:b2:d7:7b:f0:de:05:56:fd:38:9c:74:29:ec:25:
18:f4:c0:c6:8b:f1:9f:4a:a4:3a:84:b3:fb:d5:4d:b3:27:e7:
23:b3:7c:07:db:20:38:57:fc:33:3b:30:7f:c0:b9:10:c5:72:
b2:25:ea:08:a2:ac:85:3c:44:b0:3c:9b:09:93:b0:dc:82:4a:
16:2d:a6:99:c9:ca:58:f7:68:2d:11:38:73:a6:91:5b:19:b4:
a7:d0:9a:e2:d8:0f:c9:d5:b6:d4:bb:dc:03:cd:90:3f:7b:9b:
de:16:30:eb:16:97:59:4d:94:03:bf:ed:4e:12:a6:59:92:e2:
98:00:ff:98:be:82:43:be:c2:0e:42:54:d6:95:05:df:80:67:
81:83:e8:c7:1d:95:38:94:bc:f8:0e:c1:e7:2c:1b:7f:c4:d5:
3f:a9:18:47:2c:ca:c3:d7:62:a7:65:d2:3f:90:d3:52:ab:f0:
87:8f:5b:f8:a8:db:6c:c0:e2:00:ee:7a:8d:97:a1:bb:70:b8:
cf:cf:9c:eb:88:71:52:51:a6:45:9b:f5:cf:42:85:76:3b:d6:
6d:1f:6d:88:03:f4:c3:9d:c4:15:11:20:59:4f:c1:ee:19:75:
e8:6b:93:2e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbRPX1UpYBZ6T1WWf3lv/cMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzExMTUxNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTVkNDIwNWRjZTlmMjhhYWFkZDI1M2I4MjYzNmJmMzA0ZTk3NTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5miC2XsrzXFiEorh/fKC0yQGZL1
Y+KAH8nhy9qN+JPpvLBosQvlMjp2bqza2tmWU2wdmg+Js9i4eC3krK3SrYRunKzi
kfDV0Ji/quHoPJZwaOgN4uhssKafWMwJvkJfJbYW3yoeDH8h5h3P15ZoZGZL/OyM
Sj768kliYsmmKEE/QyxHZnacDV2WQNwRb5yq3Cem3AT7eU0QWDwuCXdA+iqNU9D2
MDcOnrjIrNBF0F3cawXO1JG/j8k33C01rKAkFmPGYx78pWtiWT0CKrQVNxPOh23W
6n9ZS9wVJ6dbzSmaTTWhxyDT0VRD9/WE3w9o38ijtcosqMB7xhSPx2giuwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCldQgXc6fKKqt0lO4Jja/ME6XWfMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS1YxQ0JkenA4b3FxM1NVN2dtTnI4d1RwZFo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADwGELGAJIMOKAdhJ6/y
q2WUKQ8aC8uy13vw3gVW/TicdCnsJRj0wMaL8Z9KpDqEs/vVTbMn5yOzfAfbIDhX
/DM7MH/AuRDFcrIl6giirIU8RLA8mwmTsNyCShYtppnJylj3aC0ROHOmkVsZtKfQ
muLYD8nVttS73APNkD97m94WMOsWl1lNlAO/7U4SplmS4pgA/5i+gkO+wg5CVNaV
Bd+AZ4GD6McdlTiUvPgOwecsG3/E1T+pGEcsysPXYqdl0j+Q01Kr8IePW/io22zA
4gDueo2XobtwuM/PnOuIcVJRpkWb9c9ChXY71m0fbYgD9MOdxBURIFlPwe4Zdehr
ky4=
-----END CERTIFICATE-----
Generated at Mon May 5 05:11:55 2025 by rpki-client