Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KVLCiIkITPCGMLRIMdKoCSHJeKM.roa
File: KVLCiIkITPCGMLRIMdKoCSHJeKM.roa (raw, json)
Hash identifier: yzGcumyIhApRi4JaGVqOxZX6toekQl00aZToRL6d1eQ=
Subject key identifier: 29:52:C2:88:89:08:4C:F0:86:30:B4:48:31:D2:A8:09:21:C9:78:A3
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187AA2A267E8812C338ABF5402F8924803F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KVLCiIkITPCGMLRIMdKoCSHJeKM.roa
Signing time: Sat 22 Apr 2023 18:11:41 +0000
ROA not before: Sat 22 Apr 2023 18:11:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:aa:2a:26:7e:88:12:c3:38:ab:f5:40:2f:89:24:80:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 22 18:11:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2952c28889084cf08630b44831d2a80921c978a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b4:17:e9:fe:01:33:45:33:98:3c:9c:15:5c:
04:c6:ce:0f:71:aa:b1:90:9c:33:b2:1f:86:9c:be:
bd:0a:81:4f:8b:b3:2c:fc:ba:e1:1e:0d:13:26:f7:
af:ab:35:98:16:5e:68:9c:c7:62:8f:a0:d2:d7:06:
e2:c5:78:54:35:a8:2b:01:4c:26:ea:d1:9d:e6:a0:
f1:4a:db:3a:db:7b:0b:18:03:ff:59:d1:65:de:be:
2b:9a:a5:e8:2a:21:a3:7e:22:37:b1:86:d3:39:3f:
2a:01:dc:65:c7:1a:4c:e3:01:dc:12:7c:d1:8c:27:
57:a7:07:60:97:4e:6e:30:90:16:8c:77:d8:72:37:
6b:ed:39:d1:8c:09:db:2e:21:5a:7a:d3:f5:a7:a1:
86:91:26:4c:73:8d:8a:ef:30:2d:bf:6f:33:ac:9f:
0c:fc:65:28:6f:65:16:2d:5c:6e:ba:06:52:ba:ae:
d1:94:42:bf:fd:ae:57:bc:74:67:c0:0e:a0:e8:0c:
5b:c2:20:d8:3b:ca:70:7c:60:36:11:31:cb:96:cc:
37:12:e5:93:45:aa:d9:58:50:af:84:81:3d:eb:f6:
2f:4b:72:e5:07:c1:19:92:1a:91:8f:af:41:4f:dc:
30:1f:1c:d7:e7:45:53:3c:f7:44:7f:82:09:53:85:
ad:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:52:C2:88:89:08:4C:F0:86:30:B4:48:31:D2:A8:09:21:C9:78:A3
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KVLCiIkITPCGMLRIMdKoCSHJeKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a2:1a:f6:df:af:9d:6d:1b:fa:c1:22:ac:91:57:6e:ba:41:a1:
fd:56:05:a6:27:fb:6d:58:28:7d:9d:61:d6:d7:36:38:0e:34:
7e:50:f4:e0:76:da:7e:a1:34:31:85:31:82:5e:d8:83:02:bb:
13:22:f0:82:35:92:f6:c1:f5:34:99:bb:9f:45:d4:38:e9:75:
7c:dc:f6:dd:a6:94:9c:f3:b4:34:9b:7c:67:7f:8c:ff:d6:97:
f3:14:94:f8:78:6c:07:ad:5f:f1:3c:10:ea:59:11:84:07:af:
23:c1:58:bf:43:e2:4b:1d:b5:44:af:08:b8:05:18:18:7f:33:
a4:ec:dd:00:ff:9f:74:b7:83:60:6e:27:ba:d7:00:3e:58:2b:
7c:d5:0b:c7:d9:00:18:dc:f2:6f:0c:40:7a:e4:c5:08:c8:56:
fa:49:4a:0a:7a:9d:58:05:d8:05:79:42:55:35:e4:51:6d:38:
c8:b7:5b:d5:24:2a:1a:bc:9f:cd:65:b6:24:88:29:e9:db:a6:
be:e0:53:4f:8a:7d:9d:a1:f9:d2:64:72:ec:c8:75:41:aa:7a:
e7:16:87:a6:1c:c4:97:4d:77:ff:46:6a:10:c1:df:4a:34:c2:
bb:91:4c:10:63:5c:14:5b:26:92:a0:09:ba:bc:80:f0:35:ec:
b7:95:e8:54
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYeqKiZ+iBLDOKv1QC+JJIA/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDIyMTgxMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTUyYzI4ODg5MDg0Y2YwODYzMGI0NDgzMWQyYTgwOTIxYzk3OGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbQX6f4BM0UzmDycFVwExs4Pcaqx
kJwzsh+GnL69CoFPi7Ms/LrhHg0TJvevqzWYFl5onMdij6DS1wbixXhUNagrAUwm
6tGd5qDxSts623sLGAP/WdFl3r4rmqXoKiGjfiI3sYbTOT8qAdxlxxpM4wHcEnzR
jCdXpwdgl05uMJAWjHfYcjdr7TnRjAnbLiFaetP1p6GGkSZMc42K7zAtv28zrJ8M
/GUob2UWLVxuugZSuq7RlEK//a5XvHRnwA6g6AxbwiDYO8pwfGA2ETHLlsw3EuWT
RarZWFCvhIE96/YvS3LlB8EZkhqRj69BT9wwHxzX50VTPPdEf4IJU4WtMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFClSwoiJCEzwhjC0SDHSqAkhyXijMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS1ZMQ2lJa0lUUENHTUxSSU1kS29DU0hKZUtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKIa9t+vnW0b+sEirJFX
brpBof1WBaYn+21YKH2dYdbXNjgONH5Q9OB22n6hNDGFMYJe2IMCuxMi8II1kvbB
9TSZu59F1DjpdXzc9t2mlJzztDSbfGd/jP/Wl/MUlPh4bAetX/E8EOpZEYQHryPB
WL9D4ksdtUSvCLgFGBh/M6Ts3QD/n3S3g2BuJ7rXAD5YK3zVC8fZABjc8m8MQHrk
xQjIVvpJSgp6nVgF2AV5QlU15FFtOMi3W9UkKhq8n81ltiSIKenbpr7gU0+KfZ2h
+dJkcuzIdUGqeucWh6YcxJdNd/9GahDB30o0wruRTBBjXBRbJpKgCbq8gPA17LeV
6FQ=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:26:02 2025 by rpki-client