Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KW9G02KyUUHusAHZ7T3wXRWiYlk.roa
File: KW9G02KyUUHusAHZ7T3wXRWiYlk.roa (raw, json)
Hash identifier: +kJAnom+C2xaE9makJYOCpRohtt2a3T5co5KSrz8dqw=
Subject key identifier: 29:6F:46:D3:62:B2:51:41:EE:B0:01:D9:ED:3D:F0:5D:15:A2:62:59
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018933B116CCFDD6DD9D6EC1ED9FC407F45E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KW9G02KyUUHusAHZ7T3wXRWiYlk.roa
Signing time: Sat 08 Jul 2023 04:09:50 +0000
ROA not before: Sat 08 Jul 2023 04:09:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:33:b1:16:cc:fd:d6:dd:9d:6e:c1:ed:9f:c4:07:f4:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 8 04:09:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=296f46d362b25141eeb001d9ed3df05d15a26259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:1f:5a:4e:8e:99:1f:d8:17:ee:b8:48:e6:b1:
59:64:7e:38:6d:7d:c4:56:b5:c7:50:fb:a3:81:d0:
3a:c1:e1:e6:46:5b:f1:9a:b1:b0:75:ae:f3:c3:55:
a8:99:d9:8e:60:58:3f:bd:33:09:e9:9b:f3:53:c5:
d7:0e:64:15:07:5a:ba:17:a1:a2:a5:19:d8:57:78:
31:6c:d0:b7:1c:db:19:0b:8e:e2:e9:68:93:03:e2:
4e:47:d8:0f:23:22:27:6f:1f:12:8a:40:68:97:9a:
8a:ea:a1:0a:1d:96:72:d9:c4:05:52:d9:e8:91:ff:
32:69:39:e3:f5:5f:d2:7c:07:d2:f5:91:b1:dd:6e:
b5:0b:e7:18:7d:5c:85:3b:cb:a5:59:98:5d:14:e3:
f1:67:63:a4:3b:bc:c3:80:05:53:39:f2:56:68:9a:
64:26:04:ec:20:e4:3f:58:c8:66:c8:2e:1f:71:f7:
b1:c3:51:30:56:c6:ab:21:7b:c5:b2:52:96:99:2d:
43:ce:10:8e:af:4a:4a:4e:84:1f:ba:b4:dc:09:de:
cd:48:2e:65:51:8f:b6:57:a4:2f:ee:dc:0d:a1:6f:
9a:2a:88:e1:01:e8:72:1f:04:df:a6:4c:5c:58:8a:
a9:33:5f:33:6d:1c:72:11:2e:84:74:55:84:09:f6:
31:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:6F:46:D3:62:B2:51:41:EE:B0:01:D9:ED:3D:F0:5D:15:A2:62:59
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KW9G02KyUUHusAHZ7T3wXRWiYlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7b:82:24:5e:5d:f4:7f:35:c3:15:a4:5c:29:ff:c9:9c:97:ea:
f7:32:b5:13:6a:03:d9:3a:f2:5b:7f:7e:ab:15:24:ad:18:c3:
80:81:1a:55:d2:62:99:35:f5:4d:03:08:09:26:91:62:2b:09:
23:61:84:f3:93:6c:fc:47:67:87:07:e7:3c:44:1f:55:10:41:
a2:a1:14:4c:dd:b5:86:cc:af:2c:21:a3:1e:95:67:e9:50:3b:
3f:1e:c1:94:6e:c0:b0:e2:36:f0:16:3e:b1:e5:71:e9:a5:a5:
d0:e7:6e:6f:f0:05:d4:b7:90:f9:17:19:4b:04:af:c9:f4:d1:
2f:1e:13:0d:83:9c:2c:be:c4:ff:2a:e5:e7:7e:da:85:5e:34:
39:cc:21:5e:1b:72:9e:d1:86:f2:2b:1f:2c:6e:b1:64:9c:f3:
65:ed:7f:aa:40:7c:dc:f6:8c:ba:21:18:12:f8:48:d0:81:f6:
e4:7d:1f:47:dc:5f:0d:bf:bd:06:8e:8e:28:bf:fb:8a:92:a0:
3d:cd:96:9b:47:09:62:09:64:b8:1c:54:3e:23:6a:ea:85:3d:
db:35:b6:1e:77:e2:b9:48:f8:54:6b:49:dd:e0:33:6d:9f:6c:
c8:08:cf:87:c9:83:28:0d:f5:66:2f:19:f2:1a:21:84:cd:4d:
fe:c5:0b:3a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYkzsRbM/dbdnW7B7Z/EB/ReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzA4MDQwOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTZmNDZkMzYyYjI1MTQxZWViMDAxZDllZDNkZjA1ZDE1YTI2MjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4h9aTo6ZH9gX7rhI5rFZZH44bX3E
VrXHUPujgdA6weHmRlvxmrGwda7zw1WomdmOYFg/vTMJ6ZvzU8XXDmQVB1q6F6Gi
pRnYV3gxbNC3HNsZC47i6WiTA+JOR9gPIyInbx8SikBol5qK6qEKHZZy2cQFUtno
kf8yaTnj9V/SfAfS9ZGx3W61C+cYfVyFO8ulWZhdFOPxZ2OkO7zDgAVTOfJWaJpk
JgTsIOQ/WMhmyC4fcfexw1EwVsarIXvFslKWmS1DzhCOr0pKToQfurTcCd7NSC5l
UY+2V6Qv7twNoW+aKojhAehyHwTfpkxcWIqpM18zbRxyES6EdFWECfYxIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFClvRtNislFB7rAB2e098F0VomJZMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS1c5RzAyS3lVVUh1c0FIWjdUM3dYUldpWWxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHuCJF5d9H81wxWkXCn/
yZyX6vcytRNqA9k68lt/fqsVJK0Yw4CBGlXSYpk19U0DCAkmkWIrCSNhhPOTbPxH
Z4cH5zxEH1UQQaKhFEzdtYbMrywhox6VZ+lQOz8ewZRuwLDiNvAWPrHlcemlpdDn
bm/wBdS3kPkXGUsEr8n00S8eEw2DnCy+xP8q5ed+2oVeNDnMIV4bcp7RhvIrHyxu
sWSc82Xtf6pAfNz2jLohGBL4SNCB9uR9H0fcXw2/vQaOjii/+4qSoD3NlptHCWIJ
ZLgcVD4jauqFPds1th534rlI+FRrSd3gM22fbMgIz4fJgygN9WYvGfIaIYTNTf7F
Czo=
-----END CERTIFICATE-----
Generated at Thu May 1 08:11:23 2025 by rpki-client