Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KaNVnV86d_rUnEFV6binOOQGeXA.roa
File: KaNVnV86d_rUnEFV6binOOQGeXA.roa (raw, json)
Hash identifier: j24+EEWp2PVTGBsLCk+qfcw8fbWZynwEWdNhJlWlyV4=
Subject key identifier: 29:A3:55:9D:5F:3A:77:FA:D4:9C:41:55:E9:B8:A7:38:E4:06:79:70
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189DB807BE880F1EDC4D81C45CEFA82501A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KaNVnV86d_rUnEFV6binOOQGeXA.roa
Signing time: Wed 09 Aug 2023 18:12:57 +0000
ROA not before: Wed 09 Aug 2023 18:12:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:db:80:7b:e8:80:f1:ed:c4:d8:1c:45:ce:fa:82:50:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 9 18:12:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29a3559d5f3a77fad49c4155e9b8a738e4067970
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ca:9b:3c:b8:b5:e6:bd:53:23:bf:c2:7d:19:
5a:da:fd:c2:fc:72:ea:a0:85:d5:0e:3f:e4:69:f0:
76:04:a9:c1:77:61:75:c9:fc:c7:b6:a1:02:25:f5:
03:71:42:d7:b1:98:1e:8d:02:1a:2d:42:54:65:7f:
c3:dd:84:81:cb:7e:69:9d:8d:d2:2e:3f:07:7b:1e:
eb:76:dc:e8:98:78:ea:4e:d3:d9:68:f3:77:1e:4f:
59:63:a0:a7:84:35:5c:9d:fb:00:10:07:8b:bd:35:
0e:54:97:03:56:98:c5:34:aa:69:aa:0f:5b:91:13:
3d:1b:e6:c4:28:0f:1b:11:44:bc:b4:a4:ce:cd:2f:
3c:46:77:d6:53:13:9a:7d:4b:3d:c2:d8:65:c3:27:
3d:30:e1:c9:3a:f4:4f:c3:dc:00:10:f1:2f:db:82:
5c:2a:7d:47:cc:51:a2:e2:8f:ed:14:5a:c8:fe:54:
ff:cd:a6:1b:3c:21:82:09:c0:08:cc:f0:9c:20:58:
6a:ff:f1:ff:5f:e3:ad:be:d0:10:9a:d7:ff:f2:1c:
31:c9:af:e2:0b:8a:4b:27:2e:20:ef:05:7a:41:18:
d5:90:f6:af:1a:0b:4d:d0:63:19:d1:b5:1f:c9:98:
06:9f:7d:5c:fd:49:e3:61:65:c6:3e:90:e8:4f:7c:
a0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A3:55:9D:5F:3A:77:FA:D4:9C:41:55:E9:B8:A7:38:E4:06:79:70
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KaNVnV86d_rUnEFV6binOOQGeXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
52:41:34:6f:0e:90:cd:90:83:64:5e:64:c5:69:b4:9a:d0:03:
d6:83:6d:61:64:ba:36:00:a2:6c:05:3d:da:4b:4b:af:16:00:
e2:f6:d4:bc:1d:0f:43:be:66:7c:8f:76:e5:dc:22:e1:96:3a:
2c:8a:2e:24:0e:d6:e0:38:b1:e5:a0:14:35:93:57:06:96:ef:
8a:c5:73:67:53:a8:85:38:64:86:fa:a4:98:6f:73:22:7c:ce:
b9:4e:13:f7:57:0a:a5:f8:1e:cc:1b:80:a1:a2:84:48:c8:83:
64:d6:0e:df:c1:e5:4c:a1:44:19:f8:e4:0d:3a:09:0f:a4:fb:
c5:a5:3a:f0:4a:aa:a4:f3:88:5b:7d:9f:07:c8:f9:59:c3:98:
93:ce:34:92:9a:2f:fd:2d:ea:98:c4:41:fe:70:c7:f7:0e:0a:
2d:84:bb:63:81:7e:20:89:b8:56:9e:f7:79:8c:34:db:9b:f3:
88:06:e0:60:e8:23:ef:00:56:a4:c4:e1:cc:8b:65:d6:5c:78:
34:95:83:c1:24:14:81:62:9e:4b:f3:17:3d:6f:b2:63:53:8f:
16:1e:a5:c8:06:35:e1:08:36:b5:25:56:55:85:b4:51:cc:90:
cd:de:fe:6e:78:c3:89:e6:5e:70:2c:62:b1:8c:7c:07:9d:1c:
d0:44:34:82
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnbgHvogPHtxNgcRc76glAaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA5MTgxMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWEzNTU5ZDVmM2E3N2ZhZDQ5YzQxNTVlOWI4YTczOGU0MDY3OTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8qbPLi15r1TI7/CfRla2v3C/HLq
oIXVDj/kafB2BKnBd2F1yfzHtqECJfUDcULXsZgejQIaLUJUZX/D3YSBy35pnY3S
Lj8Hex7rdtzomHjqTtPZaPN3Hk9ZY6CnhDVcnfsAEAeLvTUOVJcDVpjFNKppqg9b
kRM9G+bEKA8bEUS8tKTOzS88RnfWUxOafUs9wthlwyc9MOHJOvRPw9wAEPEv24Jc
Kn1HzFGi4o/tFFrI/lT/zaYbPCGCCcAIzPCcIFhq//H/X+OtvtAQmtf/8hwxya/i
C4pLJy4g7wV6QRjVkPavGgtN0GMZ0bUfyZgGn31c/UnjYWXGPpDoT3ygBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCmjVZ1fOnf61JxBVem4pzjkBnlwMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS2FOVm5WODZkX3JVbkVGVjZiaW5PT1FHZVhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFJBNG8OkM2Qg2ReZMVp
tJrQA9aDbWFkujYAomwFPdpLS68WAOL21LwdD0O+ZnyPduXcIuGWOiyKLiQO1uA4
seWgFDWTVwaW74rFc2dTqIU4ZIb6pJhvcyJ8zrlOE/dXCqX4HswbgKGihEjIg2TW
Dt/B5UyhRBn45A06CQ+k+8WlOvBKqqTziFt9nwfI+VnDmJPONJKaL/0t6pjEQf5w
x/cOCi2Eu2OBfiCJuFae93mMNNub84gG4GDoI+8AVqTE4cyLZdZceDSVg8EkFIFi
nkvzFz1vsmNTjxYepcgGNeEINrUlVlWFtFHMkM3e/m54w4nmXnAsYrGMfAedHNBE
NII=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:40:39 2025 by rpki-client