Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KdH5xLCU0E_er_Aun3U8DuU3S-4.roa
File: KdH5xLCU0E_er_Aun3U8DuU3S-4.roa (raw, json)
Hash identifier: Xn36UYv+cZRN7nZGp7w/h7/glFHnUJR5hVFyOeIjhpg=
Subject key identifier: 29:D1:F9:C4:B0:94:D0:4F:DE:AF:F0:2E:9F:75:3C:0E:E5:37:4B:EE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186556B2EADBC2509DB7CCDE0333AE343E9
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KdH5xLCU0E_er_Aun3U8DuU3S-4.roa
Signing time: Wed 15 Feb 2023 14:12:13 +0000
ROA not before: Wed 15 Feb 2023 14:12:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:55:6b:2e:ad:bc:25:09:db:7c:cd:e0:33:3a:e3:43:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 15 14:12:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29d1f9c4b094d04fdeaff02e9f753c0ee5374bee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:86:51:a3:ec:29:eb:73:19:8a:fb:c6:3c:d7:
1e:53:8f:83:d0:27:f6:11:da:cd:82:af:56:1f:4f:
64:33:78:09:3a:27:f4:bd:b1:f6:4a:9d:04:73:be:
2c:23:d8:f8:82:14:d3:19:a1:5b:77:1c:7e:20:e6:
c5:8d:f2:1e:e1:c6:b9:db:e4:d7:96:42:57:4e:eb:
49:e2:17:0a:c6:ec:31:0e:20:83:9c:7a:9d:c2:ee:
04:f1:ef:fc:53:1f:fb:e0:cb:f2:b1:24:c0:b9:49:
9a:73:68:a5:f9:c6:b3:1b:5a:07:9b:10:91:c2:bf:
1e:dc:8d:9e:fd:a6:a4:c0:01:5c:a6:85:c8:f3:94:
98:77:c1:5b:8a:12:6f:82:ed:3a:9a:d1:82:1a:2b:
84:13:3e:54:e7:dc:0b:21:bc:12:52:89:a2:49:e6:
20:2f:d1:cf:dd:24:7a:3f:be:c2:fd:99:71:96:df:
c4:93:ac:83:50:00:95:64:3a:80:59:38:e9:6a:79:
43:94:46:b0:00:5d:fe:d0:f6:4a:45:db:a2:31:d9:
99:0b:1d:c6:53:10:57:1e:32:b8:ff:ff:05:2b:e3:
dc:58:01:a3:0f:95:49:cf:4e:46:32:34:fb:35:73:
22:f2:c4:a9:09:56:f6:ea:78:6a:7a:b5:89:e2:b3:
0d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:D1:F9:C4:B0:94:D0:4F:DE:AF:F0:2E:9F:75:3C:0E:E5:37:4B:EE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KdH5xLCU0E_er_Aun3U8DuU3S-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
05:9d:40:d6:74:60:72:68:93:96:c4:a5:8f:cd:64:f9:bc:79:
03:63:ab:c2:85:be:99:2a:ae:07:79:11:31:8f:b5:03:99:7c:
11:ca:bb:9a:bc:e1:02:db:28:21:88:35:2a:83:3b:a2:d9:4c:
e3:3f:a9:b3:a0:fe:03:90:a4:99:13:fb:59:8b:eb:6e:f5:40:
6a:c2:6d:b8:fd:4a:fb:6e:0e:3f:dd:fb:4e:9d:95:58:fd:93:
d4:fa:14:84:85:99:08:03:d1:e4:c7:22:22:91:2a:59:20:b8:
6b:e4:f4:59:48:c3:86:24:24:6d:e7:da:dc:a9:44:70:65:a6:
0b:ce:b4:0f:02:1d:ee:de:3c:14:0c:ed:28:2d:0e:16:40:fe:
58:e5:bb:ba:c9:e3:78:c9:a4:55:43:61:9a:09:7c:25:2c:d3:
dc:ab:0e:fd:df:f8:fa:8c:b8:94:5e:8a:51:c0:64:4b:77:9c:
f5:e4:24:59:25:43:b1:aa:61:fe:32:3c:4a:f8:17:59:e3:8a:
52:fa:0c:80:ec:fc:57:86:8d:c3:d9:62:ef:ff:d5:c0:fe:3c:
f8:0b:df:f7:c9:80:ff:82:aa:43:6d:56:6f:39:b9:56:dc:ae:
9c:ef:39:09:17:02:9c:46:68:3f:5d:d1:fa:e3:39:b6:54:1e:
76:67:8f:cd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZVay6tvCUJ23zN4DM640PpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE1MTQxMjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWQxZjljNGIwOTRkMDRmZGVhZmYwMmU5Zjc1M2MwZWU1Mzc0YmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioZRo+wp63MZivvGPNceU4+D0Cf2
EdrNgq9WH09kM3gJOif0vbH2Sp0Ec74sI9j4ghTTGaFbdxx+IObFjfIe4ca52+TX
lkJXTutJ4hcKxuwxDiCDnHqdwu4E8e/8Ux/74MvysSTAuUmac2il+cazG1oHmxCR
wr8e3I2e/aakwAFcpoXI85SYd8FbihJvgu06mtGCGiuEEz5U59wLIbwSUomiSeYg
L9HP3SR6P77C/Zlxlt/Ek6yDUACVZDqAWTjpanlDlEawAF3+0PZKRduiMdmZCx3G
UxBXHjK4//8FK+PcWAGjD5VJz05GMjT7NXMi8sSpCVb26nhqerWJ4rMNnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCnR+cSwlNBP3q/wLp91PA7lN0vuMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS2RINXhMQ1UwRV9lcl9BdW4zVThEdVUzUy00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAWdQNZ0YHJok5bEpY/N
ZPm8eQNjq8KFvpkqrgd5ETGPtQOZfBHKu5q84QLbKCGINSqDO6LZTOM/qbOg/gOQ
pJkT+1mL6271QGrCbbj9SvtuDj/d+06dlVj9k9T6FISFmQgD0eTHIiKRKlkguGvk
9FlIw4YkJG3n2typRHBlpgvOtA8CHe7ePBQM7SgtDhZA/ljlu7rJ43jJpFVDYZoJ
fCUs09yrDv3f+PqMuJReilHAZEt3nPXkJFklQ7GqYf4yPEr4F1njilL6DIDs/FeG
jcPZYu//1cD+PPgL3/fJgP+CqkNtVm85uVbcrpzvOQkXApxGaD9d0frjObZUHnZn
j80=
-----END CERTIFICATE-----
Generated at Thu May 1 17:47:55 2025 by rpki-client