Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KhEMDBD3MBv8vSmBFfKU90sYFsE.roa
File: KhEMDBD3MBv8vSmBFfKU90sYFsE.roa (raw, json)
Hash identifier: gb26va85uk4YlA7NIo7JK+151sCf/tOwEgN922OgGhU=
Subject key identifier: 2A:11:0C:0C:10:F7:30:1B:FC:BD:29:81:15:F2:94:F7:4B:18:16:C1
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018977140131948667C3FC16EEC61A2F78EF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KhEMDBD3MBv8vSmBFfKU90sYFsE.roa
Signing time: Fri 21 Jul 2023 06:12:26 +0000
ROA not before: Fri 21 Jul 2023 06:12:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:77:14:01:31:94:86:67:c3:fc:16:ee:c6:1a:2f:78:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 21 06:12:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a110c0c10f7301bfcbd298115f294f74b1816c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b6:78:ab:6c:0f:68:0d:4b:a7:15:f4:f5:d2:
25:d7:ff:8e:e0:cc:cc:2f:2e:da:67:6f:fd:57:22:
aa:45:75:8d:b2:87:bf:60:c1:d5:b0:35:dc:02:43:
21:7a:45:ad:8b:37:4e:b3:ad:49:f2:c6:d3:fa:f8:
5d:a7:5f:05:f6:7d:fe:4a:89:56:59:95:1c:19:7d:
d6:c4:cd:e3:82:2c:70:78:d6:c1:f3:5a:5a:a0:10:
8a:b4:95:8d:51:b9:2c:07:73:d6:cb:9b:92:d7:d3:
7c:e1:86:35:cf:f9:37:f7:50:ab:c1:82:fb:a9:00:
17:ae:7a:4f:7f:50:10:a2:aa:85:55:93:7d:11:77:
e2:04:5f:9c:fa:81:7c:c2:60:73:7f:8a:25:82:87:
70:65:51:3e:b3:7d:da:a2:98:71:ed:f2:f2:70:dc:
ff:72:d1:03:8a:ec:53:43:50:84:f1:8e:52:c8:08:
9e:92:55:c1:4a:da:5f:88:92:dc:4e:07:61:6b:c6:
96:96:c6:49:dd:55:f7:71:ec:98:f9:83:f3:b3:d0:
66:34:6e:b7:19:e7:2c:04:69:99:f6:b8:4e:31:b2:
94:c7:70:d7:da:b5:bb:85:27:5c:23:e5:e6:5d:2a:
90:3b:de:01:64:08:a1:03:99:2b:c0:1c:ef:12:28:
03:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:11:0C:0C:10:F7:30:1B:FC:BD:29:81:15:F2:94:F7:4B:18:16:C1
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KhEMDBD3MBv8vSmBFfKU90sYFsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:f9:6f:3c:8e:aa:a4:70:9a:8d:10:b1:9c:b6:b7:2d:03:0b:
15:92:20:42:4d:95:a9:e4:80:03:4a:1a:90:a0:94:5e:99:1a:
49:cf:9e:2e:bc:93:36:5f:0d:08:32:a0:a9:1c:8c:eb:3b:5e:
0a:1d:35:8a:93:1f:b5:61:97:12:06:d9:25:e3:4a:d8:66:a4:
57:81:ce:d7:cd:85:a8:d7:8f:70:71:ae:53:c1:6a:7a:e2:fb:
5a:22:cd:ae:70:37:6e:9b:12:bf:71:6c:aa:66:dc:08:b9:6f:
b3:a7:ea:75:a5:38:23:48:b9:c3:ab:99:83:29:57:80:6e:b4:
4a:a1:01:cb:f3:cc:03:6f:b0:d3:83:79:4c:04:9f:f2:ec:83:
61:29:12:d8:45:7d:b0:5e:79:92:80:e1:60:d6:98:45:d2:5b:
a5:9f:d0:1a:1a:0e:7d:90:bd:35:18:b8:00:0f:32:78:f0:f5:
73:a8:d7:d4:ac:a1:73:c0:ae:94:7a:dc:df:27:df:8b:f6:b7:
50:39:a9:1a:91:f2:f0:4e:f3:28:bd:d8:ab:ef:42:8e:ba:ea:
3f:40:98:7c:69:7f:02:3b:59:50:72:16:69:ae:c1:ee:35:27:
32:dd:fe:ba:13:36:a6:7d:d4:fe:50:ca:0e:3e:30:63:ae:c8:
5b:9d:a4:3a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYl3FAExlIZnw/wW7sYaL3jvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzIxMDYxMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTExMGMwYzEwZjczMDFiZmNiZDI5ODExNWYyOTRmNzRiMTgxNmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbZ4q2wPaA1LpxX09dIl1/+O4MzM
Ly7aZ2/9VyKqRXWNsoe/YMHVsDXcAkMhekWtizdOs61J8sbT+vhdp18F9n3+SolW
WZUcGX3WxM3jgixweNbB81paoBCKtJWNUbksB3PWy5uS19N84YY1z/k391CrwYL7
qQAXrnpPf1AQoqqFVZN9EXfiBF+c+oF8wmBzf4olgodwZVE+s33aophx7fLycNz/
ctEDiuxTQ1CE8Y5SyAieklXBStpfiJLcTgdha8aWlsZJ3VX3ceyY+YPzs9BmNG63
GecsBGmZ9rhOMbKUx3DX2rW7hSdcI+XmXSqQO94BZAihA5krwBzvEigD8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCoRDAwQ9zAb/L0pgRXylPdLGBbBMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS2hFTURCRDNNQnY4dlNtQkZmS1U5MHNZRnNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA35bzyOqqRwmo0QsZy2
ty0DCxWSIEJNlankgANKGpCglF6ZGknPni68kzZfDQgyoKkcjOs7XgodNYqTH7Vh
lxIG2SXjSthmpFeBztfNhajXj3BxrlPBanri+1oiza5wN26bEr9xbKpm3Ai5b7On
6nWlOCNIucOrmYMpV4ButEqhAcvzzANvsNODeUwEn/Lsg2EpEthFfbBeeZKA4WDW
mEXSW6Wf0BoaDn2QvTUYuAAPMnjw9XOo19SsoXPArpR63N8n34v2t1A5qRqR8vBO
8yi92KvvQo666j9AmHxpfwI7WVByFmmuwe41JzLd/roTNqZ91P5Qyg4+MGOuyFud
pDo=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:27:34 2025 by rpki-client