Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KhX8g6PF7pihWORuzM1WktWqEE4.roa
File: KhX8g6PF7pihWORuzM1WktWqEE4.roa (raw, json)
Hash identifier: JoRKjbFxQpeUCLAnf08yZes608l5nvz6cxV3jsya3ls=
Subject key identifier: 2A:15:FC:83:A3:C5:EE:98:A1:58:E4:6E:CC:CD:56:92:D5:AA:10:4E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189BC996B8CE2C9891E32AE1496CC7C237B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KhX8g6PF7pihWORuzM1WktWqEE4.roa
Signing time: Thu 03 Aug 2023 18:11:58 +0000
ROA not before: Thu 03 Aug 2023 18:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bc:99:6b:8c:e2:c9:89:1e:32:ae:14:96:cc:7c:23:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 3 18:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a15fc83a3c5ee98a158e46ecccd5692d5aa104e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:aa:78:1b:81:5a:56:d8:c9:5e:55:c8:1a:f5:
9c:b2:1a:71:e8:8f:e2:55:fa:ae:24:8c:e9:e8:7f:
bf:57:32:8c:41:34:1d:82:9c:82:47:5f:13:b2:e7:
2a:ee:d2:be:23:59:3c:88:d4:ce:b2:f6:38:df:f5:
0a:2b:57:99:5f:7e:5a:25:41:7b:b7:50:6b:27:ee:
d1:32:32:fa:4b:88:d2:b5:dc:e8:f1:13:da:2e:85:
23:9e:d3:5c:9b:bf:49:d9:74:4b:79:6a:3c:d5:7f:
84:a4:21:c1:5a:ea:e6:e7:42:58:81:80:b3:3e:a2:
2f:ea:55:82:b1:23:0f:80:db:f8:22:b2:6a:43:30:
f1:34:80:f0:4e:15:2a:0b:c4:df:61:7a:50:76:e9:
6e:ac:ca:f8:05:f2:ee:17:5a:30:80:cf:d3:52:00:
ae:6b:85:8c:dd:6a:5c:64:97:b2:50:52:ca:3b:d8:
f0:ab:62:06:67:52:7f:fb:30:cf:b8:a9:92:89:2f:
1b:43:f8:c9:4f:e6:91:2b:2a:4c:22:e7:5a:85:3d:
56:68:24:7d:be:6a:11:a1:fd:54:8c:0e:a1:81:38:
26:f4:eb:23:98:bf:4e:38:f1:e9:f8:ce:a2:a4:c6:
cf:e8:18:61:38:a8:fa:26:1d:6c:ef:a7:cd:89:f5:
54:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:15:FC:83:A3:C5:EE:98:A1:58:E4:6E:CC:CD:56:92:D5:AA:10:4E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KhX8g6PF7pihWORuzM1WktWqEE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5d:ac:b5:fd:1f:4f:77:82:f6:0c:43:0b:e2:ca:f5:6c:35:ac:
dd:b6:4e:e0:8c:e3:35:7b:e5:ec:d6:98:7e:e3:70:d6:99:af:
b7:38:1f:19:c3:9c:30:3b:cf:e4:80:25:5c:91:50:0f:ad:8a:
97:ce:ee:80:6d:bd:ef:60:52:a2:4d:b6:6b:fb:55:a8:b5:07:
06:8b:37:c2:73:68:11:d7:b0:09:22:5c:83:6e:d6:14:92:0e:
b6:ea:a3:fd:2a:35:69:a0:e5:df:75:06:32:d5:80:51:a2:05:
63:b3:17:31:c9:62:f0:1f:03:22:b1:30:a3:78:a6:2f:eb:d5:
04:48:8a:6d:96:ea:15:8d:cf:6a:af:d3:a9:b2:c7:21:2f:fe:
a9:ad:a2:73:7b:36:65:48:62:07:11:ba:0e:05:59:32:2f:98:
55:03:e0:08:19:bf:d1:26:06:af:29:5c:d0:2c:c0:97:85:af:
6d:f3:35:49:f9:64:f2:ea:e1:70:9f:69:5c:a6:f1:50:a0:f7:
44:90:44:69:49:b4:03:b4:d8:18:38:85:72:3e:67:f6:1c:be:
50:9e:3e:fc:93:90:19:7a:27:f8:20:84:1b:6c:8e:8e:ea:b5:
5c:fa:60:e5:cc:58:f4:d4:98:63:3d:ec:cc:89:61:62:c5:e7:
77:37:18:ab
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYm8mWuM4smJHjKuFJbMfCN7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODAzMTgxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTE1ZmM4M2EzYzVlZTk4YTE1OGU0NmVjY2NkNTY5MmQ1YWExMDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqp4G4FaVtjJXlXIGvWcshpx6I/i
VfquJIzp6H+/VzKMQTQdgpyCR18Tsucq7tK+I1k8iNTOsvY43/UKK1eZX35aJUF7
t1BrJ+7RMjL6S4jStdzo8RPaLoUjntNcm79J2XRLeWo81X+EpCHBWurm50JYgYCz
PqIv6lWCsSMPgNv4IrJqQzDxNIDwThUqC8TfYXpQdulurMr4BfLuF1owgM/TUgCu
a4WM3WpcZJeyUFLKO9jwq2IGZ1J/+zDPuKmSiS8bQ/jJT+aRKypMIudahT1WaCR9
vmoRof1UjA6hgTgm9OsjmL9OOPHp+M6ipMbP6BhhOKj6Jh1s76fNifVUSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCoV/IOjxe6YoVjkbszNVpLVqhBOMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS2hYOGc2UEY3cGloV09SdXpNMVdrdFdxRUU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF2stf0fT3eC9gxDC+LK
9Ww1rN22TuCM4zV75ezWmH7jcNaZr7c4HxnDnDA7z+SAJVyRUA+tipfO7oBtve9g
UqJNtmv7Vai1BwaLN8JzaBHXsAkiXINu1hSSDrbqo/0qNWmg5d91BjLVgFGiBWOz
FzHJYvAfAyKxMKN4pi/r1QRIim2W6hWNz2qv06myxyEv/qmtonN7NmVIYgcRug4F
WTIvmFUD4AgZv9EmBq8pXNAswJeFr23zNUn5ZPLq4XCfaVym8VCg90SQRGlJtAO0
2Bg4hXI+Z/YcvlCePvyTkBl6J/gghBtsjo7qtVz6YOXMWPTUmGM97MyJYWLF53c3
GKs=
-----END CERTIFICATE-----
Generated at Fri May 2 09:50:59 2025 by rpki-client