Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KiJnsPxOdOBkOi8nv8DiZJAICOI.roa
File: KiJnsPxOdOBkOi8nv8DiZJAICOI.roa (raw, json)
Hash identifier: v7Y6uO9miF80MvY4GIo6OamgJiNuqLQD69GHxPP6XxM=
Subject key identifier: 2A:22:67:B0:FC:4E:74:E0:64:3A:2F:27:BF:C0:E2:64:90:08:08:E2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185993AB53D6B666F260C32B34ECCC6636F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KiJnsPxOdOBkOi8nv8DiZJAICOI.roa
Signing time: Tue 10 Jan 2023 01:10:39 +0000
ROA not before: Tue 10 Jan 2023 01:10:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:99:3a:b5:3d:6b:66:6f:26:0c:32:b3:4e:cc:c6:63:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 10 01:10:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a2267b0fc4e74e0643a2f27bfc0e264900808e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f0:df:52:ed:c1:4e:56:77:15:42:47:a7:da:
26:95:b6:bf:54:5a:81:df:38:d2:37:41:47:43:f8:
4c:01:57:83:f1:34:cb:e5:2f:40:ab:67:0d:98:a5:
16:7e:55:43:05:1f:53:5d:50:e6:3c:d7:de:99:e4:
7f:57:3f:21:08:b4:3b:e8:b0:bc:77:f7:a8:86:f9:
de:4a:3a:c9:86:d0:54:d8:17:80:9e:55:6b:f9:35:
d0:d4:95:fb:dc:e2:50:0a:81:e6:26:41:45:0b:57:
a0:e9:f9:e1:22:e3:37:06:3c:e3:e3:18:04:4c:22:
5d:40:30:87:d8:a7:07:37:e1:0a:1d:d5:05:ef:9a:
a4:14:b6:1d:de:61:2a:db:d7:6b:7a:75:0d:92:1c:
cf:32:5c:78:c5:5d:4c:c6:b5:4f:bd:ea:3b:2b:07:
d8:eb:35:50:24:c5:21:1e:e5:db:82:dd:a9:36:53:
f8:3f:12:5c:28:26:c9:97:49:b8:b9:2f:ce:ac:f9:
83:14:4c:17:dc:5a:dc:56:d3:a7:c4:10:8a:2b:e5:
c3:44:8f:21:cc:04:a9:aa:5c:e4:7e:0f:e4:79:d4:
b3:e7:c0:93:d6:c4:44:ea:3c:ef:dd:37:e2:d6:51:
6a:bc:02:30:cf:9b:8d:95:fa:62:17:df:73:ff:3a:
0a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:22:67:B0:FC:4E:74:E0:64:3A:2F:27:BF:C0:E2:64:90:08:08:E2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KiJnsPxOdOBkOi8nv8DiZJAICOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
65:bd:a4:fb:88:61:8f:15:80:75:22:2c:4c:70:8e:eb:44:80:
e6:62:88:ad:8c:53:9a:40:13:97:3d:70:02:66:b4:08:e7:e4:
69:ff:bc:cb:9f:9a:2a:e9:da:8f:12:b9:78:e4:cb:5d:19:84:
ec:8f:3d:69:90:46:9b:23:ef:07:84:99:0a:8f:70:61:53:52:
7b:c2:d8:d6:6c:f2:51:0a:05:3e:b7:33:e5:70:20:fa:d2:5e:
44:8b:da:9a:4b:b3:f5:59:8e:86:4a:0d:e5:55:29:98:4b:c6:
2a:39:53:df:6b:de:d4:43:90:16:7a:1c:a8:95:36:8b:22:fd:
03:23:6b:a7:fb:1b:d1:b3:bf:bb:da:d1:3b:a3:e6:43:db:70:
82:55:9e:fb:20:7f:6f:bf:59:34:b0:8f:e5:63:3f:a7:cb:ee:
13:04:42:05:ba:a4:db:63:d3:7f:b6:b5:ad:89:b4:c1:e7:6f:
cc:37:47:e6:40:9a:30:c7:5e:00:bc:0b:c2:ab:1f:18:47:b1:
11:9b:a3:c1:22:af:d3:aa:df:fc:ca:56:8a:27:c6:d9:73:e6:
d1:23:c4:2c:24:3d:94:39:65:58:a8:79:fb:2a:e4:44:de:c3:
a0:39:86:f7:f8:92:05:85:3d:c6:4c:ea:12:0b:d0:e8:18:a5:
2f:19:07:4a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWZOrU9a2ZvJgwys07MxmNvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTEwMDExMDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTIyNjdiMGZjNGU3NGUwNjQzYTJmMjdiZmMwZTI2NDkwMDgwOGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvDfUu3BTlZ3FUJHp9omlba/VFqB
3zjSN0FHQ/hMAVeD8TTL5S9Aq2cNmKUWflVDBR9TXVDmPNfemeR/Vz8hCLQ76LC8
d/eohvneSjrJhtBU2BeAnlVr+TXQ1JX73OJQCoHmJkFFC1eg6fnhIuM3Bjzj4xgE
TCJdQDCH2KcHN+EKHdUF75qkFLYd3mEq29drenUNkhzPMlx4xV1MxrVPveo7KwfY
6zVQJMUhHuXbgt2pNlP4PxJcKCbJl0m4uS/OrPmDFEwX3FrcVtOnxBCKK+XDRI8h
zASpqlzkfg/kedSz58CT1sRE6jzv3Tfi1lFqvAIwz5uNlfpiF99z/zoKvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCoiZ7D8TnTgZDovJ7/A4mSQCAjiMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS2lKbnNQeE9kT0JrT2k4bnY4RGlaSkFJQ09JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGW9pPuIYY8VgHUiLExw
jutEgOZiiK2MU5pAE5c9cAJmtAjn5Gn/vMufmirp2o8SuXjky10ZhOyPPWmQRpsj
7weEmQqPcGFTUnvC2NZs8lEKBT63M+VwIPrSXkSL2ppLs/VZjoZKDeVVKZhLxio5
U99r3tRDkBZ6HKiVNosi/QMja6f7G9Gzv7va0Tuj5kPbcIJVnvsgf2+/WTSwj+Vj
P6fL7hMEQgW6pNtj03+2ta2JtMHnb8w3R+ZAmjDHXgC8C8KrHxhHsRGbo8Eir9Oq
3/zKVoonxtlz5tEjxCwkPZQ5ZVioefsq5ETew6A5hvf4kgWFPcZM6hIL0OgYpS8Z
B0o=
-----END CERTIFICATE-----
Generated at Thu May 1 15:51:19 2025 by rpki-client