Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KkAMp0H9lZa_bD-7DGwHiwZgS2E.roa
File: KkAMp0H9lZa_bD-7DGwHiwZgS2E.roa (raw, json)
Hash identifier: 1lsEOX3j5wqyUR5wYmCL+ApwCZ/7z3KjnkLSXDX3sTk=
Subject key identifier: 2A:40:0C:A7:41:FD:95:96:BF:6C:3F:BB:0C:6C:07:8B:06:60:4B:61
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185778991F8C369A2EC30791A9F9D40CB17
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KkAMp0H9lZa_bD-7DGwHiwZgS2E.roa
Signing time: Tue 03 Jan 2023 12:09:42 +0000
ROA not before: Tue 03 Jan 2023 12:09:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:77:89:91:f8:c3:69:a2:ec:30:79:1a:9f:9d:40:cb:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 3 12:09:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a400ca741fd9596bf6c3fbb0c6c078b06604b61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:4f:d9:1b:9e:6e:d8:90:94:74:02:b0:ad:4d:
4d:49:22:58:b4:96:d0:36:85:88:c0:a7:a2:e8:67:
fc:00:7f:6d:2b:40:1e:25:e3:49:96:62:ee:97:0e:
55:0b:62:55:a6:a7:ca:5d:8d:e4:26:68:39:75:a9:
e0:12:3e:f4:8b:83:9d:c8:ad:73:6b:90:40:d8:f2:
d1:45:3d:f1:6e:e1:61:45:39:44:e2:20:40:d3:e5:
3a:50:f2:86:c2:39:8c:d2:82:54:f3:e3:9d:ef:1a:
83:1d:5c:0e:6a:11:8c:11:01:b0:8c:75:3f:33:57:
b0:ce:4a:e2:9d:d9:bd:50:98:37:13:78:de:53:0a:
ac:ca:04:40:be:4d:64:80:ba:4a:92:29:2b:d8:e5:
59:53:57:ff:e2:2b:5f:99:e0:a6:75:b9:dd:03:a8:
80:1d:f4:0e:fa:43:37:b4:51:32:6b:86:7f:44:56:
0e:a3:89:8a:d4:73:4f:6c:8b:c0:86:3a:29:d8:94:
d8:86:6e:68:b0:65:f6:2d:b1:19:c6:82:3e:82:2d:
c0:75:d3:ff:e1:c1:d2:c2:8c:23:4f:70:4b:15:1f:
e3:4b:5f:da:d6:70:e2:15:8d:2e:06:9c:85:3b:f3:
b2:d2:6c:70:8d:f0:bd:80:b1:df:a4:c0:78:a6:13:
b5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:40:0C:A7:41:FD:95:96:BF:6C:3F:BB:0C:6C:07:8B:06:60:4B:61
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KkAMp0H9lZa_bD-7DGwHiwZgS2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:c9:c2:a5:2f:f8:78:af:32:4f:20:f8:4b:06:6a:db:d1:c1:
d0:5b:d0:70:b1:47:e5:d0:09:1d:75:67:e3:bf:c5:8f:ca:31:
b3:c5:d0:3d:58:23:ff:7d:82:54:b2:83:5c:d2:fe:67:08:e5:
3e:82:b5:17:b6:52:d1:df:c5:ec:70:35:61:b3:8b:dd:14:0d:
25:94:77:18:70:c3:cb:8e:9d:76:5e:31:5e:ea:cc:71:46:da:
c2:78:d7:73:34:13:ea:8d:f1:a2:8e:37:6e:b2:5f:2d:7d:2e:
8f:6d:b7:f6:d8:5d:b3:ed:1e:e8:6d:80:4e:5e:24:a3:2e:24:
e5:a8:30:ea:fd:e6:0e:79:dd:94:f0:a2:84:56:b5:e8:75:38:
f4:94:b6:f3:f4:b9:55:7d:ba:3a:e8:e5:30:d4:0f:13:f4:64:
e3:c6:d5:36:d1:ae:2b:17:24:18:4f:d3:ca:01:a3:19:1b:ab:
c8:fe:be:ce:ea:71:4a:22:8d:23:a5:db:74:7d:e4:b4:37:ff:
ef:c3:e1:b1:0c:8e:2a:fa:cd:e4:9c:b5:a8:f6:e8:75:16:6f:
e0:2e:37:30:4a:2b:12:be:93:4b:2f:6c:1f:d0:7d:8d:e9:ff:
6e:db:cd:d7:92:b3:ff:79:bf:00:58:91:4d:08:3a:53:0b:55:
e6:ed:e5:9b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYV3iZH4w2mi7DB5Gp+dQMsXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTAzMTIwOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTQwMGNhNzQxZmQ5NTk2YmY2YzNmYmIwYzZjMDc4YjA2NjA0YjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA60/ZG55u2JCUdAKwrU1NSSJYtJbQ
NoWIwKei6Gf8AH9tK0AeJeNJlmLulw5VC2JVpqfKXY3kJmg5dangEj70i4OdyK1z
a5BA2PLRRT3xbuFhRTlE4iBA0+U6UPKGwjmM0oJU8+Od7xqDHVwOahGMEQGwjHU/
M1ewzkrindm9UJg3E3jeUwqsygRAvk1kgLpKkikr2OVZU1f/4itfmeCmdbndA6iA
HfQO+kM3tFEya4Z/RFYOo4mK1HNPbIvAhjop2JTYhm5osGX2LbEZxoI+gi3AddP/
4cHSwowjT3BLFR/jS1/a1nDiFY0uBpyFO/Oy0mxwjfC9gLHfpMB4phO1swIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCpADKdB/ZWWv2w/uwxsB4sGYEthMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS2tBTXAwSDlsWmFfYkQtN0RHd0hpd1pnUzJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFHJwqUv+HivMk8g+EsG
atvRwdBb0HCxR+XQCR11Z+O/xY/KMbPF0D1YI/99glSyg1zS/mcI5T6CtRe2UtHf
xexwNWGzi90UDSWUdxhww8uOnXZeMV7qzHFG2sJ413M0E+qN8aKON26yXy19Lo9t
t/bYXbPtHuhtgE5eJKMuJOWoMOr95g553ZTwooRWteh1OPSUtvP0uVV9ujro5TDU
DxP0ZOPG1TbRrisXJBhP08oBoxkbq8j+vs7qcUoijSOl23R95LQ3/+/D4bEMjir6
zeSctaj26HUWb+AuNzBKKxK+k0svbB/QfY3p/27bzdeSs/95vwBYkU0IOlMLVebt
5Zs=
-----END CERTIFICATE-----
Generated at Sat May 3 14:04:03 2025 by rpki-client