Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KkRTBTF7QXstvX0BLBGPY9hyMTM.roa
File: KkRTBTF7QXstvX0BLBGPY9hyMTM.roa (raw, json)
Hash identifier: pqbm/FKgdcAgrvmM8TNa0Vr0vlYsqtsquvj4cMesh5c=
Subject key identifier: 2A:44:53:05:31:7B:41:7B:2D:BD:7D:01:2C:11:8F:63:D8:72:31:33
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184D21B13A2FB5E37F0F5CE3DB626EA279F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KkRTBTF7QXstvX0BLBGPY9hyMTM.roa
Signing time: Fri 02 Dec 2022 09:11:40 +0000
ROA not before: Fri 02 Dec 2022 09:11:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:1b:13:a2:fb:5e:37:f0:f5:ce:3d:b6:26:ea:27:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 2 09:11:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a445305317b417b2dbd7d012c118f63d8723133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:58:da:0c:f4:27:e1:73:e8:6c:e0:4e:d9:39:
9b:ad:0e:5c:b7:aa:af:87:00:e3:ab:02:0c:d3:2d:
23:4a:48:03:d5:0a:24:ae:2d:46:f5:75:26:78:06:
a0:c9:bd:ad:48:b5:e7:0f:ad:86:8c:83:2c:4f:72:
b1:20:a7:fd:1f:9f:4f:bb:f1:58:b6:4b:2f:76:bc:
e2:31:1b:f8:ea:d1:3d:b9:2b:05:8f:5d:cf:bf:87:
e6:65:6d:26:0b:a3:5d:ed:c6:80:c1:fe:17:2c:f2:
ba:83:3c:24:92:22:6f:b6:df:6f:c7:25:91:e6:a4:
6a:8c:70:32:90:2e:b6:0b:ab:01:65:be:3c:7e:d5:
3c:08:ea:07:2d:3f:bd:2d:a8:f5:3b:03:e4:bb:ea:
8b:cf:95:f0:a9:06:3b:6d:7e:ca:53:37:4d:df:bd:
68:99:5c:64:55:40:fd:81:64:ac:9c:12:77:b7:d6:
cc:f0:ad:09:a3:de:ea:16:2a:1c:6a:e5:1e:13:43:
b7:cd:c5:02:35:6c:fd:e5:14:46:74:0d:ed:77:5c:
8a:fe:a4:6c:df:75:6b:97:44:36:f5:5a:ba:d6:86:
73:60:bf:94:3b:35:62:4f:ec:bc:62:c7:32:b2:bb:
59:8a:51:19:f9:3c:9e:db:c0:de:40:ec:12:37:71:
86:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:44:53:05:31:7B:41:7B:2D:BD:7D:01:2C:11:8F:63:D8:72:31:33
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KkRTBTF7QXstvX0BLBGPY9hyMTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b4:30:76:a2:1e:f2:1a:a1:54:98:6c:c6:24:74:13:b4:47:09:
7d:46:da:dc:f7:e3:d5:f1:83:bd:b2:28:f3:76:92:63:26:09:
fe:f3:ac:af:63:a7:67:86:13:0d:b5:1f:56:a1:3f:cf:91:f1:
8e:e3:4b:d8:47:3e:40:a6:46:0c:c6:35:82:d9:58:2e:78:e4:
31:45:a5:84:d1:56:d8:44:10:bd:5d:a5:6b:df:1d:f8:26:a3:
11:10:3d:06:85:23:9c:11:41:00:1f:28:53:6b:1d:f9:e4:88:
a7:17:d8:c6:b5:30:50:69:5e:af:83:5d:13:61:ca:b1:9b:fa:
d6:1f:70:2f:a3:a2:86:41:56:3a:f7:2a:e2:ce:25:36:ad:22:
99:fd:e1:aa:ea:65:58:aa:2e:a7:62:1d:2d:eb:8e:66:bd:80:
34:e3:a1:ab:4f:5f:c9:e7:00:aa:7b:7a:0d:51:99:fb:29:65:
85:a6:43:21:92:88:60:bf:db:c9:35:1a:7c:fb:7d:8f:4b:fc:
fd:6f:3b:aa:df:f2:ca:48:9d:59:c1:de:56:83:95:83:2c:4c:
19:e4:5d:c4:36:7c:ff:e6:ff:e0:29:36:c0:a8:fa:6f:dc:b6:
d9:2f:02:5f:ef:c3:60:b0:8c:78:b7:bf:ca:45:44:c2:4f:8d:
75:71:db:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTSGxOi+1438PXOPbYm6iefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjAyMDkxMTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTQ0NTMwNTMxN2I0MTdiMmRiZDdkMDEyYzExOGY2M2Q4NzIzMTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhljaDPQn4XPobOBO2TmbrQ5ct6qv
hwDjqwIM0y0jSkgD1Qokri1G9XUmeAagyb2tSLXnD62GjIMsT3KxIKf9H59Pu/FY
tksvdrziMRv46tE9uSsFj13Pv4fmZW0mC6Nd7caAwf4XLPK6gzwkkiJvtt9vxyWR
5qRqjHAykC62C6sBZb48ftU8COoHLT+9Laj1OwPku+qLz5XwqQY7bX7KUzdN371o
mVxkVUD9gWSsnBJ3t9bM8K0Jo97qFiocauUeE0O3zcUCNWz95RRGdA3td1yK/qRs
33Vrl0Q29Vq61oZzYL+UOzViT+y8YscysrtZilEZ+Tye28DeQOwSN3GGFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCpEUwUxe0F7Lb19ASwRj2PYcjEzMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS2tSVEJURjdRWHN0dlgwQkxCR1BZOWh5TVRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALQwdqIe8hqhVJhsxiR0
E7RHCX1G2tz349Xxg72yKPN2kmMmCf7zrK9jp2eGEw21H1ahP8+R8Y7jS9hHPkCm
RgzGNYLZWC545DFFpYTRVthEEL1dpWvfHfgmoxEQPQaFI5wRQQAfKFNrHfnkiKcX
2Ma1MFBpXq+DXRNhyrGb+tYfcC+jooZBVjr3KuLOJTatIpn94arqZViqLqdiHS3r
jma9gDTjoatPX8nnAKp7eg1RmfspZYWmQyGSiGC/28k1Gnz7fY9L/P1vO6rf8spI
nVnB3laDlYMsTBnkXcQ2fP/m/+ApNsCo+m/cttkvAl/vw2CwjHi3v8pFRMJPjXVx
29Q=
-----END CERTIFICATE-----
Generated at Thu May 1 04:03:24 2025 by rpki-client