Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KlpsvOWZ_YLuqpyd-m7mYbAD9HI.roa
File: KlpsvOWZ_YLuqpyd-m7mYbAD9HI.roa (raw, json)
Hash identifier: Qp4tC/3gnA5GTj8cobZNTgoTxml+mxLSgsEr/1xbUEg=
Subject key identifier: 2A:5A:6C:BC:E5:99:FD:82:EE:AA:9C:9D:FA:6E:E6:61:B0:03:F4:72
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189A6789443A37C8A9D40EF01F65B4E0C71
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KlpsvOWZ_YLuqpyd-m7mYbAD9HI.roa
Signing time: Sun 30 Jul 2023 11:04:27 +0000
ROA not before: Sun 30 Jul 2023 11:04:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:189:a678:6135/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a6:78:94:43:a3:7c:8a:9d:40:ef:01:f6:5b:4e:0c:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 30 11:04:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a5a6cbce599fd82eeaa9c9dfa6ee661b003f472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:74:57:40:ea:e4:db:e6:fa:71:cf:db:0e:78:
34:62:aa:47:0b:bf:8d:09:37:19:56:7c:85:d3:cb:
c7:45:c5:0b:d2:46:cb:cc:d5:dc:c6:0c:14:6c:e5:
45:b1:95:ab:89:3e:63:0b:4f:df:db:b3:3e:2b:aa:
eb:c3:b4:28:c3:67:45:e9:29:5c:0f:22:52:62:eb:
f8:be:ef:0a:3e:da:a6:7b:2b:4d:d5:e7:07:20:34:
33:b6:1f:0c:52:7e:88:64:59:83:66:9e:bc:c6:95:
dc:f0:21:99:c2:fe:d7:c4:f7:1b:07:83:9a:7e:e6:
37:9d:a0:73:a2:2a:64:ad:52:28:e3:51:8b:cb:31:
64:16:16:f3:03:53:84:27:c8:23:91:7a:4a:42:bc:
f2:b2:fd:93:8d:35:88:d1:f0:64:eb:98:56:2d:a3:
20:77:c0:58:6e:41:a1:68:11:c8:bf:cd:36:c2:97:
9d:fd:ce:ce:98:9a:ba:f3:48:bc:48:bb:70:1d:5e:
43:e9:00:34:ad:91:a7:1d:95:19:3b:6a:ff:d8:61:
f0:e9:36:26:b7:f2:a1:06:39:a3:74:66:38:06:db:
b1:a3:41:33:10:3f:19:12:0e:11:86:03:ae:28:40:
04:36:4b:7b:88:3d:10:b8:50:d1:ca:0a:6c:7c:c0:
28:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:5A:6C:BC:E5:99:FD:82:EE:AA:9C:9D:FA:6E:E6:61:B0:03:F4:72
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KlpsvOWZ_YLuqpyd-m7mYbAD9HI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:02:ad:15:6b:ad:d8:5e:d0:53:67:05:15:2b:93:2f:71:a6:
da:7f:7a:8f:d6:75:9e:b0:d5:63:6a:30:a9:6f:ba:e1:01:b5:
06:a7:5a:e4:47:c4:e5:1a:37:8f:a4:d3:2b:d0:97:6f:77:de:
40:8e:f0:5e:6c:b9:88:b8:96:75:9b:14:8b:02:d7:1a:07:a4:
ec:cb:36:71:ef:b9:9e:6f:b9:a9:53:f2:a8:dc:9f:d9:91:3f:
e9:82:43:ad:74:50:0a:18:76:9e:6c:49:be:2f:7e:b8:13:b0:
93:80:eb:4a:fa:a8:5e:e2:5e:bf:e9:0d:2e:60:14:b9:3b:19:
ef:7a:8f:9f:04:77:cb:cf:04:2c:7f:74:be:3a:36:8b:18:30:
df:47:35:a6:57:0e:76:b0:82:15:c2:4c:f6:23:0a:8f:fc:11:
af:c9:b0:ad:ab:a7:ba:a6:e8:07:46:3e:4f:e7:1a:5b:d6:00:
38:83:9b:ac:31:a7:7f:09:57:6b:12:25:bf:15:c2:7a:e4:48:
04:00:e7:96:df:ee:19:b3:c6:86:79:f3:5a:68:98:47:f2:4e:
9d:c7:63:4c:88:be:8d:80:af:85:b0:03:17:cf:79:00:f0:de:
fa:f2:40:c2:5d:29:1a:2b:7f:f3:0a:d4:9c:f6:96:18:1e:e9:
af:1c:bb:97
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmmeJRDo3yKnUDvAfZbTgxxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzMwMTEwNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTVhNmNiY2U1OTlmZDgyZWVhYTljOWRmYTZlZTY2MWIwMDNmNDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9nRXQOrk2+b6cc/bDng0YqpHC7+N
CTcZVnyF08vHRcUL0kbLzNXcxgwUbOVFsZWriT5jC0/f27M+K6rrw7Qow2dF6Slc
DyJSYuv4vu8KPtqmeytN1ecHIDQzth8MUn6IZFmDZp68xpXc8CGZwv7XxPcbB4Oa
fuY3naBzoipkrVIo41GLyzFkFhbzA1OEJ8gjkXpKQrzysv2TjTWI0fBk65hWLaMg
d8BYbkGhaBHIv802wped/c7OmJq680i8SLtwHV5D6QA0rZGnHZUZO2r/2GHw6TYm
t/KhBjmjdGY4Btuxo0EzED8ZEg4RhgOuKEAENkt7iD0QuFDRygpsfMAoXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCpabLzlmf2C7qqcnfpu5mGwA/RyMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS2xwc3ZPV1pfWUx1cXB5ZC1tN21ZYkFEOUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFECrRVrrdhe0FNnBRUr
ky9xptp/eo/WdZ6w1WNqMKlvuuEBtQanWuRHxOUaN4+k0yvQl2933kCO8F5suYi4
lnWbFIsC1xoHpOzLNnHvuZ5vualT8qjcn9mRP+mCQ610UAoYdp5sSb4vfrgTsJOA
60r6qF7iXr/pDS5gFLk7Ge96j58Ed8vPBCx/dL46NosYMN9HNaZXDnawghXCTPYj
Co/8Ea/JsK2rp7qm6AdGPk/nGlvWADiDm6wxp38JV2sSJb8VwnrkSAQA55bf7hmz
xoZ581pomEfyTp3HY0yIvo2Ar4WwAxfPeQDw3vryQMJdKRorf/MK1Jz2lhge6a8c
u5c=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:34:19 2025 by rpki-client