Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KmG4KeNKB5IoT1RanKs7VqOOpZw.roa
File: KmG4KeNKB5IoT1RanKs7VqOOpZw.roa (raw, json)
Hash identifier: voyD80tE9AgwsUcuJ9Zmd1lTOMTCzdjR20OVbs3IoOU=
Subject key identifier: 2A:61:B8:29:E3:4A:07:92:28:4F:54:5A:9C:AB:3B:56:A3:8E:A5:9C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 8237C0A7
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KmG4KeNKB5IoT1RanKs7VqOOpZw.roa
Signing time: Sun 08 May 2022 13:09:39 +0000
ROA not before: Sun 08 May 2022 13:09:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:8961:505f/128 maxlen: 128
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2184691879 (0x8237c0a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 8 13:09:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a61b829e34a0792284f545a9cab3b56a38ea59c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:fd:21:ab:d1:4e:d3:63:d5:70:88:6c:b1:04:
cc:68:4d:80:0c:70:7f:64:4c:47:2a:1e:1e:40:a1:
e2:78:18:c8:9a:26:f6:18:28:4b:c9:ed:b0:60:ac:
ef:2f:a1:c0:a5:f6:97:4d:24:67:9d:6a:d5:d4:76:
39:a8:3d:ca:19:5e:d1:bb:09:9e:50:cc:22:8f:bf:
6a:71:b5:e5:1a:71:c5:46:20:7f:ad:12:03:20:6a:
df:f7:f0:a2:3e:c4:64:e7:55:c9:07:1f:0f:84:e0:
5e:2c:63:74:8b:c9:56:59:0d:b5:81:4f:a3:90:2c:
e7:b2:5a:16:fa:4c:dc:73:7d:ee:9a:e0:d6:74:fb:
3c:68:c7:28:f0:3b:df:84:f6:26:01:6d:f2:f8:34:
0f:5b:3a:4a:c7:3b:e2:6f:f2:61:c2:c1:66:cd:20:
61:e9:3e:a6:39:0e:a9:ca:df:3c:4c:61:15:d1:a3:
6a:95:e9:45:4d:f3:35:9a:91:69:a3:bd:0a:b4:fe:
df:13:57:0b:3e:8e:2b:0d:72:db:b3:d4:e0:51:ea:
a2:ec:c6:3b:40:2a:05:fa:8a:3c:39:42:1e:34:37:
fe:ba:b5:74:1c:25:96:a6:42:88:6a:26:d6:f3:14:
2b:c8:33:e7:ee:87:1a:28:1d:25:41:c9:45:e2:10:
29:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:61:B8:29:E3:4A:07:92:28:4F:54:5A:9C:AB:3B:56:A3:8E:A5:9C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KmG4KeNKB5IoT1RanKs7VqOOpZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ae:47:c4:f3:60:6f:f7:5d:12:0d:41:e8:99:d8:ef:54:5e:18:
ab:42:df:8a:c0:d8:8b:6f:c8:81:36:13:8c:e1:ba:3f:8b:f5:
d2:5d:dd:86:74:0d:ed:c4:f0:85:14:66:20:b9:5a:fb:65:30:
7d:7a:a7:0c:8d:d8:60:0c:4e:59:19:b4:74:a4:f4:83:fb:92:
fa:2e:30:0c:b0:34:a5:48:d0:54:3e:ec:eb:8b:2f:6e:33:a0:
58:44:42:d8:a6:51:f1:de:58:f7:01:e2:6f:d4:be:69:67:4a:
c4:71:57:38:75:72:62:fd:f5:fe:bb:6d:43:17:4b:b6:46:a7:
44:f5:3c:ab:ef:4c:cc:12:96:18:31:b9:95:e4:78:b8:26:e7:
00:ac:a0:c1:2a:6c:b0:f4:a2:68:46:a9:1d:91:67:cb:98:bc:
43:b2:cd:f8:5a:43:3b:6e:b6:08:03:0a:a6:f8:ce:09:88:c4:
3d:81:42:8a:3b:19:90:9d:dc:09:dd:0c:c8:98:10:90:3c:ae:
d8:c5:d9:47:74:2d:cf:5c:32:e6:f2:6a:ae:29:58:b3:21:99:
6f:ec:1a:3a:f7:3d:b9:b2:d2:61:69:12:b9:b1:5f:07:b1:bb:
28:c7:73:78:7a:87:aa:ef:62:45:14:63:7f:da:d9:0e:03:ca:
d5:df:26:eb
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAII3wKcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MDgxMzA5MzlaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDJhNjFiODI5ZTM0
YTA3OTIyODRmNTQ1YTljYWIzYjU2YTM4ZWE1OWMwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDK/SGr0U7TY9VwiGyxBMxoTYAMcH9kTEcqHh5AoeJ4GMia
JvYYKEvJ7bBgrO8vocCl9pdNJGedatXUdjmoPcoZXtG7CZ5QzCKPv2pxteUaccVG
IH+tEgMgat/38KI+xGTnVckHHw+E4F4sY3SLyVZZDbWBT6OQLOeyWhb6TNxzfe6a
4NZ0+zxoxyjwO9+E9iYBbfL4NA9bOkrHO+Jv8mHCwWbNIGHpPqY5DqnK3zxMYRXR
o2qV6UVN8zWakWmjvQq0/t8TVws+jisNctuz1OBR6qLsxjtAKgX6ijw5Qh40N/66
tXQcJZamQohqJtbzFCvIM+fuhxooHSVByUXiECkhAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUKmG4KeNKB5IoT1RanKs7VqOOpZwwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9LbUc0S2VOS0I1SW9UMVJhbktzN1ZxT09wWncucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEArkfE82Bv910SDUHomdjvVF4Yq0LfisDYi2/I
gTYTjOG6P4v10l3dhnQN7cTwhRRmILla+2UwfXqnDI3YYAxOWRm0dKT0g/uS+i4w
DLA0pUjQVD7s64svbjOgWERC2KZR8d5Y9wHib9S+aWdKxHFXOHVyYv31/rttQxdL
tkanRPU8q+9MzBKWGDG5leR4uCbnAKygwSpssPSiaEapHZFny5i8Q7LN+FpDO262
CAMKpvjOCYjEPYFCijsZkJ3cCd0MyJgQkDyu2MXZR3Qtz1wy5vJqrilYsyGZb+wa
Ovc9ubLSYWkSubFfB7G7KMdzeHqHqu9iRRRjf9rZDgPK1d8m6w==
-----END CERTIFICATE-----
Generated at Thu May 1 02:52:12 2025 by rpki-client