Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KnZ1oibBssyFe40JjAiQmKDVHO4.roa
File: KnZ1oibBssyFe40JjAiQmKDVHO4.roa (raw, json)
Hash identifier: h55Cvzxfhj9XDReMoHfYhG84U8/ja7vAZqsHaUa8y9o=
Subject key identifier: 2A:76:75:A2:26:C1:B2:CC:85:7B:8D:09:8C:08:90:98:A0:D5:1C:EE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187082C34C3D09DFC4061FE9FF49C365448
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KnZ1oibBssyFe40JjAiQmKDVHO4.roa
Signing time: Wed 22 Mar 2023 07:15:27 +0000
ROA not before: Wed 22 Mar 2023 07:15:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:08:2c:34:c3:d0:9d:fc:40:61:fe:9f:f4:9c:36:54:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 22 07:15:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a7675a226c1b2cc857b8d098c089098a0d51cee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:90:c6:d8:20:40:e2:5b:d5:4d:dc:fb:89:ea:
13:b0:9d:9b:57:25:65:4e:6e:9d:25:e1:50:00:ae:
7e:72:fb:27:14:ab:18:82:87:df:43:43:71:e9:34:
93:27:fa:90:26:b8:7c:e5:a9:69:de:ea:4b:61:e2:
60:ed:11:9e:7e:ef:52:d7:14:f2:5e:e4:1a:ae:ef:
52:b3:5f:e5:f1:54:10:22:76:e9:58:c0:0b:fa:f6:
bc:85:29:97:9d:aa:02:64:f2:f6:9b:79:13:09:f4:
03:55:17:3f:cc:99:a4:0e:af:8f:22:53:37:ab:e4:
52:e5:9f:35:a2:85:eb:1f:d0:5f:cb:45:96:80:60:
2e:b4:c9:c2:b8:77:17:12:a7:0b:9b:27:bd:3d:35:
c7:31:6b:b3:b6:18:10:60:92:38:b0:69:00:5e:c3:
5f:29:99:37:30:79:ac:31:25:b2:0d:4e:93:4e:a2:
52:3a:98:3b:fe:3a:5c:6b:2d:eb:ca:68:5f:15:bb:
a0:b0:57:65:2b:64:1c:d3:fc:d8:cc:32:da:97:08:
a6:c8:ea:66:6a:64:1c:b8:c6:17:45:87:cc:d2:77:
0f:ac:5c:eb:05:61:b0:45:b9:2e:75:52:5f:ed:ef:
f9:85:c1:03:d2:77:f0:fc:ad:b7:8f:3d:84:2d:8b:
c7:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:76:75:A2:26:C1:B2:CC:85:7B:8D:09:8C:08:90:98:A0:D5:1C:EE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KnZ1oibBssyFe40JjAiQmKDVHO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7e:ca:04:86:e9:57:cc:b1:d1:33:fc:a8:a6:00:fd:2c:f1:ce:
ac:f8:61:84:a3:97:a3:af:2b:d5:b1:a5:9e:5c:36:7a:cb:7e:
5b:0d:a3:ed:dc:21:5f:59:4a:71:27:eb:04:0f:0a:e8:18:6b:
47:f0:ff:53:e6:af:44:ec:1b:8e:2d:40:5a:f2:b1:a7:26:a4:
b8:3a:22:a2:96:6e:44:3d:5b:6b:d7:90:7d:c9:8d:c1:ce:4d:
77:87:7d:26:f0:e3:6a:2d:bb:8b:98:34:37:32:e0:cf:8b:20:
85:6b:45:ba:0a:80:50:28:a6:2f:f7:f3:33:6c:d5:df:ec:dd:
4f:21:b7:a1:52:06:d1:d9:27:c5:90:fa:da:6d:a4:26:dc:91:
6f:a0:29:ff:f4:45:dc:f0:96:3d:d3:6a:81:86:90:de:a4:ab:
1a:74:4f:1a:4a:ad:1b:67:bb:60:71:17:e4:9c:a5:44:75:a3:
36:88:a9:e3:9b:89:02:3b:42:c9:09:a8:70:b1:d2:52:f6:fa:
18:16:a5:cf:47:4e:49:c8:40:39:2b:0b:3f:a9:69:bb:8c:1b:
ff:e2:db:30:fc:cb:35:37:13:14:b6:bb:d9:88:28:6b:8a:35:
a9:ca:fe:43:6f:64:68:3e:98:b2:03:57:6b:c9:80:d1:b0:4f:
40:d5:4d:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYcILDTD0J38QGH+n/ScNlRIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzIyMDcxNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTc2NzVhMjI2YzFiMmNjODU3YjhkMDk4YzA4OTA5OGEwZDUxY2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZDG2CBA4lvVTdz7ieoTsJ2bVyVl
Tm6dJeFQAK5+cvsnFKsYgoffQ0Nx6TSTJ/qQJrh85alp3upLYeJg7RGefu9S1xTy
XuQaru9Ss1/l8VQQInbpWMAL+va8hSmXnaoCZPL2m3kTCfQDVRc/zJmkDq+PIlM3
q+RS5Z81ooXrH9Bfy0WWgGAutMnCuHcXEqcLmye9PTXHMWuzthgQYJI4sGkAXsNf
KZk3MHmsMSWyDU6TTqJSOpg7/jpcay3rymhfFbugsFdlK2Qc0/zYzDLalwimyOpm
amQcuMYXRYfM0ncPrFzrBWGwRbkudVJf7e/5hcED0nfw/K23jz2ELYvHpQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCp2daImwbLMhXuNCYwIkJig1RzuMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS25aMW9pYkJzc3lGZTQwSmpBaVFtS0RWSE80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH7KBIbpV8yx0TP8qKYA
/Szxzqz4YYSjl6OvK9WxpZ5cNnrLflsNo+3cIV9ZSnEn6wQPCugYa0fw/1Pmr0Ts
G44tQFrysacmpLg6IqKWbkQ9W2vXkH3JjcHOTXeHfSbw42otu4uYNDcy4M+LIIVr
RboKgFAopi/38zNs1d/s3U8ht6FSBtHZJ8WQ+tptpCbckW+gKf/0Rdzwlj3TaoGG
kN6kqxp0TxpKrRtnu2BxF+ScpUR1ozaIqeObiQI7QskJqHCx0lL2+hgWpc9HTknI
QDkrCz+pabuMG//i2zD8yzU3ExS2u9mIKGuKNanK/kNvZGg+mLIDV2vJgNGwT0DV
TT8=
-----END CERTIFICATE-----
Generated at Thu May 1 20:32:02 2025 by rpki-client