Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KrTk23ONCKztFGo4ojeHnWmX-6Q.roa
File: KrTk23ONCKztFGo4ojeHnWmX-6Q.roa (raw, json)
Hash identifier: y0cYoMSTibuYPip4PVefX7IzytJg9JIHXx/YugBxPOU=
Subject key identifier: 2A:B4:E4:DB:73:8D:08:AC:ED:14:6A:38:A2:37:87:9D:69:97:FB:A4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018563CBD9849647B671F19FF326229B5BB8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KrTk23ONCKztFGo4ojeHnWmX-6Q.roa
Signing time: Fri 30 Dec 2022 16:09:41 +0000
ROA not before: Fri 30 Dec 2022 16:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:63:cb:d9:84:96:47:b6:71:f1:9f:f3:26:22:9b:5b:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 30 16:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ab4e4db738d08aced146a38a237879d6997fba4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ef:71:a4:57:e4:7d:92:a0:57:24:bd:53:d0:
80:e8:19:f9:86:a2:30:58:dd:ef:52:cb:24:3d:8a:
af:46:7e:85:4c:1f:17:6f:5c:f3:e4:54:77:fe:73:
0d:9d:7f:5e:69:1c:a4:b6:67:c4:33:e8:fc:70:37:
11:82:3d:1c:bf:0b:e5:e6:44:c9:7f:df:fc:4a:8f:
f6:1f:7e:90:89:27:3a:99:8e:b6:11:af:4b:79:12:
60:74:a1:a4:f5:9b:14:99:04:d2:dc:11:69:18:dc:
ca:9a:cf:30:d7:ec:6e:0b:be:29:c0:64:80:65:43:
2b:72:02:9f:4c:21:52:ee:ef:b1:f6:99:09:b7:df:
25:dd:00:ed:c2:70:6c:33:13:ad:b5:9e:ce:99:d1:
f5:06:5a:3b:e1:53:76:f4:01:76:78:a7:15:c7:50:
0a:bd:de:17:45:ce:a0:ae:61:8e:c5:1a:aa:1e:00:
01:f8:2d:56:6b:84:79:35:0c:b3:59:7f:f6:71:57:
f6:be:53:dd:9d:7b:4f:67:10:b9:8a:89:10:06:ba:
3a:0a:a9:0d:30:26:c8:d8:db:75:3b:d1:bb:93:1e:
50:9e:57:7d:3c:57:46:d7:7b:a3:3d:29:fe:42:f2:
fe:9f:aa:3c:ec:da:2e:22:24:63:dc:f8:ce:78:d3:
13:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:B4:E4:DB:73:8D:08:AC:ED:14:6A:38:A2:37:87:9D:69:97:FB:A4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KrTk23ONCKztFGo4ojeHnWmX-6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
39:0d:29:88:39:88:33:ba:e0:97:57:de:22:76:77:4b:8c:c5:
0d:1b:05:ba:cd:1a:dd:dc:00:56:49:20:12:7a:0a:aa:84:35:
1a:b2:9f:d0:c9:d0:00:08:2d:ae:de:1c:5d:73:d3:85:b2:1a:
a9:7f:df:26:87:54:0a:8a:70:0f:69:fd:5d:54:b6:ad:95:cc:
4f:76:7b:aa:25:67:7b:f7:45:49:04:7b:2f:b7:84:f8:6c:0f:
af:b8:2f:05:5d:f9:e1:2d:a3:d0:27:5d:79:96:36:9d:1b:26:
23:e4:af:f8:e2:40:73:0d:ae:b9:73:30:a4:75:0d:ad:7a:be:
54:cf:db:a3:ca:86:db:39:70:00:dd:5e:06:05:7d:9c:69:db:
86:1f:80:fd:c3:2e:c3:79:07:f7:84:81:ac:0e:02:80:b1:a8:
41:d7:c9:b1:f0:05:6e:4d:d9:4d:91:6a:cb:6c:b5:52:f0:69:
73:dd:0d:14:47:6c:34:ff:b5:77:b2:a5:58:42:44:78:ec:72:
c0:95:56:61:c2:68:c4:1c:af:bd:48:43:f3:32:db:a9:d2:e1:
53:a9:6e:69:2f:49:36:51:63:48:45:b0:78:e5:37:ae:48:13:
4d:29:e5:6a:f1:bf:2f:a3:8b:6e:0c:ed:97:0b:d7:7d:93:3a:
35:ca:3b:68
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVjy9mElke2cfGf8yYim1u4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjMwMTYwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWI0ZTRkYjczOGQwOGFjZWQxNDZhMzhhMjM3ODc5ZDY5OTdmYmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAte9xpFfkfZKgVyS9U9CA6Bn5hqIw
WN3vUsskPYqvRn6FTB8Xb1zz5FR3/nMNnX9eaRyktmfEM+j8cDcRgj0cvwvl5kTJ
f9/8So/2H36QiSc6mY62Ea9LeRJgdKGk9ZsUmQTS3BFpGNzKms8w1+xuC74pwGSA
ZUMrcgKfTCFS7u+x9pkJt98l3QDtwnBsMxOttZ7OmdH1Blo74VN29AF2eKcVx1AK
vd4XRc6grmGOxRqqHgAB+C1Wa4R5NQyzWX/2cVf2vlPdnXtPZxC5iokQBro6CqkN
MCbI2Nt1O9G7kx5Qnld9PFdG13ujPSn+QvL+n6o87NouIiRj3PjOeNMTpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCq05NtzjQis7RRqOKI3h51pl/ukMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS3JUazIzT05DS3p0RkdvNG9qZUhuV21YLTZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADkNKYg5iDO64JdX3iJ2
d0uMxQ0bBbrNGt3cAFZJIBJ6CqqENRqyn9DJ0AAILa7eHF1z04WyGql/3yaHVAqK
cA9p/V1Utq2VzE92e6olZ3v3RUkEey+3hPhsD6+4LwVd+eEto9AnXXmWNp0bJiPk
r/jiQHMNrrlzMKR1Da16vlTP26PKhts5cADdXgYFfZxp24YfgP3DLsN5B/eEgawO
AoCxqEHXybHwBW5N2U2RaststVLwaXPdDRRHbDT/tXeypVhCRHjscsCVVmHCaMQc
r71IQ/My26nS4VOpbmkvSTZRY0hFsHjlN65IE00p5Wrxvy+ji24M7ZcL132TOjXK
O2g=
-----END CERTIFICATE-----
Generated at Thu May 1 02:09:07 2025 by rpki-client