Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KtAHz-aVW5cln1uPkjHSohRGORI.roa
File: KtAHz-aVW5cln1uPkjHSohRGORI.roa (raw, json)
Hash identifier: yGhOiyudOdgLrvG+ARSVt8e6Byh6tre02PMpVlC6yas=
Subject key identifier: 2A:D0:07:CF:E6:95:5B:97:25:9F:5B:8F:92:31:D2:A2:14:46:39:12
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185B631640F205167AE2A57A6105D7B7207
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KtAHz-aVW5cln1uPkjHSohRGORI.roa
Signing time: Sun 15 Jan 2023 16:09:28 +0000
ROA not before: Sun 15 Jan 2023 16:09:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b6:31:64:0f:20:51:67:ae:2a:57:a6:10:5d:7b:72:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 15 16:09:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ad007cfe6955b97259f5b8f9231d2a214463912
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b4:ce:c2:64:37:7b:3b:12:4b:f7:25:e6:3e:
6c:1e:dd:44:0c:c6:60:aa:2f:8f:52:12:42:78:da:
41:33:5a:fd:5e:24:f8:06:44:34:31:ac:8e:1b:87:
fc:f2:f6:73:4b:85:d7:69:ac:ea:94:41:09:66:99:
76:e8:86:ef:e9:55:76:9d:2f:0b:78:79:85:4d:18:
c3:4f:65:e7:ff:30:9e:de:c7:db:9b:38:28:e3:6e:
98:b6:5a:09:cd:a9:73:93:7d:5f:65:1d:db:87:fa:
52:05:69:a8:9e:26:ec:7a:d9:f9:af:b8:b2:7a:4f:
8f:7c:19:1c:a4:81:fb:95:1c:df:0a:01:e6:16:1a:
86:3d:85:f9:66:d6:f8:5f:b7:91:50:d6:48:82:d6:
1d:58:76:0b:bf:0c:ee:b8:41:5b:3e:17:d0:34:3d:
21:80:27:f6:39:94:c8:7c:f3:1d:03:de:60:3b:7f:
c4:ee:1d:24:b5:d5:e1:b4:0c:67:de:2b:96:f2:1d:
76:c5:68:75:a7:3e:32:70:1e:1b:85:2c:24:5f:23:
d9:a3:cb:19:e3:2e:85:70:fe:bd:34:41:ae:82:64:
8d:eb:e5:a1:c6:38:ee:4c:1a:61:bc:91:56:70:38:
d9:24:65:ce:8e:0f:47:3f:36:5a:45:70:4b:a6:f7:
24:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D0:07:CF:E6:95:5B:97:25:9F:5B:8F:92:31:D2:A2:14:46:39:12
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KtAHz-aVW5cln1uPkjHSohRGORI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:06:fe:30:54:96:7c:cd:6a:b6:8c:90:17:2b:77:33:2e:a6:
d6:bd:44:cb:37:66:50:60:91:e1:b7:81:0c:5e:a4:21:32:d8:
3d:cc:a9:3f:dc:04:b1:ac:53:5e:33:66:4a:a4:51:06:2b:4a:
d8:d9:4f:90:f9:80:1f:48:7f:33:1d:33:50:8b:30:53:3d:76:
14:15:9b:ce:71:d5:b6:7b:38:15:09:db:f7:6e:9f:91:9a:15:
66:0a:d5:48:b4:02:d2:44:13:a2:dd:14:b0:d2:32:b6:f7:fc:
f4:9f:2f:76:62:dd:95:83:8e:8d:54:4e:9a:88:4f:6c:ad:15:
dc:ab:4f:5d:12:a0:bf:7a:fb:5b:cb:7e:ea:82:b8:b7:8c:fa:
27:87:f6:d3:83:82:67:e2:f1:1d:82:42:2c:1a:4f:61:f5:c5:
1f:99:a4:48:d3:cf:2b:13:5a:18:96:48:dd:a3:5a:30:67:6b:
0a:06:90:c2:cb:7b:4e:5e:68:14:38:61:2b:7a:52:b3:57:66:
b8:13:2f:47:ad:2c:c9:db:45:48:8a:6d:db:17:0e:20:ba:36:
9e:8c:51:ec:1f:1e:32:e8:5f:6d:fa:aa:48:3c:56:74:33:09:
28:c9:fd:7f:d0:72:5c:66:da:e6:e7:ce:12:c3:3a:57:7b:17:
a5:5e:dd:68
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYW2MWQPIFFnripXphBde3IHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTE1MTYwOTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWQwMDdjZmU2OTU1Yjk3MjU5ZjViOGY5MjMxZDJhMjE0NDYzOTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibTOwmQ3ezsSS/cl5j5sHt1EDMZg
qi+PUhJCeNpBM1r9XiT4BkQ0MayOG4f88vZzS4XXaazqlEEJZpl26Ibv6VV2nS8L
eHmFTRjDT2Xn/zCe3sfbmzgo426YtloJzalzk31fZR3bh/pSBWmonibsetn5r7iy
ek+PfBkcpIH7lRzfCgHmFhqGPYX5Ztb4X7eRUNZIgtYdWHYLvwzuuEFbPhfQND0h
gCf2OZTIfPMdA95gO3/E7h0ktdXhtAxn3iuW8h12xWh1pz4ycB4bhSwkXyPZo8sZ
4y6FcP69NEGugmSN6+WhxjjuTBphvJFWcDjZJGXOjg9HPzZaRXBLpvckwwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCrQB8/mlVuXJZ9bj5Ix0qIURjkSMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS3RBSHotYVZXNWNsbjF1UGtqSFNvaFJHT1JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADMG/jBUlnzNaraMkBcr
dzMupta9RMs3ZlBgkeG3gQxepCEy2D3MqT/cBLGsU14zZkqkUQYrStjZT5D5gB9I
fzMdM1CLMFM9dhQVm85x1bZ7OBUJ2/dun5GaFWYK1Ui0AtJEE6LdFLDSMrb3/PSf
L3Zi3ZWDjo1UTpqIT2ytFdyrT10SoL96+1vLfuqCuLeM+ieH9tODgmfi8R2CQiwa
T2H1xR+ZpEjTzysTWhiWSN2jWjBnawoGkMLLe05eaBQ4YSt6UrNXZrgTL0etLMnb
RUiKbdsXDiC6Np6MUewfHjLoX236qkg8VnQzCSjJ/X/Qclxm2ubnzhLDOld7F6Ve
3Wg=
-----END CERTIFICATE-----
Generated at Thu May 1 03:57:17 2025 by rpki-client