Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KtJl01lK00DySYn0-ODcpjEaeII.roa
File: KtJl01lK00DySYn0-ODcpjEaeII.roa (raw, json)
Hash identifier: 5YDXH90D0OdIuiOppXWpZ0OzNarpsZJTSV4gEou3xLk=
Subject key identifier: 2A:D2:65:D3:59:4A:D3:40:F2:49:89:F4:F8:E0:DC:A6:31:1A:78:82
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 7BC0E426
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KtJl01lK00DySYn0-ODcpjEaeII.roa
Signing time: Sat 16 Apr 2022 10:10:23 +0000
ROA not before: Sat 16 Apr 2022 10:10:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2076238886 (0x7bc0e426)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 16 10:10:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ad265d3594ad340f24989f4f8e0dca6311a7882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3a:b0:47:ed:3d:be:eb:60:54:d6:0d:87:57:
e4:8d:31:17:f6:b9:84:ee:d3:ad:6c:bb:73:15:9c:
eb:8a:56:e1:b9:02:e8:c1:46:63:a0:7a:76:1a:d4:
99:67:85:59:15:e3:91:56:c2:d0:88:e9:33:51:2d:
12:fc:50:ef:60:8c:57:40:cf:3c:bb:b5:3e:5c:fd:
62:4b:73:1f:c8:53:12:57:3a:9c:92:de:3a:c8:92:
82:84:1f:8e:d1:f3:5b:fc:26:a2:4d:cd:2d:10:50:
f9:ce:cb:f6:54:9a:cd:25:61:62:98:07:1d:5a:2c:
36:50:36:9a:58:8f:39:c5:55:02:40:45:ea:79:22:
60:85:f6:4e:a1:c1:6f:bf:5c:04:34:8d:b0:6c:60:
4b:2a:cc:b7:69:64:c9:df:9d:fd:4f:9c:e5:42:d9:
85:28:66:19:65:8c:10:33:bb:19:f0:8b:ce:0e:06:
bf:21:37:d9:17:ef:d3:a7:35:18:7c:a6:ca:06:3c:
ae:eb:43:f9:d0:6f:06:90:73:77:54:41:52:87:ac:
43:f8:1c:1f:9c:e2:9f:30:37:9f:2e:58:a7:54:09:
60:cf:c6:bf:aa:75:dc:3c:a1:eb:bf:a2:5b:ee:c1:
68:35:79:96:56:5a:b7:3f:27:59:af:bf:2c:f1:9f:
0c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D2:65:D3:59:4A:D3:40:F2:49:89:F4:F8:E0:DC:A6:31:1A:78:82
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KtJl01lK00DySYn0-ODcpjEaeII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
59:71:7b:6f:a5:e2:ba:80:45:3f:8b:98:a4:b9:64:b5:91:d4:
8e:f8:37:e4:01:f5:b6:00:39:a2:f5:f9:5d:bc:18:40:22:6d:
59:d5:5f:2c:18:07:28:44:72:f2:0f:b7:a7:04:87:5e:fa:58:
52:e6:a3:98:ec:94:7e:0a:1d:de:66:9b:af:c4:bf:32:93:ce:
25:57:87:3c:77:ef:78:3d:5c:51:51:e6:73:71:bb:50:a9:99:
48:1b:3c:bb:d4:c9:fa:f9:a4:3f:03:a9:a3:9a:72:8b:22:6b:
d3:ea:d6:5d:9b:a6:09:25:3e:0a:5f:64:d1:e6:38:d4:3c:7c:
8b:56:a0:50:51:b8:e7:61:81:e5:1e:36:1a:58:fa:7c:6f:07:
2a:f8:5e:1b:12:d3:0d:5a:73:93:d3:ae:5f:51:86:79:07:e6:
e3:52:b5:69:72:b8:44:cf:dc:54:22:08:dc:e4:84:9c:0c:e9:
58:1a:2d:37:ff:91:ec:28:1b:01:06:31:ee:45:0d:e5:db:72:
a3:16:8e:da:14:27:51:37:d4:dc:c8:ea:24:a3:8e:d9:33:c2:
66:9a:7a:98:fa:82:12:d4:3f:66:ab:bf:55:53:45:7e:8f:e8:
1a:cb:68:de:fa:98:63:26:d5:88:8d:d6:f4:73:6f:3d:de:01:
66:70:95:e4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEe8DkJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDQx
NjEwMTAyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmFkMjY1ZDM1OTRh
ZDM0MGYyNDk4OWY0ZjhlMGRjYTYzMTFhNzg4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALU6sEftPb7rYFTWDYdX5I0xF/a5hO7TrWy7cxWc64pW4bkC
6MFGY6B6dhrUmWeFWRXjkVbC0IjpM1EtEvxQ72CMV0DPPLu1Plz9YktzH8hTElc6
nJLeOsiSgoQfjtHzW/wmok3NLRBQ+c7L9lSazSVhYpgHHVosNlA2mliPOcVVAkBF
6nkiYIX2TqHBb79cBDSNsGxgSyrMt2lkyd+d/U+c5ULZhShmGWWMEDO7GfCLzg4G
vyE32Rfv06c1GHymygY8rutD+dBvBpBzd1RBUoesQ/gcH5zinzA3ny5Yp1QJYM/G
v6p13Dyh67+iW+7BaDV5llZatz8nWa+/LPGfDKsCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQq0mXTWUrTQPJJifT44NymMRp4gjAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L0t0SmwwMWxLMDBEeVNZbjAtT0RjcGpFYWVJSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQBZcXtvpeK6gEU/i5ikuWS1kdSO+DfkAfW2ADmi
9fldvBhAIm1Z1V8sGAcoRHLyD7enBIde+lhS5qOY7JR+Ch3eZpuvxL8yk84lV4c8
d+94PVxRUeZzcbtQqZlIGzy71Mn6+aQ/A6mjmnKLImvT6tZdm6YJJT4KX2TR5jjU
PHyLVqBQUbjnYYHlHjYaWPp8bwcq+F4bEtMNWnOT065fUYZ5B+bjUrVpcrhEz9xU
Igjc5IScDOlYGi03/5HsKBsBBjHuRQ3l23KjFo7aFCdRN9TcyOoko47ZM8JmmnqY
+oIS1D9mq79VU0V+j+gay2je+phjJtWIjdb0c2893gFmcJXk
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:36:54 2025 by rpki-client