Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KuTmTlFXIl0kK2naznKWLLOK5IQ.roa
File: KuTmTlFXIl0kK2naznKWLLOK5IQ.roa (raw, json)
Hash identifier: FHcKIyWLjAiuBz+BpRAEgo4igGZhyfbWXQ1DcYonOxA=
Subject key identifier: 2A:E4:E6:4E:51:57:22:5D:24:2B:69:DA:CE:72:96:2C:B3:8A:E4:84
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189A52FE6C2F4340EEF0E82B7F1770BEB69
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KuTmTlFXIl0kK2naznKWLLOK5IQ.roa
Signing time: Sun 30 Jul 2023 05:05:27 +0000
ROA not before: Sun 30 Jul 2023 05:05:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a52e:fb59/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a5:2f:e6:c2:f4:34:0e:ef:0e:82:b7:f1:77:0b:eb:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 30 05:05:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ae4e64e5157225d242b69dace72962cb38ae484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f7:e8:69:73:12:da:5f:d3:b2:26:70:5b:1d:
bc:e9:77:72:f8:53:e4:27:cc:3f:10:42:ca:94:b8:
62:44:83:05:2d:aa:a2:b1:5c:e8:09:bb:c8:81:e9:
0a:6e:1f:be:22:ea:0d:f2:8b:f8:30:46:06:98:a2:
b4:04:fb:b3:fa:6f:7e:33:e7:70:a9:17:37:f7:6e:
f3:98:ff:14:9b:f0:0a:94:da:9b:d0:7c:3f:3d:2e:
79:62:f4:d0:62:1a:72:33:7c:fa:fe:d6:65:b6:81:
64:ed:56:44:d6:3a:00:04:ae:e7:18:79:99:78:99:
a1:13:f2:2d:c4:46:70:8b:23:5a:30:cd:88:eb:fe:
5f:a3:b4:d9:fd:8b:b4:a2:2e:8c:9e:8f:d3:dc:6f:
f1:3a:15:60:49:5e:21:d7:7b:49:0e:de:37:0c:7c:
ba:e2:f1:0b:58:97:d9:1d:9a:d7:51:b9:a6:4f:0f:
07:bc:0e:5f:52:2e:44:25:26:a6:d9:27:22:54:5c:
17:0a:36:0f:02:5a:b0:4b:f7:c2:4c:97:99:e2:0a:
54:08:18:df:d9:1f:34:db:43:83:cb:8e:59:25:34:
22:a3:3d:bc:bd:5c:12:65:88:b8:c9:77:1a:93:35:
12:50:0c:45:ac:36:17:f8:34:a7:a9:60:fe:21:21:
05:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:E4:E6:4E:51:57:22:5D:24:2B:69:DA:CE:72:96:2C:B3:8A:E4:84
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KuTmTlFXIl0kK2naznKWLLOK5IQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
90:5e:3f:86:91:c9:21:c2:be:87:a2:d3:7a:86:b5:4c:70:a3:
a3:ff:0c:59:b0:a5:8d:42:2f:1b:85:bc:63:ab:2d:3d:e9:0c:
a3:fb:ba:bb:c3:bc:df:3c:41:3f:a5:a9:bf:f0:39:db:08:b9:
e8:8d:80:09:6b:03:d1:7d:4e:06:f3:f0:c5:8a:51:0b:e0:0e:
35:92:05:e1:ef:4b:2c:84:b6:53:1b:8d:79:ec:f2:61:0c:4f:
50:19:44:e7:7f:22:af:8d:8d:e2:c2:8f:e4:fc:37:c4:fb:a3:
f4:8d:fe:4f:aa:79:a8:c5:6c:d8:82:75:a4:e0:4b:da:24:8f:
0f:75:de:f8:4f:4c:42:5b:70:2f:bf:1a:95:23:82:72:09:24:
f9:c2:21:f0:f6:a3:57:b8:42:dd:59:2f:21:dc:ac:20:4d:6b:
66:5c:03:5b:22:b3:98:26:e7:f2:56:6c:14:7f:d5:2e:a5:4d:
d5:04:6a:1f:1f:10:f7:03:f7:39:f5:22:11:9d:12:5d:e4:4c:
e4:e5:a7:af:d1:e1:f4:eb:7b:fd:98:56:6c:a5:a3:9d:de:c2:
5f:aa:2c:05:2a:84:63:65:33:cb:59:c0:74:bf:ce:12:3d:8f:
af:73:8a:ba:ec:ea:34:12:50:9b:a0:a5:4d:40:f6:d5:ed:4a:
26:57:1f:0b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmlL+bC9DQO7w6Ct/F3C+tpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzMwMDUwNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWU0ZTY0ZTUxNTcyMjVkMjQyYjY5ZGFjZTcyOTYyY2IzOGFlNDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/foaXMS2l/TsiZwWx286Xdy+FPk
J8w/EELKlLhiRIMFLaqisVzoCbvIgekKbh++IuoN8ov4MEYGmKK0BPuz+m9+M+dw
qRc3927zmP8Um/AKlNqb0Hw/PS55YvTQYhpyM3z6/tZltoFk7VZE1joABK7nGHmZ
eJmhE/ItxEZwiyNaMM2I6/5fo7TZ/Yu0oi6Mno/T3G/xOhVgSV4h13tJDt43DHy6
4vELWJfZHZrXUbmmTw8HvA5fUi5EJSam2SciVFwXCjYPAlqwS/fCTJeZ4gpUCBjf
2R8020ODy45ZJTQioz28vVwSZYi4yXcakzUSUAxFrDYX+DSnqWD+ISEFfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCrk5k5RVyJdJCtp2s5yliyziuSEMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS3VUbVRsRlhJbDBrSzJuYXpuS1dMTE9LNUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJBeP4aRySHCvoei03qG
tUxwo6P/DFmwpY1CLxuFvGOrLT3pDKP7urvDvN88QT+lqb/wOdsIueiNgAlrA9F9
Tgbz8MWKUQvgDjWSBeHvSyyEtlMbjXns8mEMT1AZROd/Iq+NjeLCj+T8N8T7o/SN
/k+qeajFbNiCdaTgS9okjw913vhPTEJbcC+/GpUjgnIJJPnCIfD2o1e4Qt1ZLyHc
rCBNa2ZcA1sis5gm5/JWbBR/1S6lTdUEah8fEPcD9zn1IhGdEl3kTOTlp6/R4fTr
e/2YVmylo53ewl+qLAUqhGNlM8tZwHS/zhI9j69zirrs6jQSUJugpU1A9tXtSiZX
Hws=
-----END CERTIFICATE-----
Generated at Sat May 3 12:30:50 2025 by rpki-client