Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KuY57wFkt2AyxCwNS6R56j1vrQA.roa
File: KuY57wFkt2AyxCwNS6R56j1vrQA.roa (raw, json)
Hash identifier: 8y7OL4DDdzTwzpKzqezGujK1+PtqhZOVpoHkT27vkO8=
Subject key identifier: 2A:E6:39:EF:01:64:B7:60:32:C4:2C:0D:4B:A4:79:EA:3D:6F:AD:00
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018698271DDF73CCF4C93EEAB616DFDD5DB2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KuY57wFkt2AyxCwNS6R56j1vrQA.roa
Signing time: Tue 28 Feb 2023 13:12:25 +0000
ROA not before: Tue 28 Feb 2023 13:12:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:98:27:1d:df:73:cc:f4:c9:3e:ea:b6:16:df:dd:5d:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 28 13:12:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ae639ef0164b76032c42c0d4ba479ea3d6fad00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:82:a5:b9:95:66:4a:5b:d9:a0:bb:f9:77:a1:
45:8f:21:25:cc:67:c5:b4:dc:ee:c3:7f:e4:73:cd:
4f:61:53:6d:93:40:6c:41:b0:54:4a:7e:91:17:d9:
7d:2f:e1:8a:53:c7:9a:8f:77:cc:d2:c0:33:73:17:
44:c5:b8:56:00:43:34:9e:93:27:3e:ae:da:c7:64:
0a:a2:57:4d:4a:cb:1d:b2:96:c8:54:ed:ab:45:b7:
35:02:0c:8a:a4:cc:2c:3b:ff:4f:0e:71:68:52:51:
1c:ae:c0:14:1a:d4:f9:85:49:e2:c8:95:9c:4f:8c:
30:db:32:93:08:da:17:11:9b:eb:06:51:12:61:aa:
00:cf:46:39:b8:9e:33:e8:fd:08:da:54:72:b7:bb:
91:ff:63:dd:f0:ca:79:fa:92:46:52:66:86:bb:d3:
ca:36:9c:99:5b:a8:05:a0:ec:94:a7:31:40:eb:27:
e3:ad:f2:d9:2c:f2:8c:2e:77:0c:7a:6c:79:e2:60:
ec:01:e5:ad:1d:a1:81:7d:fa:0f:3a:36:2f:f2:b3:
0d:9a:e9:78:19:f0:3d:0c:e5:20:77:97:c0:0b:16:
99:54:46:28:41:30:d0:46:45:17:06:63:2b:4c:26:
dc:25:e6:f0:b9:6f:9e:9a:a3:b2:9c:07:da:24:06:
8c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:E6:39:EF:01:64:B7:60:32:C4:2C:0D:4B:A4:79:EA:3D:6F:AD:00
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KuY57wFkt2AyxCwNS6R56j1vrQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
21:82:d2:4b:55:b6:98:8f:d1:14:6b:8e:b7:d0:df:47:9c:67:
34:4b:d3:22:48:7d:cf:9d:3c:93:54:bf:54:08:5d:73:92:3a:
19:a0:15:03:3f:05:1d:56:f6:a9:d5:75:a4:e4:c6:9f:97:bc:
7f:75:55:49:bc:3e:3b:80:39:0c:10:1e:e5:b3:23:e2:64:de:
c6:08:71:a7:53:f3:15:09:7d:98:9f:a0:5f:8b:f2:99:0b:86:
d9:45:ae:80:3e:ea:95:50:a8:5f:10:24:10:1c:24:be:40:05:
40:2c:ad:d7:0f:6b:a3:37:fe:1c:5b:98:c4:84:8f:7a:59:37:
84:c2:bb:c8:7b:6e:e5:96:9b:b3:eb:2a:ab:43:5e:9e:52:cf:
e6:28:df:15:d9:64:74:41:33:25:73:1f:77:98:55:22:66:49:
7d:5b:26:bd:3d:e4:79:ad:59:f6:3d:c3:68:2b:51:d4:c5:27:
0f:70:a4:78:0b:f8:1f:80:1c:98:6e:64:4c:3b:29:c6:7d:a1:
cf:91:2d:f3:85:59:5d:e8:15:f5:27:a7:66:06:52:98:cc:5e:
85:f0:36:bf:3c:97:70:4f:05:2c:30:f9:ce:c4:68:2b:ce:52:
2c:7e:3e:07:a7:c8:75:cb:91:d6:0f:bb:e1:f5:ed:b2:3c:8e:
e6:cf:02:60
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaYJx3fc8z0yT7qthbf3V2yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI4MTMxMjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWU2MzllZjAxNjRiNzYwMzJjNDJjMGQ0YmE0NzllYTNkNmZhZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIKluZVmSlvZoLv5d6FFjyElzGfF
tNzuw3/kc81PYVNtk0BsQbBUSn6RF9l9L+GKU8eaj3fM0sAzcxdExbhWAEM0npMn
Pq7ax2QKoldNSssdspbIVO2rRbc1AgyKpMwsO/9PDnFoUlEcrsAUGtT5hUniyJWc
T4ww2zKTCNoXEZvrBlESYaoAz0Y5uJ4z6P0I2lRyt7uR/2Pd8Mp5+pJGUmaGu9PK
NpyZW6gFoOyUpzFA6yfjrfLZLPKMLncMemx54mDsAeWtHaGBffoPOjYv8rMNmul4
GfA9DOUgd5fACxaZVEYoQTDQRkUXBmMrTCbcJebwuW+emqOynAfaJAaMwQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCrmOe8BZLdgMsQsDUukeeo9b60AMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS3VZNTd3Rmt0MkF5eEN3TlM2UjU2ajF2clFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACGC0ktVtpiP0RRrjrfQ
30ecZzRL0yJIfc+dPJNUv1QIXXOSOhmgFQM/BR1W9qnVdaTkxp+XvH91VUm8PjuA
OQwQHuWzI+Jk3sYIcadT8xUJfZifoF+L8pkLhtlFroA+6pVQqF8QJBAcJL5ABUAs
rdcPa6M3/hxbmMSEj3pZN4TCu8h7buWWm7PrKqtDXp5Sz+Yo3xXZZHRBMyVzH3eY
VSJmSX1bJr095HmtWfY9w2grUdTFJw9wpHgL+B+AHJhuZEw7KcZ9oc+RLfOFWV3o
FfUnp2YGUpjMXoXwNr88l3BPBSww+c7EaCvOUix+PgenyHXLkdYPu+H17bI8jubP
AmA=
-----END CERTIFICATE-----
Generated at Fri May 2 15:33:49 2025 by rpki-client