Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KuhdvlKbbBchoBd50yX43ZgonK0.roa
File: KuhdvlKbbBchoBd50yX43ZgonK0.roa (raw, json)
Hash identifier: fAFD+4UL4C9ySALy6bacYjPkvCWzgAIPB8whd8zF2Ao=
Subject key identifier: 2A:E8:5D:BE:52:9B:6C:17:21:A0:17:79:D3:25:F8:DD:98:28:9C:AD
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A194F0ADC604535F24A647FAAF5CFCC8D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KuhdvlKbbBchoBd50yX43ZgonK0.roa
Signing time: Mon 21 Aug 2023 18:15:25 +0000
ROA not before: Mon 21 Aug 2023 18:15:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:19:4f:0a:dc:60:45:35:f2:4a:64:7f:aa:f5:cf:cc:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 21 18:15:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ae85dbe529b6c1721a01779d325f8dd98289cad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ec:cd:23:a9:cd:18:fb:47:9d:cf:c0:56:ec:
8b:b6:ab:c3:15:b1:92:c9:76:6e:fc:6e:99:19:10:
00:9f:ec:4f:c7:ce:50:d8:0e:bb:87:ee:cd:68:34:
b6:c2:4c:b9:9d:73:a2:e8:a8:f6:1b:2d:b7:72:8f:
aa:21:fd:53:ab:1f:51:72:16:1b:cf:1a:b2:53:69:
33:5a:dc:53:a5:01:6e:f3:9d:24:4c:ba:b0:f8:d1:
0d:11:1a:23:ae:db:07:0b:e9:7e:22:f6:21:2d:94:
b9:f2:be:db:08:94:0c:08:05:8f:88:ee:9b:b5:39:
c8:34:11:0f:7a:df:b8:c8:1b:3f:2b:cb:80:fd:cd:
8d:6b:98:73:5f:76:80:d0:09:ca:7d:50:65:5c:0b:
a9:0b:43:e2:ea:f2:b1:31:d0:7d:4c:e4:e3:23:7c:
5a:41:69:e2:e1:8d:fe:71:a2:4f:d4:28:1b:89:6b:
d8:35:75:9f:9d:6e:22:c5:d6:49:0e:e9:78:2b:43:
48:67:4b:d1:0c:52:74:b2:d9:5a:32:c5:46:b6:28:
33:08:8d:bd:fe:d2:70:f3:15:15:ce:0a:0f:c1:9e:
7d:86:cf:a4:c7:4e:7a:8b:84:74:d0:ff:60:6a:58:
eb:8e:76:a5:82:ed:39:54:fc:2e:e9:9f:b5:7e:af:
34:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:E8:5D:BE:52:9B:6C:17:21:A0:17:79:D3:25:F8:DD:98:28:9C:AD
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KuhdvlKbbBchoBd50yX43ZgonK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
86:02:b3:c3:99:3d:8b:e6:86:fd:d7:82:70:e4:59:4b:62:b6:
f6:7a:79:e0:79:31:da:c7:cd:08:0f:31:c4:87:b8:95:a9:26:
32:bf:f2:77:7f:7e:d0:7d:b1:49:af:5d:5a:b6:38:48:ea:15:
e1:84:6f:77:78:9f:39:6e:22:cc:a8:41:79:d4:1d:5c:11:fa:
b0:d7:b7:ee:03:2f:16:44:fa:26:a2:d0:8d:23:2f:21:b2:c4:
76:2c:27:86:ad:98:61:96:b5:0b:0c:90:b5:04:d8:61:dc:45:
ae:21:f7:da:35:f0:47:bd:5f:c4:08:0c:94:50:d0:32:91:84:
66:1f:13:b6:6a:6a:f5:99:0f:cd:17:18:cf:aa:4e:c2:9c:54:
28:5e:a1:d1:af:ee:17:e2:41:c2:f1:c0:5b:e2:d7:c7:8b:a5:
60:86:96:a2:b2:7c:67:07:13:c4:9b:9d:39:77:a9:24:32:17:
45:17:20:bc:86:71:02:ee:4f:63:78:cf:98:ef:e1:4d:21:de:
ad:06:55:17:18:b4:4f:31:b5:03:ea:f6:36:8d:06:a0:80:8d:
91:32:11:87:28:5a:7e:1e:b7:bc:57:20:2d:0a:aa:21:47:13:
e2:86:7b:a2:ff:0c:1c:f7:c9:08:db:86:95:5a:38:ee:46:2c:
ae:98:8c:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoZTwrcYEU18kpkf6r1z8yNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIxMTgxNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWU4NWRiZTUyOWI2YzE3MjFhMDE3NzlkMzI1ZjhkZDk4Mjg5Y2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqezNI6nNGPtHnc/AVuyLtqvDFbGS
yXZu/G6ZGRAAn+xPx85Q2A67h+7NaDS2wky5nXOi6Kj2Gy23co+qIf1Tqx9RchYb
zxqyU2kzWtxTpQFu850kTLqw+NENERojrtsHC+l+IvYhLZS58r7bCJQMCAWPiO6b
tTnINBEPet+4yBs/K8uA/c2Na5hzX3aA0AnKfVBlXAupC0Pi6vKxMdB9TOTjI3xa
QWni4Y3+caJP1CgbiWvYNXWfnW4ixdZJDul4K0NIZ0vRDFJ0stlaMsVGtigzCI29
/tJw8xUVzgoPwZ59hs+kx056i4R00P9galjrjnalgu05VPwu6Z+1fq80PQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCroXb5Sm2wXIaAXedMl+N2YKJytMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS3VoZHZsS2JiQmNob0JkNTB5WDQzWmdvbkswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIYCs8OZPYvmhv3XgnDk
WUtitvZ6eeB5MdrHzQgPMcSHuJWpJjK/8nd/ftB9sUmvXVq2OEjqFeGEb3d4nzlu
IsyoQXnUHVwR+rDXt+4DLxZE+iai0I0jLyGyxHYsJ4atmGGWtQsMkLUE2GHcRa4h
99o18Ee9X8QIDJRQ0DKRhGYfE7ZqavWZD80XGM+qTsKcVCheodGv7hfiQcLxwFvi
18eLpWCGlqKyfGcHE8SbnTl3qSQyF0UXILyGcQLuT2N4z5jv4U0h3q0GVRcYtE8x
tQPq9jaNBqCAjZEyEYcoWn4et7xXIC0KqiFHE+KGe6L/DBz3yQjbhpVaOO5GLK6Y
jOE=
-----END CERTIFICATE-----
Generated at Thu May 1 04:27:08 2025 by rpki-client