Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KxN2DZuDBNt9krl1n3J-b0pcJIc.roa
File: KxN2DZuDBNt9krl1n3J-b0pcJIc.roa (raw, json)
Hash identifier: ueAXQHd7ws95NisII45KrXBXE3c9muKhQ3Z4jUKmYl8=
Subject key identifier: 2B:13:76:0D:9B:83:04:DB:7D:92:B9:75:9F:72:7E:6F:4A:5C:24:87
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01840FEABCAC17A809387C7EB1AC4F058DAC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KxN2DZuDBNt9krl1n3J-b0pcJIc.roa
Signing time: Tue 25 Oct 2022 16:12:32 +0000
ROA not before: Tue 25 Oct 2022 16:12:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0f:ea:bc:ac:17:a8:09:38:7c:7e:b1:ac:4f:05:8d:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Oct 25 16:12:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b13760d9b8304db7d92b9759f727e6f4a5c2487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:09:86:79:ee:be:46:cf:cd:a9:cd:a5:54:f5:
50:4b:9a:31:69:9e:5d:95:98:81:38:cb:58:e8:17:
b1:74:ed:8a:91:13:f4:0f:bd:fa:6e:a9:84:00:aa:
33:bd:aa:33:42:7b:98:96:c0:ab:de:c4:f9:cf:07:
24:69:11:3f:02:7e:50:75:19:20:bd:15:05:87:be:
98:25:7e:5c:a1:76:98:78:1d:8a:ef:d4:89:1b:1f:
4f:0a:15:9a:47:0d:10:44:82:ab:16:6d:50:94:e7:
7d:9a:a6:1d:9d:d0:61:44:15:b1:1d:44:3a:02:30:
73:e1:8f:0e:0e:2c:c8:8a:ef:6e:d3:65:73:88:c4:
25:db:14:ff:db:ab:f5:3c:d4:9f:52:a5:01:cf:68:
3b:f1:b1:ca:b7:38:9c:f7:46:0f:a7:af:12:49:03:
c2:24:74:3c:53:2c:6c:3c:e7:aa:d0:30:28:24:92:
c3:30:46:2f:51:26:03:7e:8b:ea:50:d3:38:af:44:
d0:bc:af:89:62:b9:d5:2c:ee:38:92:5f:da:a6:2b:
9c:b4:91:de:00:fe:3d:c4:99:31:db:d1:4f:af:44:
c4:9b:4e:4d:85:89:4f:ef:75:d3:29:60:93:52:4c:
f7:2e:f7:f8:50:da:5f:6a:fb:2b:ed:0c:cc:6f:ea:
c8:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:13:76:0D:9B:83:04:DB:7D:92:B9:75:9F:72:7E:6F:4A:5C:24:87
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KxN2DZuDBNt9krl1n3J-b0pcJIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9f:3c:02:b5:7f:7e:55:19:9d:7e:77:70:9d:50:5c:c8:83:92:
9c:99:b3:de:3e:41:9e:85:ed:18:6b:fb:78:46:7e:be:e7:de:
d1:3d:49:84:a2:d3:1f:71:71:63:a5:24:2a:4b:4a:f8:88:79:
09:77:44:31:3d:98:12:bf:fa:95:77:3f:b2:d8:62:e8:1b:79:
a9:fb:65:a0:f6:f4:8d:76:c6:e1:f4:11:6a:e1:27:33:f1:44:
e5:4a:1b:8a:26:7a:35:1f:42:b7:e8:d9:5e:38:55:5f:76:b5:
87:a5:5b:7d:8b:88:50:99:70:6b:5d:02:cc:95:44:4d:d1:9a:
16:0e:35:c4:16:29:2f:5e:de:97:62:44:dc:91:65:9a:b9:15:
fc:bb:3a:8e:c7:67:9d:37:7a:d8:50:05:b8:16:82:ad:49:0f:
c2:16:d7:94:fb:8a:34:48:88:0e:c0:9f:e9:87:8b:76:18:10:
8d:fb:af:e8:5e:91:c8:5b:bb:bf:96:ee:9e:6b:bc:03:85:87:
86:9b:b7:e3:b7:46:2e:c5:1d:da:91:5e:eb:aa:db:9d:5e:92:
5d:18:37:9a:e2:ae:15:6b:15:e3:50:ea:d2:32:c2:ee:5a:02:
f9:79:21:0a:0d:a0:5d:13:be:df:6d:06:11:90:6b:d0:83:b2:
00:0e:44:39
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYQP6rysF6gJOHx+saxPBY2sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMDI1MTYxMjMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjEzNzYwZDliODMwNGRiN2Q5MmI5NzU5ZjcyN2U2ZjRhNWMyNDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1AmGee6+Rs/Nqc2lVPVQS5oxaZ5d
lZiBOMtY6BexdO2KkRP0D736bqmEAKozvaozQnuYlsCr3sT5zwckaRE/An5QdRkg
vRUFh76YJX5coXaYeB2K79SJGx9PChWaRw0QRIKrFm1QlOd9mqYdndBhRBWxHUQ6
AjBz4Y8ODizIiu9u02VziMQl2xT/26v1PNSfUqUBz2g78bHKtzic90YPp68SSQPC
JHQ8UyxsPOeq0DAoJJLDMEYvUSYDfovqUNM4r0TQvK+JYrnVLO44kl/apiuctJHe
AP49xJkx29FPr0TEm05NhYlP73XTKWCTUkz3Lvf4UNpfavsr7QzMb+rIrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCsTdg2bgwTbfZK5dZ9yfm9KXCSHMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS3hOMkRadURCTnQ5a3JsMW4zSi1iMHBjSkljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ88ArV/flUZnX53cJ1Q
XMiDkpyZs94+QZ6F7Rhr+3hGfr7n3tE9SYSi0x9xcWOlJCpLSviIeQl3RDE9mBK/
+pV3P7LYYugbean7ZaD29I12xuH0EWrhJzPxROVKG4omejUfQrfo2V44VV92tYel
W32LiFCZcGtdAsyVRE3RmhYONcQWKS9e3pdiRNyRZZq5Ffy7Oo7HZ503ethQBbgW
gq1JD8IW15T7ijRIiA7An+mHi3YYEI37r+hekchbu7+W7p5rvAOFh4abt+O3Ri7F
HdqRXuuq251ekl0YN5rirhVrFeNQ6tIywu5aAvl5IQoNoF0Tvt9tBhGQa9CDsgAO
RDk=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:36:25 2025 by rpki-client