Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NKR1XltppEuV7LOgrxAxF7LCFOw.roa
File: NKR1XltppEuV7LOgrxAxF7LCFOw.roa (raw, json)
Hash identifier: 58CIS9BjkBxqqZ5+Hd3abNaV5Mncrwk+VmONgf161Tg=
Subject key identifier: 34:A4:75:5E:5B:69:A4:4B:95:EC:B3:A0:AF:10:31:17:B2:C2:14:EC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0182241B46AAB06F3BA78BE7178CBA179D74
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NKR1XltppEuV7LOgrxAxF7LCFOw.roa
Signing time: Fri 22 Jul 2022 04:12:23 +0000
ROA not before: Fri 22 Jul 2022 04:12:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:24:1b:46:aa:b0:6f:3b:a7:8b:e7:17:8c:ba:17:9d:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 22 04:12:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=34a4755e5b69a44b95ecb3a0af103117b2c214ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a1:e0:85:15:47:1e:f8:a1:d1:3c:63:b3:53:
dd:46:bd:91:8a:92:45:d0:53:d8:9a:31:59:9c:e4:
ee:6c:7e:9a:de:26:0b:be:39:84:1d:6a:09:a8:9c:
ec:ed:27:06:7e:72:04:20:94:c0:6d:c2:c9:cf:66:
1e:33:67:00:5d:91:b5:1a:f1:10:c1:de:c3:f8:b2:
71:6d:34:7c:d3:13:75:4b:b7:3d:cc:73:fb:a8:b2:
2d:d1:6f:32:1d:29:98:c9:73:3c:52:e4:8c:43:ac:
ad:b1:2b:e7:96:e8:b2:25:d4:f1:cd:99:d2:9f:23:
22:da:99:00:33:9f:ce:72:72:f3:1d:cf:df:b2:39:
f8:06:c6:bd:26:0a:75:b1:f7:c4:1c:e1:bc:07:72:
82:c0:a7:44:f2:4e:ed:3e:00:ad:d8:10:0c:64:4b:
6b:b5:8e:6f:5e:f8:c3:8f:5f:6b:be:66:d9:e5:da:
50:18:bb:58:b4:9f:e6:0c:77:ff:51:91:1a:ff:76:
93:5d:66:e0:9d:90:a0:9f:13:32:fc:d4:e6:60:a2:
fc:0f:65:eb:a3:99:4c:c8:50:d0:88:0d:d0:ea:d4:
29:a8:f9:d1:41:8c:c8:fe:29:2d:3a:39:03:d9:03:
2d:3d:3e:16:17:2a:64:76:d8:17:45:a5:19:0d:92:
92:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:A4:75:5E:5B:69:A4:4B:95:EC:B3:A0:AF:10:31:17:B2:C2:14:EC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/NKR1XltppEuV7LOgrxAxF7LCFOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5e:ba:b6:d4:c0:bc:92:0a:0f:89:9b:03:40:3d:87:6d:92:d8:
90:b3:17:74:07:df:c7:d7:e2:b3:55:2d:61:5d:b3:5a:6d:fd:
8e:9a:77:5e:d6:db:42:d7:e8:0e:0c:64:48:33:80:60:dd:ea:
0a:b5:f0:ca:03:d5:5e:2d:67:6b:a6:b1:cd:96:63:18:28:d0:
8b:eb:59:de:aa:30:90:59:18:37:b2:5d:80:ef:ba:14:c1:d7:
fe:0c:f3:c0:c8:77:97:ce:ab:d0:1d:c9:8f:8d:31:e4:14:3f:
65:fc:15:91:a5:d8:62:ee:9f:7a:3b:0b:d8:8a:d2:d7:46:c6:
bf:7f:6c:46:cf:a8:0f:2a:66:5b:c2:3d:f2:78:ce:aa:ad:23:
1b:e3:92:80:3b:e6:40:0f:c4:e8:ae:a5:b2:77:40:b2:06:09:
be:e2:ba:7c:71:58:7b:ce:d4:ad:5f:d6:6f:e4:92:dd:14:fb:
6f:dd:77:f6:79:05:78:6f:7d:fc:3f:f8:28:a3:67:bc:2d:5b:
f9:a7:5f:96:bf:28:f4:62:7c:fc:31:a4:ff:8a:ad:95:f0:6f:
4c:94:01:c7:7a:ab:9d:43:88:26:56:47:9c:46:a9:21:cd:31:
08:16:73:fc:77:4a:9f:0b:90:af:d0:f3:7d:d2:ad:fd:28:c3:
01:10:35:54
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYIkG0aqsG87p4vnF4y6F510MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwNzIyMDQxMjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGE0NzU1ZTViNjlhNDRiOTVlY2IzYTBhZjEwMzExN2IyYzIxNGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6HghRVHHvih0Txjs1PdRr2RipJF
0FPYmjFZnOTubH6a3iYLvjmEHWoJqJzs7ScGfnIEIJTAbcLJz2YeM2cAXZG1GvEQ
wd7D+LJxbTR80xN1S7c9zHP7qLIt0W8yHSmYyXM8UuSMQ6ytsSvnluiyJdTxzZnS
nyMi2pkAM5/OcnLzHc/fsjn4Bsa9Jgp1sffEHOG8B3KCwKdE8k7tPgCt2BAMZEtr
tY5vXvjDj19rvmbZ5dpQGLtYtJ/mDHf/UZEa/3aTXWbgnZCgnxMy/NTmYKL8D2Xr
o5lMyFDQiA3Q6tQpqPnRQYzI/iktOjkD2QMtPT4WFypkdtgXRaUZDZKSuQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDSkdV5baaRLleyzoK8QMReywhTsMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTktSMVhsdHBwRXVWN0xPZ3J4QXhGN0xDRk93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF66ttTAvJIKD4mbA0A9
h22S2JCzF3QH38fX4rNVLWFds1pt/Y6ad17W20LX6A4MZEgzgGDd6gq18MoD1V4t
Z2umsc2WYxgo0IvrWd6qMJBZGDeyXYDvuhTB1/4M88DId5fOq9AdyY+NMeQUP2X8
FZGl2GLun3o7C9iK0tdGxr9/bEbPqA8qZlvCPfJ4zqqtIxvjkoA75kAPxOiupbJ3
QLIGCb7iunxxWHvO1K1f1m/kkt0U+2/dd/Z5BXhvffw/+CijZ7wtW/mnX5a/KPRi
fPwxpP+KrZXwb0yUAcd6q51DiCZWR5xGqSHNMQgWc/x3Sp8LkK/Q833Srf0owwEQ
NVQ=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:35:57 2025 by rpki-client