Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kRJUOWy9ZA6KJ1Ut4hQyy-ARKZs.roa
File: kRJUOWy9ZA6KJ1Ut4hQyy-ARKZs.roa (raw, json)
Hash identifier: BVi/0RV0ZxS02HCutVJYgx5gY1CeactiZx8YXx24Sgg=
Subject key identifier: 91:12:54:39:6C:BD:64:0E:8A:27:55:2D:E2:14:32:CB:E0:11:29:9B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A3EDDD31DF537F71D2475545D38738799
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kRJUOWy9ZA6KJ1Ut4hQyy-ARKZs.roa
Signing time: Tue 29 Aug 2023 01:17:19 +0000
ROA not before: Tue 29 Aug 2023 01:17:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3e:dd:d3:1d:f5:37:f7:1d:24:75:54:5d:38:73:87:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 29 01:17:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=911254396cbd640e8a27552de21432cbe011299b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4f:e2:ad:f8:76:d3:b7:8b:3e:51:7b:e7:42:
5d:cb:d3:d2:0d:d8:71:67:4f:8b:a3:3c:1c:8b:73:
ab:30:8a:b3:eb:ae:5b:38:84:9a:68:94:81:6b:3d:
5b:01:da:43:f8:51:2a:02:e8:75:2e:f5:29:aa:75:
0e:d6:42:7d:79:27:81:de:d3:ba:f5:c1:c6:73:1c:
eb:a7:ba:8f:52:be:c6:fa:09:c1:2e:c8:75:8f:c9:
4a:49:69:56:0e:cd:96:e1:ea:53:0a:07:a1:ef:c2:
ff:45:f6:7f:f7:0b:79:1b:9b:fb:8e:b0:b9:1f:db:
f2:ce:ab:e6:b5:4c:b6:46:e0:7c:03:8a:69:9c:b6:
41:1d:f3:58:ca:77:0f:f9:a5:1f:2d:6f:7d:e1:b8:
42:82:4d:ba:1e:a0:f2:54:f0:59:8d:1f:7f:6e:03:
56:11:68:a0:db:db:8b:ed:56:2f:92:54:fb:82:b2:
bf:79:b7:47:40:c7:1e:f6:87:8b:ac:88:ad:00:1c:
65:9f:d3:b1:7b:97:d0:12:01:fe:ef:e5:05:f5:10:
ce:12:de:55:af:3e:ef:09:27:8a:85:4a:5d:cb:c4:
9d:77:6e:16:ff:21:bc:15:ff:ae:a9:a8:5c:dc:e4:
fd:a9:0f:4a:3c:ba:95:f6:22:a2:a3:e7:cb:80:57:
7b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:12:54:39:6C:BD:64:0E:8A:27:55:2D:E2:14:32:CB:E0:11:29:9B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kRJUOWy9ZA6KJ1Ut4hQyy-ARKZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
06:a9:15:43:b9:07:fc:58:aa:76:07:d9:fa:15:dd:6e:e4:62:
11:bd:ca:d2:18:6e:16:fe:cc:31:22:c6:9b:a7:e9:b9:22:0e:
c3:cf:19:18:e0:21:56:6e:b4:3c:4a:52:14:c8:63:47:69:b2:
2c:44:f0:34:29:fe:3c:35:e1:d8:76:85:fc:3d:a7:30:18:65:
fb:2f:90:fa:bf:0d:f1:e0:db:bf:ff:81:4d:fd:da:81:c9:9f:
d7:f5:e8:43:8c:44:bf:71:24:aa:87:35:9f:62:5a:95:a6:8d:
8b:28:8b:31:6f:b9:ef:15:c4:6e:e2:f6:52:e5:15:f2:73:36:
0b:a0:2f:14:f8:64:59:a3:99:4e:6f:47:0b:91:ba:d4:04:99:
ee:1d:ee:b5:c7:6f:bc:a6:e4:bd:1e:26:a3:af:38:00:6b:bb:
98:0b:9a:ce:29:1d:30:7e:bb:5b:14:9d:40:14:09:82:3d:60:
24:dd:e4:79:c8:bc:28:8b:9d:bd:a6:58:44:b2:c3:1c:78:47:
5d:17:7f:91:06:b5:00:54:3f:06:81:d4:b1:62:8c:77:73:ad:
b0:57:00:21:b7:4e:dd:83:40:57:49:af:4e:1e:aa:1e:48:8d:
26:8b:4f:07:a2:a5:a5:4b:3f:47:09:7f:bc:1b:ff:74:d6:61:
e1:c1:25:15
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYo+3dMd9Tf3HSR1VF04c4eZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI5MDExNzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTEyNTQzOTZjYmQ2NDBlOGEyNzU1MmRlMjE0MzJjYmUwMTEyOTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArE/irfh207eLPlF750Jdy9PSDdhx
Z0+Lozwci3OrMIqz665bOISaaJSBaz1bAdpD+FEqAuh1LvUpqnUO1kJ9eSeB3tO6
9cHGcxzrp7qPUr7G+gnBLsh1j8lKSWlWDs2W4epTCgeh78L/RfZ/9wt5G5v7jrC5
H9vyzqvmtUy2RuB8A4ppnLZBHfNYyncP+aUfLW994bhCgk26HqDyVPBZjR9/bgNW
EWig29uL7VYvklT7grK/ebdHQMce9oeLrIitABxln9Oxe5fQEgH+7+UF9RDOEt5V
rz7vCSeKhUpdy8Sdd24W/yG8Ff+uqahc3OT9qQ9KPLqV9iKio+fLgFd7UwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJESVDlsvWQOiidVLeIUMsvgESmbMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEva1JKVU9XeTlaQTZLSjFVdDRoUXl5LUFSS1pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAapFUO5B/xYqnYH2foV
3W7kYhG9ytIYbhb+zDEixpun6bkiDsPPGRjgIVZutDxKUhTIY0dpsixE8DQp/jw1
4dh2hfw9pzAYZfsvkPq/DfHg27//gU392oHJn9f16EOMRL9xJKqHNZ9iWpWmjYso
izFvue8VxG7i9lLlFfJzNgugLxT4ZFmjmU5vRwuRutQEme4d7rXHb7ym5L0eJqOv
OABru5gLms4pHTB+u1sUnUAUCYI9YCTd5HnIvCiLnb2mWESywxx4R10Xf5EGtQBU
PwaB1LFijHdzrbBXACG3Tt2DQFdJr04eqh5IjSaLTweipaVLP0cJf7wb/3TWYeHB
JRU=
-----END CERTIFICATE-----
Generated at Thu May 1 12:55:53 2025 by rpki-client