Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kbXja7_kx1Y1JfcGEyk10hdcCFc.roa
File: kbXja7_kx1Y1JfcGEyk10hdcCFc.roa (raw, json)
Hash identifier: fcQuvV7efXJyXoTEJyU72Zghsx8UUd/cEQd8n08icsc=
Subject key identifier: 91:B5:E3:6B:BF:E4:C7:56:35:25:F7:06:13:29:35:D2:17:5C:08:57
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018698CF967EA44983EDE29A605E17B96273
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kbXja7_kx1Y1JfcGEyk10hdcCFc.roa
Signing time: Tue 28 Feb 2023 16:16:26 +0000
ROA not before: Tue 28 Feb 2023 16:16:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:98:cf:96:7e:a4:49:83:ed:e2:9a:60:5e:17:b9:62:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 28 16:16:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91b5e36bbfe4c7563525f706132935d2175c0857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:fc:e4:aa:66:18:83:38:54:a0:0f:17:c6:eb:
b8:af:7b:5c:d1:4f:61:03:31:54:af:87:6b:8d:e1:
b8:16:4b:ec:e8:9e:2f:90:8c:b1:90:3e:2f:a5:1e:
b7:e0:a9:b7:67:f4:83:f6:a8:21:af:13:1f:56:04:
28:a5:bd:2b:57:39:dd:80:7b:8b:3d:01:48:c4:52:
5b:76:ba:78:b8:50:53:ce:fc:a2:9f:0f:42:3f:5e:
fc:24:eb:cf:26:7b:66:28:43:63:9f:f1:37:5f:e2:
b0:a9:ec:e8:21:ab:82:d9:c8:90:8a:af:a1:26:e6:
4e:37:e7:b7:2a:e1:81:75:a7:35:52:98:a3:8a:d6:
bb:bc:6b:ef:75:29:93:88:61:8e:d7:e6:f9:71:d3:
77:74:44:7e:07:af:10:ea:0f:cd:fd:e2:57:9d:ac:
19:d6:d9:8b:ab:7d:7b:7b:ea:60:48:d9:ff:eb:a0:
43:7a:d3:c7:9b:8b:96:08:9f:7b:53:72:e2:ce:73:
f2:ec:1b:f1:b5:8f:3d:f8:0e:c3:f5:18:5d:9d:47:
2c:7b:20:3a:d4:c0:91:7e:90:0d:64:0b:26:1a:04:
7d:66:e9:30:49:a0:b4:32:c6:e5:f5:da:58:8d:32:
8d:97:63:4a:83:97:f7:14:be:92:16:65:12:74:38:
3a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:B5:E3:6B:BF:E4:C7:56:35:25:F7:06:13:29:35:D2:17:5C:08:57
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kbXja7_kx1Y1JfcGEyk10hdcCFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6f:5f:a3:07:54:77:b0:fd:7d:fc:65:a8:b6:10:60:b5:d9:ec:
dd:9f:9c:df:a4:24:b9:48:01:f8:d7:53:13:79:18:b2:2b:13:
cf:7d:07:a0:45:d3:22:f8:22:a9:af:84:a9:40:4f:28:72:e7:
71:ef:1b:04:6b:32:27:33:2f:66:c5:3c:bc:99:cd:9c:60:ab:
05:79:8e:5b:68:e4:a9:83:7e:90:c5:2a:6a:9d:b7:79:86:ac:
0d:07:8f:a4:8a:1a:e5:e3:50:45:d8:f0:92:8b:fa:77:87:01:
ad:40:2e:5a:e1:d3:98:83:c5:92:54:c2:58:5d:22:3a:15:a5:
15:18:1c:b1:e7:87:d8:a4:29:19:f5:ca:eb:13:fa:5c:94:80:
d0:64:d2:19:91:9e:af:f1:a0:38:4a:8d:51:0f:ef:10:cd:df:
94:b3:4f:12:78:c6:ed:c9:09:90:e3:c1:1a:d5:b9:be:7a:64:
34:e4:8d:52:60:1c:ed:c0:43:25:ef:00:76:45:55:82:3b:6c:
65:27:2e:33:f5:50:10:e0:ed:d6:95:32:24:6c:b2:df:5d:ec:
de:8a:8b:bb:65:3d:1a:58:a9:a7:3d:99:35:20:d0:5f:0d:3b:
9a:49:7a:e0:3a:8c:ef:7e:24:e4:cf:0d:3a:7d:b5:9d:7e:c7:
e0:5f:91:0e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaYz5Z+pEmD7eKaYF4XuWJzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI4MTYxNjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWI1ZTM2YmJmZTRjNzU2MzUyNWY3MDYxMzI5MzVkMjE3NWMwODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/PzkqmYYgzhUoA8Xxuu4r3tc0U9h
AzFUr4drjeG4Fkvs6J4vkIyxkD4vpR634Km3Z/SD9qghrxMfVgQopb0rVzndgHuL
PQFIxFJbdrp4uFBTzvyinw9CP178JOvPJntmKENjn/E3X+KwqezoIauC2ciQiq+h
JuZON+e3KuGBdac1Upijita7vGvvdSmTiGGO1+b5cdN3dER+B68Q6g/N/eJXnawZ
1tmLq317e+pgSNn/66BDetPHm4uWCJ97U3LiznPy7BvxtY89+A7D9RhdnUcseyA6
1MCRfpANZAsmGgR9ZukwSaC0Msbl9dpYjTKNl2NKg5f3FL6SFmUSdDg66wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJG142u/5MdWNSX3BhMpNdIXXAhXMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEva2JYamE3X2t4MVkxSmZjR0V5azEwaGRjQ0ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG9fowdUd7D9ffxlqLYQ
YLXZ7N2fnN+kJLlIAfjXUxN5GLIrE899B6BF0yL4IqmvhKlATyhy53HvGwRrMicz
L2bFPLyZzZxgqwV5jlto5KmDfpDFKmqdt3mGrA0Hj6SKGuXjUEXY8JKL+neHAa1A
Llrh05iDxZJUwlhdIjoVpRUYHLHnh9ikKRn1yusT+lyUgNBk0hmRnq/xoDhKjVEP
7xDN35SzTxJ4xu3JCZDjwRrVub56ZDTkjVJgHO3AQyXvAHZFVYI7bGUnLjP1UBDg
7daVMiRsst9d7N6Ki7tlPRpYqac9mTUg0F8NO5pJeuA6jO9+JOTPDTp9tZ1+x+Bf
kQ4=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:34:47 2025 by rpki-client