Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kkOzoRhXu38UcTgsXEYPgfuKZAY.roa
File: kkOzoRhXu38UcTgsXEYPgfuKZAY.roa (raw, json)
Hash identifier: 0J31St61j47rgGS0DN9AHV/PI2LJBmqPLIUvG9yGjNE=
Subject key identifier: 92:43:B3:A1:18:57:BB:7F:14:71:38:2C:5C:46:0F:81:FB:8A:64:06
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186559ACA5D85B288E5275A54B688E3DE11
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kkOzoRhXu38UcTgsXEYPgfuKZAY.roa
Signing time: Wed 15 Feb 2023 15:04:12 +0000
ROA not before: Wed 15 Feb 2023 15:04:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:559a:c377/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:55:9a:ca:5d:85:b2:88:e5:27:5a:54:b6:88:e3:de:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 15 15:04:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9243b3a11857bb7f1471382c5c460f81fb8a6406
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:48:b9:0b:58:49:88:5b:da:b5:37:ef:86:b4:
d9:84:62:69:ff:9c:d0:9f:c1:2f:ec:fc:1a:b6:e8:
4c:ac:a4:a7:68:ca:79:e7:75:89:29:1f:cb:86:c5:
d2:06:01:3c:9f:ba:67:0a:01:c7:29:06:00:88:8c:
88:0c:98:e8:97:f3:dd:41:ce:b9:7c:3b:05:ec:c9:
40:33:5a:fb:5e:b5:ff:18:b7:b6:47:4c:1f:12:50:
59:ed:5b:a6:5b:86:51:e2:a9:df:9f:bb:06:c5:fe:
85:e5:56:fd:c8:43:a1:14:59:08:31:5e:45:56:f3:
a7:24:95:24:14:8a:17:21:90:41:83:b9:17:ae:fb:
f6:66:8a:a3:0a:b6:67:a0:71:7d:fd:3a:96:76:8c:
1b:48:95:18:67:c1:af:7e:d6:fc:ca:9f:ef:2d:92:
8b:aa:51:cc:7f:df:0c:ed:7d:46:05:0d:9f:ac:37:
70:c8:5b:3a:08:f6:db:22:f3:ee:48:01:49:21:66:
d0:65:f5:cc:77:4c:77:41:b0:f1:90:18:f6:a3:71:
05:4d:20:9a:18:17:ad:5c:f8:bb:0b:22:13:9c:5f:
1c:29:96:61:08:92:fa:7b:92:a1:2b:c5:4e:d1:9b:
02:25:75:0e:45:7c:cd:81:0d:54:4f:96:55:1a:25:
a8:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:43:B3:A1:18:57:BB:7F:14:71:38:2C:5C:46:0F:81:FB:8A:64:06
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kkOzoRhXu38UcTgsXEYPgfuKZAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
41:87:ed:b2:8c:02:65:1a:96:70:1f:d8:e6:eb:18:fc:23:a2:
8a:21:f3:c9:c4:7b:22:a6:fe:9d:5f:cd:2f:da:4e:57:39:ce:
c8:6f:c6:72:cf:f4:fb:e4:20:f3:13:6a:79:f7:8c:3a:81:c7:
60:8f:ca:10:98:35:e1:cc:3c:40:1b:06:e9:3d:99:17:79:db:
0e:c1:a6:39:c1:51:a9:6b:de:23:a2:15:40:ac:f6:ea:22:c1:
22:4f:9f:5d:f6:98:ec:fa:6a:d9:a3:d4:af:68:14:ea:a0:4b:
99:15:b9:87:ab:85:5c:7f:8c:a5:51:34:8e:ef:00:4c:e4:ee:
ff:8e:1c:fc:9a:1c:b6:3e:cb:a7:28:36:a6:0e:51:c5:6f:79:
14:b3:a5:5f:2f:67:4d:03:1e:e9:16:11:61:77:36:a5:69:85:
a7:26:5a:19:2b:11:3e:c0:6a:d4:6a:78:42:9d:de:82:60:b2:
70:2c:15:3a:63:3a:bd:de:20:3b:d5:8c:58:ce:bd:3f:6d:54:
50:2c:12:c4:4c:c7:a2:2b:2c:75:fd:69:41:f6:2d:ef:3a:db:
21:dc:f0:55:cb:c3:5e:02:c5:be:31:34:b3:98:84:16:cf:c2:
32:16:f7:99:bc:e1:62:14:19:38:f4:04:05:31:26:ac:23:82:
35:25:f0:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZVmspdhbKI5SdaVLaI494RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE1MTUwNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjQzYjNhMTE4NTdiYjdmMTQ3MTM4MmM1YzQ2MGY4MWZiOGE2NDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0i5C1hJiFvatTfvhrTZhGJp/5zQ
n8Ev7PwatuhMrKSnaMp553WJKR/LhsXSBgE8n7pnCgHHKQYAiIyIDJjol/PdQc65
fDsF7MlAM1r7XrX/GLe2R0wfElBZ7VumW4ZR4qnfn7sGxf6F5Vb9yEOhFFkIMV5F
VvOnJJUkFIoXIZBBg7kXrvv2ZoqjCrZnoHF9/TqWdowbSJUYZ8Gvftb8yp/vLZKL
qlHMf98M7X1GBQ2frDdwyFs6CPbbIvPuSAFJIWbQZfXMd0x3QbDxkBj2o3EFTSCa
GBetXPi7CyITnF8cKZZhCJL6e5KhK8VO0ZsCJXUORXzNgQ1UT5ZVGiWoZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJJDs6EYV7t/FHE4LFxGD4H7imQGMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEva2tPem9SaFh1MzhVY1Rnc1hFWVBnZnVLWkFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEGH7bKMAmUalnAf2Obr
GPwjoooh88nEeyKm/p1fzS/aTlc5zshvxnLP9PvkIPMTann3jDqBx2CPyhCYNeHM
PEAbBuk9mRd52w7BpjnBUalr3iOiFUCs9uoiwSJPn132mOz6atmj1K9oFOqgS5kV
uYerhVx/jKVRNI7vAEzk7v+OHPyaHLY+y6coNqYOUcVveRSzpV8vZ00DHukWEWF3
NqVphacmWhkrET7AatRqeEKd3oJgsnAsFTpjOr3eIDvVjFjOvT9tVFAsEsRMx6Ir
LHX9aUH2Le862yHc8FXLw14Cxb4xNLOYhBbPwjIW95m84WIUGTj0BAUxJqwjgjUl
8JQ=
-----END CERTIFICATE-----
Generated at Thu May 1 10:23:14 2025 by rpki-client