Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ksSPgG4GpxyDd4AkhKhpKPe5onM.roa
File: ksSPgG4GpxyDd4AkhKhpKPe5onM.roa (raw, json)
Hash identifier: abctu5xhZPKpYn2N/5neN0iKNUC0k5WIZG9OVUxTwpI=
Subject key identifier: 92:C4:8F:80:6E:06:A7:1C:83:77:80:24:84:A8:69:28:F7:B9:A2:73
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 8F4BDD32
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ksSPgG4GpxyDd4AkhKhpKPe5onM.roa
Signing time: Thu 23 Jun 2022 20:10:16 +0000
ROA not before: Thu 23 Jun 2022 20:10:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2404113714 (0x8f4bdd32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 23 20:10:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=92c48f806e06a71c8377802484a86928f7b9a273
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:95:79:83:38:fc:24:c9:7d:9b:d9:3e:b5:9d:
4e:83:8b:1f:2e:29:f1:e4:32:7b:d9:1e:d3:82:f2:
ab:0c:a2:8e:48:d7:75:19:91:6a:ef:5d:25:da:a5:
b5:85:5d:6d:fd:d8:49:6a:19:3e:8d:e2:b3:fd:a4:
eb:5f:bf:da:fc:85:5b:ae:9c:86:5d:90:13:5a:c1:
3a:da:6a:6f:5d:e4:5a:a2:2c:8a:ec:f7:95:71:85:
78:d8:6a:56:35:83:06:af:e6:35:11:fc:5e:b2:45:
43:c7:1d:d0:d8:85:aa:81:1f:02:d7:75:7d:f2:e6:
b5:16:43:08:d1:1c:47:a9:e1:aa:98:5f:8e:33:28:
27:8f:65:70:2d:0a:fd:23:e5:70:40:d2:e4:e0:e0:
2f:be:1d:32:03:80:1b:77:3b:20:4f:a3:27:68:42:
1b:c2:5f:3f:f6:52:49:c9:23:36:10:7c:c5:ea:bc:
88:fa:77:b4:a4:3e:7a:c3:a4:ff:9e:6c:8f:2a:61:
22:19:12:db:68:bc:5d:57:dc:a8:7a:df:e1:21:c2:
08:53:d9:ef:4b:0d:21:f4:ab:08:91:44:48:6d:b8:
13:f2:57:5c:45:c0:27:69:8d:79:89:8f:62:6b:9a:
18:1c:4e:57:39:a7:49:a9:db:93:6f:41:61:05:3e:
89:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:C4:8F:80:6E:06:A7:1C:83:77:80:24:84:A8:69:28:F7:B9:A2:73
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ksSPgG4GpxyDd4AkhKhpKPe5onM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b5:d5:c0:b5:c3:50:9f:38:75:30:77:4a:e5:ce:3e:bc:41:f1:
31:e8:79:85:9a:13:e1:15:8b:a0:32:26:c3:a2:b9:aa:22:ac:
ed:37:fc:0f:d8:36:96:e8:42:51:ef:85:12:90:13:a7:30:b8:
f4:31:4c:26:5e:95:a9:18:99:ec:00:6d:02:50:70:e1:27:8c:
f5:85:53:6f:83:b8:f9:6a:07:30:cd:4f:ff:0d:bf:d4:94:66:
35:75:db:31:13:09:93:bf:66:2a:3b:d2:c0:3e:f1:24:86:66:
f9:7d:c4:14:fa:92:6a:c1:b1:55:dc:b3:69:38:dd:f4:26:3b:
c2:e2:e4:bf:7e:9b:02:c7:e2:05:59:eb:28:9b:01:77:02:4e:
6d:ac:e4:09:cf:9f:86:d7:bd:f7:52:60:89:00:79:3f:8c:1d:
c1:61:53:35:5c:85:43:fd:bc:cd:99:1f:0a:ec:67:6b:70:51:
48:11:e7:2a:d2:77:f7:63:5c:04:f3:c7:8e:93:08:d8:2b:b2:
d3:f3:9a:ba:97:54:11:4f:b3:44:03:87:aa:90:f9:9d:9a:85:
6b:2c:8d:30:4d:44:cf:07:3f:d4:16:4a:e0:8c:1e:2e:61:d5:
88:1a:99:8d:65:65:91:1e:c0:8a:f5:90:dc:de:02:80:f1:03:
11:cf:97:d9
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAI9L3TIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA2
MjMyMDEwMTZaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDkyYzQ4ZjgwNmUw
NmE3MWM4Mzc3ODAyNDg0YTg2OTI4ZjdiOWEyNzMwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCElXmDOPwkyX2b2T61nU6Dix8uKfHkMnvZHtOC8qsMoo5I
13UZkWrvXSXapbWFXW392ElqGT6N4rP9pOtfv9r8hVuunIZdkBNawTraam9d5Fqi
LIrs95VxhXjYalY1gwav5jUR/F6yRUPHHdDYhaqBHwLXdX3y5rUWQwjRHEep4aqY
X44zKCePZXAtCv0j5XBA0uTg4C++HTIDgBt3OyBPoydoQhvCXz/2UknJIzYQfMXq
vIj6d7SkPnrDpP+ebI8qYSIZEttovF1X3Kh63+EhwghT2e9LDSH0qwiRREhtuBPy
V1xFwCdpjXmJj2JrmhgcTlc5p0mp25NvQWEFPonxAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUksSPgG4GpxyDd4AkhKhpKPe5onMwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9rc1NQZ0c0R3B4eURkNEFraEtocEtQZTVvbk0ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAtdXAtcNQnzh1MHdK5c4+vEHxMeh5hZoT4RWL
oDImw6K5qiKs7Tf8D9g2luhCUe+FEpATpzC49DFMJl6VqRiZ7ABtAlBw4SeM9YVT
b4O4+WoHMM1P/w2/1JRmNXXbMRMJk79mKjvSwD7xJIZm+X3EFPqSasGxVdyzaTjd
9CY7wuLkv36bAsfiBVnrKJsBdwJObazkCc+fhte991JgiQB5P4wdwWFTNVyFQ/28
zZkfCuxna3BRSBHnKtJ392NcBPPHjpMI2Cuy0/OaupdUEU+zRAOHqpD5nZqFayyN
ME1Ezwc/1BZK4IweLmHViBqZjWVlkR7AivWQ3N4CgPEDEc+X2Q==
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:07:29 2025 by rpki-client