Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kuU0-J-kh3PZmCsgicaTPkwG1fA.roa
File: kuU0-J-kh3PZmCsgicaTPkwG1fA.roa (raw, json)
Hash identifier: +rrixZp7Jux9KUurKz68rrveVna7arhPdMa0IkgIFXw=
Subject key identifier: 92:E5:34:F8:9F:A4:87:73:D9:98:2B:20:89:C6:93:3E:4C:06:D5:F0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186744A14CBEBBA57475F5F2E710FFB86CA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kuU0-J-kh3PZmCsgicaTPkwG1fA.roa
Signing time: Tue 21 Feb 2023 14:04:17 +0000
ROA not before: Tue 21 Feb 2023 14:04:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:744a:1018/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:74:4a:14:cb:eb:ba:57:47:5f:5f:2e:71:0f:fb:86:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 21 14:04:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92e534f89fa48773d9982b2089c6933e4c06d5f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:60:d7:da:c6:80:75:a6:ca:62:9f:1e:65:3c:
68:0a:9d:9e:ff:f1:ae:b8:1a:ed:de:7a:14:bd:35:
d4:ad:d7:6d:de:3a:e2:a4:cc:a0:a0:db:ef:82:3d:
e1:c7:15:a3:69:6f:2d:1d:f0:c7:73:08:6c:d9:25:
c2:98:ef:39:23:ab:6a:04:69:71:44:7e:37:92:ea:
29:68:bc:91:f4:96:c2:e9:1b:bb:e5:61:4b:f3:62:
98:6e:04:cf:02:06:3a:3a:94:1b:4d:09:42:c6:76:
b1:51:6b:33:19:c1:a9:c1:22:cd:db:d3:f8:a7:6f:
f2:70:2b:3f:a3:27:fd:ca:81:fd:0f:89:38:ef:56:
0f:33:79:a0:9b:e8:07:b7:c6:b5:2e:2a:10:8b:8f:
42:44:7a:20:02:db:b5:b5:4f:8f:93:9d:3e:32:91:
aa:36:1b:ca:61:56:92:98:b7:cb:64:75:3d:cd:90:
84:e4:17:a8:77:90:2e:af:cc:2e:ce:8d:d1:20:76:
23:f9:e3:2b:67:1f:6c:7e:45:d0:d8:2a:da:68:47:
2c:a4:9a:a2:0e:fb:a8:e5:37:b1:bf:70:48:4f:53:
07:f7:93:90:ab:80:96:e6:06:06:cf:d0:19:21:36:
0d:fc:e3:41:4d:a0:0c:33:1b:bb:0b:dc:da:24:5f:
e3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:E5:34:F8:9F:A4:87:73:D9:98:2B:20:89:C6:93:3E:4C:06:D5:F0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kuU0-J-kh3PZmCsgicaTPkwG1fA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:d6:63:fa:8d:08:31:67:a9:02:ca:ed:8b:60:5c:62:24:5a:
fb:4b:9b:0f:82:a3:23:7f:89:b6:d8:ba:61:ec:8e:5e:74:ca:
5a:8d:16:53:e5:c3:80:fa:22:11:a2:d5:23:fa:a8:19:aa:75:
6b:b9:88:7e:5a:db:70:d6:0f:56:d0:b8:9c:f6:8d:81:5d:74:
96:39:54:b1:33:d7:59:e6:75:b7:97:73:2e:20:52:11:cc:31:
62:7a:0c:b8:6a:2a:0a:bd:dc:c6:e2:5b:46:4f:f3:fb:c5:7d:
3b:41:d2:3d:ef:e0:07:39:4d:d2:be:9d:db:b6:54:c9:e5:7f:
fe:df:e1:72:09:3c:cd:73:af:68:32:ef:91:8d:40:49:01:f2:
1d:39:f4:84:f2:87:6f:f1:07:3a:ae:4d:50:97:2c:54:03:e0:
6f:f4:8e:54:b7:ab:8f:e6:05:17:2f:d9:71:22:b7:9c:48:85:
25:fd:a0:c5:00:f7:fb:92:d2:e0:c0:2d:07:5e:1a:86:c5:79:
4e:5f:7b:14:d4:96:ef:92:0c:9f:0f:1d:8b:d6:3a:19:ea:23:
b3:2b:14:18:4e:01:aa:b4:9a:cb:9b:f6:43:7c:32:14:0a:ba:
c4:72:34:5b:d9:1c:82:f7:67:53:8b:40:19:2d:06:a0:e9:87:
c8:97:a0:ee
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ0ShTL67pXR19fLnEP+4bKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIxMTQwNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmU1MzRmODlmYTQ4NzczZDk5ODJiMjA4OWM2OTMzZTRjMDZkNWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmDX2saAdabKYp8eZTxoCp2e//Gu
uBrt3noUvTXUrddt3jripMygoNvvgj3hxxWjaW8tHfDHcwhs2SXCmO85I6tqBGlx
RH43kuopaLyR9JbC6Ru75WFL82KYbgTPAgY6OpQbTQlCxnaxUWszGcGpwSLN29P4
p2/ycCs/oyf9yoH9D4k471YPM3mgm+gHt8a1LioQi49CRHogAtu1tU+Pk50+MpGq
NhvKYVaSmLfLZHU9zZCE5Beod5Aur8wuzo3RIHYj+eMrZx9sfkXQ2CraaEcspJqi
Dvuo5Texv3BIT1MH95OQq4CW5gYGz9AZITYN/ONBTaAMMxu7C9zaJF/juQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJLlNPifpIdz2ZgrIInGkz5MBtXwMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEva3VVMC1KLWtoM1BabUNzZ2ljYVRQa3dHMWZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB7WY/qNCDFnqQLK7Ytg
XGIkWvtLmw+CoyN/ibbYumHsjl50ylqNFlPlw4D6IhGi1SP6qBmqdWu5iH5a23DW
D1bQuJz2jYFddJY5VLEz11nmdbeXcy4gUhHMMWJ6DLhqKgq93MbiW0ZP8/vFfTtB
0j3v4Ac5TdK+ndu2VMnlf/7f4XIJPM1zr2gy75GNQEkB8h059ITyh2/xBzquTVCX
LFQD4G/0jlS3q4/mBRcv2XEit5xIhSX9oMUA9/uS0uDALQdeGobFeU5fexTUlu+S
DJ8PHYvWOhnqI7MrFBhOAaq0msub9kN8MhQKusRyNFvZHIL3Z1OLQBktBqDph8iX
oO4=
-----END CERTIFICATE-----
Generated at Fri May 2 04:30:28 2025 by rpki-client