Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rwA1d3JLKJVk72N4BPoUylv_Kbo.roa
File: rwA1d3JLKJVk72N4BPoUylv_Kbo.roa (raw, json)
Hash identifier: nhO0Jrtp/+0eXUiQ5rLU+0FaYrezQZE98Htk96g1Xyo=
Subject key identifier: AF:00:35:77:72:4B:28:95:64:EF:63:78:04:FA:14:CA:5B:FF:29:BA
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185608F4BFA26D96B5C9EB709E6E0CE2B81
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rwA1d3JLKJVk72N4BPoUylv_Kbo.roa
Signing time: Fri 30 Dec 2022 01:04:41 +0000
ROA not before: Fri 30 Dec 2022 01:04:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:185:608e:da08/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:60:8f:4b:fa:26:d9:6b:5c:9e:b7:09:e6:e0:ce:2b:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 30 01:04:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af003577724b289564ef637804fa14ca5bff29ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:74:11:39:1f:5f:fe:64:e6:a5:74:61:f7:af:
5e:d0:71:ef:89:e3:cd:77:3d:ca:1a:e6:a0:46:52:
8c:d6:17:32:fd:fe:85:10:e6:25:5c:46:e4:b9:9a:
65:83:e5:31:1c:3e:5d:8c:90:14:99:86:dc:d6:61:
5e:15:d8:aa:f4:09:27:97:ff:f9:a2:b1:53:ab:57:
23:a2:28:30:ca:2b:5b:0b:c5:43:3f:28:44:45:00:
1f:42:a0:26:3d:29:b2:47:bf:1c:22:7d:43:69:32:
ae:86:90:08:fb:d3:95:53:00:fd:3c:e6:92:76:3c:
62:c2:24:d8:31:41:d6:9b:04:21:cb:75:18:c7:22:
d7:47:22:19:6c:89:a3:06:c0:c7:fc:61:d0:f2:3e:
7b:33:fe:0c:ee:0b:ab:d8:f5:48:13:07:79:63:bb:
b8:29:d4:52:9e:9d:d5:79:44:45:65:11:cf:81:0b:
f6:a2:3f:12:5e:51:de:3f:c7:1f:48:33:e0:85:98:
1a:a2:e7:ae:90:3c:9a:cc:5c:4a:2d:91:35:fe:6c:
70:36:7d:19:4e:de:1d:ec:ce:e2:7a:0d:cf:d4:26:
f6:37:75:ab:0b:b1:cd:ea:d4:34:90:e9:d6:31:9e:
a0:b9:67:20:5c:10:be:7d:f9:92:ea:80:a1:aa:80:
9f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:00:35:77:72:4B:28:95:64:EF:63:78:04:FA:14:CA:5B:FF:29:BA
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/rwA1d3JLKJVk72N4BPoUylv_Kbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b1:29:e8:fc:90:87:3e:3c:d4:8b:96:14:5b:af:52:71:39:4f:
41:80:29:95:d9:0a:30:1b:c2:ae:0f:b9:7c:19:f4:6e:ca:6b:
57:1e:d5:09:99:25:20:c5:ea:f8:c6:b3:25:b8:86:fc:22:70:
4f:09:68:95:d7:4b:8c:9e:6a:c0:20:b1:4b:e2:ff:c0:f4:2b:
23:c5:c3:fe:e4:ce:c3:e3:02:30:6a:8b:30:d2:ea:9c:90:61:
17:59:5f:d1:8a:36:41:56:35:12:eb:bc:35:23:08:9e:38:ac:
10:bc:e2:44:06:9f:e9:24:3e:6a:c3:a6:7b:e7:5c:46:15:da:
2b:71:ef:c1:24:b9:30:52:aa:21:24:f5:f0:ea:7a:3a:f9:95:
5f:53:8d:a9:f9:4c:42:d8:33:fb:ed:e5:7a:2a:eb:97:bb:d7:
64:0f:dd:96:43:24:37:8a:3f:1b:c5:d2:13:d4:0b:56:e5:45:
fd:fa:75:3e:d5:65:86:4c:8c:d6:43:f7:57:39:20:a3:f1:df:
68:c3:8b:35:e5:6b:46:5a:4c:ef:6b:ec:10:86:47:35:8a:77:
e7:5b:b2:cf:c4:0d:3a:e8:5c:15:ba:9e:90:10:b9:46:fb:15:
f8:3b:c8:08:80:2d:5f:94:6c:e3:c8:58:8b:f3:d6:a5:48:3c:
3a:c9:e0:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVgj0v6JtlrXJ63CebgziuBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjMwMDEwNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjAwMzU3NzcyNGIyODk1NjRlZjYzNzgwNGZhMTRjYTViZmYyOWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3QROR9f/mTmpXRh969e0HHviePN
dz3KGuagRlKM1hcy/f6FEOYlXEbkuZplg+UxHD5djJAUmYbc1mFeFdiq9Aknl//5
orFTq1cjoigwyitbC8VDPyhERQAfQqAmPSmyR78cIn1DaTKuhpAI+9OVUwD9POaS
djxiwiTYMUHWmwQhy3UYxyLXRyIZbImjBsDH/GHQ8j57M/4M7gur2PVIEwd5Y7u4
KdRSnp3VeURFZRHPgQv2oj8SXlHeP8cfSDPghZgaoueukDyazFxKLZE1/mxwNn0Z
Tt4d7M7ieg3P1Cb2N3WrC7HN6tQ0kOnWMZ6guWcgXBC+ffmS6oChqoCf7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK8ANXdySyiVZO9jeAT6FMpb/ym6MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvcndBMWQzSkxLSlZrNzJONEJQb1V5bHZfS2JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALEp6PyQhz481IuWFFuv
UnE5T0GAKZXZCjAbwq4PuXwZ9G7Ka1ce1QmZJSDF6vjGsyW4hvwicE8JaJXXS4ye
asAgsUvi/8D0KyPFw/7kzsPjAjBqizDS6pyQYRdZX9GKNkFWNRLrvDUjCJ44rBC8
4kQGn+kkPmrDpnvnXEYV2itx78EkuTBSqiEk9fDqejr5lV9Tjan5TELYM/vt5Xoq
65e712QP3ZZDJDeKPxvF0hPUC1blRf36dT7VZYZMjNZD91c5IKPx32jDizXla0Za
TO9r7BCGRzWKd+dbss/EDTroXBW6npAQuUb7Ffg7yAiALV+UbOPIWIvz1qVIPDrJ
4AA=
-----END CERTIFICATE-----
Generated at Thu May 1 14:27:26 2025 by rpki-client