Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-KOD9Ec3ZPkGCDye7xgCgCnE0sw.roa
File: 1-KOD9Ec3ZPkGCDye7xgCgCnE0sw.roa (raw, json)
Hash identifier: Aqqwia+2taKS5u1Hj48iwDGYSRqmTeNPA+F3NDP8DMM=
Subject key identifier: F8:A3:83:F4:47:37:64:F9:06:08:3C:9E:EF:18:02:80:29:C4:D2:CC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186C5AD9661BC3F026E97CA997AD25CE7F2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-KOD9Ec3ZPkGCDye7xgCgCnE0sw.roa
Signing time: Thu 09 Mar 2023 09:22:13 +0000
ROA not before: Thu 09 Mar 2023 09:22:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c5:ad:96:61:bc:3f:02:6e:97:ca:99:7a:d2:5c:e7:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 9 09:22:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f8a383f4473764f906083c9eef18028029c4d2cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:4e:e3:cd:79:9d:b2:df:b0:42:d3:f9:44:9e:
05:19:c8:e2:c8:17:0c:a0:e1:c9:8e:45:37:ab:05:
30:e6:73:53:50:1d:10:12:71:b6:5b:2f:fb:8e:bd:
ae:ce:98:75:13:5e:92:1f:b3:60:9a:59:a2:b3:cd:
96:ad:98:cb:00:11:bd:1a:94:ed:78:ef:b2:7c:ed:
62:74:45:03:97:46:35:44:cf:36:55:7f:ef:9a:92:
0b:fc:83:2e:aa:82:57:27:ee:dc:33:30:3a:9e:ca:
eb:b3:b1:40:de:26:78:a3:ba:fa:3e:f4:89:f1:af:
32:7b:58:cc:ea:d7:8c:98:2e:4b:cf:0d:98:45:48:
ad:1d:a8:0a:98:c6:a9:8c:49:54:79:d9:10:ae:1c:
34:b7:6f:ec:68:68:a6:af:6f:e3:e8:31:bc:50:ae:
65:7e:b4:c6:d7:f2:b4:8d:94:ae:25:7b:fe:8f:9c:
d3:6d:68:b7:f7:dd:ec:dc:d8:81:2a:9b:a7:56:9b:
4b:e0:87:92:2f:a9:a2:8b:93:c0:4b:09:00:32:33:
87:01:bd:14:53:a6:ac:2a:90:5b:04:96:8a:ca:94:
44:90:92:c2:ae:01:33:70:1b:22:9a:40:5d:a9:b3:
d3:bd:d0:7d:83:92:20:fc:c1:e3:af:3d:c3:5e:e4:
da:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:A3:83:F4:47:37:64:F9:06:08:3C:9E:EF:18:02:80:29:C4:D2:CC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/1-KOD9Ec3ZPkGCDye7xgCgCnE0sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
03:7e:f6:78:e2:4e:f1:aa:bb:21:20:56:04:df:48:78:bf:b9:
e3:7d:13:e5:f4:67:f7:1a:b3:98:7b:72:c6:1b:ea:94:19:83:
3b:79:17:88:25:2f:01:2d:78:59:77:29:4d:58:e8:f9:b5:0b:
82:c8:76:32:6e:de:32:7d:71:07:70:a3:ab:a5:90:04:47:ac:
4f:09:e0:99:5a:3d:34:10:8e:95:e0:68:29:41:32:88:7f:34:
3e:d2:69:ca:c3:7a:3d:22:ed:87:ba:20:1a:4f:48:c3:de:1e:
1a:ae:10:45:ad:20:c5:fc:09:13:fa:f9:b8:b6:48:b2:e1:b0:
f6:37:0f:94:ae:a4:fe:76:d9:78:b3:0d:00:a9:7b:cc:0f:a0:
09:c0:c9:bf:11:8b:84:e5:82:f2:24:66:0f:ef:51:14:a8:19:
be:40:d3:54:9e:6e:13:b0:55:2b:d5:95:bf:b0:af:a1:fc:bb:
69:1a:d3:d6:d0:99:f6:17:36:32:f4:3c:fe:cb:26:a6:f2:e7:
a0:01:2e:18:87:ef:ba:eb:d6:3f:0c:51:cc:ab:fa:fd:7d:c6:
b0:d9:51:0d:37:dc:a3:a7:58:0a:05:6e:ba:7f:75:19:5e:c7:
d9:de:dd:27:35:4e:f9:f3:7d:a0:8b:d4:0c:9d:58:41:e7:d4:
2e:41:51:80
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYbFrZZhvD8CbpfKmXrSXOfyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA5MDkyMjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGEzODNmNDQ3Mzc2NGY5MDYwODNjOWVlZjE4MDI4MDI5YzRkMmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArk7jzXmdst+wQtP5RJ4FGcjiyBcM
oOHJjkU3qwUw5nNTUB0QEnG2Wy/7jr2uzph1E16SH7Ngmlmis82WrZjLABG9GpTt
eO+yfO1idEUDl0Y1RM82VX/vmpIL/IMuqoJXJ+7cMzA6nsrrs7FA3iZ4o7r6PvSJ
8a8ye1jM6teMmC5Lzw2YRUitHagKmMapjElUedkQrhw0t2/saGimr2/j6DG8UK5l
frTG1/K0jZSuJXv+j5zTbWi3993s3NiBKpunVptL4IeSL6mii5PASwkAMjOHAb0U
U6asKpBbBJaKypREkJLCrgEzcBsimkBdqbPTvdB9g5Ig/MHjrz3DXuTaoQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPijg/RHN2T5Bgg8nu8YAoApxNLMMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvMS1LT0Q5RWMzWlBrR0NEeWU3eGdDZ0NuRTBzdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFh
Ni8xL2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQADfvZ44k7xqrshIFYE
30h4v7njfRPl9Gf3GrOYe3LGG+qUGYM7eReIJS8BLXhZdylNWOj5tQuCyHYybt4y
fXEHcKOrpZAER6xPCeCZWj00EI6V4GgpQTKIfzQ+0mnKw3o9Iu2HuiAaT0jD3h4a
rhBFrSDF/AkT+vm4tkiy4bD2Nw+UrqT+dtl4sw0AqXvMD6AJwMm/EYuE5YLyJGYP
71EUqBm+QNNUnm4TsFUr1ZW/sK+h/LtpGtPW0Jn2FzYy9Dz+yyam8uegAS4Yh++6
69Y/DFHMq/r9fcaw2VENN9yjp1gKBW66f3UZXsfZ3t0nNU75832gi9QMnVhB59Qu
QVGA
-----END CERTIFICATE-----
Generated at Tue Jun 10 20:23:32 2025 by rpki-client