
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/K0uPFKU-kesnzux1pZvrHDJxCXA.roa
File: K0uPFKU-kesnzux1pZvrHDJxCXA.roa (raw, json)
Hash identifier: 0VkqwLgkygStC3cQBkLv6IPYVMLajyw9T+BEe49BtwM=
Subject key identifier: 2B:4B:8F:14:A5:3E:91:EB:27:CE:EC:75:A5:9B:EB:1C:32:71:09:70
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018771BA02A07AE54E7F46207DB86C77F150
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/K0uPFKU-kesnzux1pZvrHDJxCXA.roa
Signing time: Tue 11 Apr 2023 19:10:28 +0000
ROA not before: Tue 11 Apr 2023 19:10:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:71:ba:02:a0:7a:e5:4e:7f:46:20:7d:b8:6c:77:f1:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 11 19:10:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b4b8f14a53e91eb27ceec75a59beb1c32710970
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:22:4e:e8:b2:f3:03:f0:b2:5d:71:62:27:e4:
61:8b:30:c2:a1:7d:be:42:aa:5f:3b:39:5b:53:ce:
9c:f8:ea:6f:b5:b7:b5:d6:01:01:a0:c5:c1:3f:74:
1f:cd:e8:83:0c:89:f8:4b:3a:85:71:01:b9:3a:a6:
80:90:f2:9b:a1:2f:f4:e6:01:9a:4d:bf:02:29:f7:
ed:9f:7e:af:05:71:7d:be:66:2b:c3:2a:70:4e:8b:
70:a3:5b:c1:18:19:4f:7e:9c:f1:f5:52:e1:40:dc:
32:29:19:31:df:05:ef:75:e6:45:a4:10:e0:3f:86:
9e:38:99:b2:70:ab:3b:40:81:22:9f:6c:ea:2f:62:
c0:7c:80:79:0f:88:60:ad:d8:38:f3:2e:cd:51:bb:
b8:5d:d2:92:68:5d:bc:32:0d:14:cf:83:64:bc:88:
14:62:37:8c:a8:54:13:d5:80:05:72:11:77:bc:94:
93:a6:fa:2f:33:34:fe:57:b7:c6:fd:5a:34:cf:e4:
73:56:34:19:aa:b3:39:67:21:ff:8a:b1:c3:95:59:
8f:f1:bd:70:fa:5c:73:35:ba:f6:52:f1:ef:1d:8a:
ea:6e:68:49:5d:53:51:08:82:e2:f4:3e:1f:51:de:
45:44:c1:07:10:ef:ff:63:32:cf:a0:6c:e9:c6:31:
37:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:4B:8F:14:A5:3E:91:EB:27:CE:EC:75:A5:9B:EB:1C:32:71:09:70
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/K0uPFKU-kesnzux1pZvrHDJxCXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:13:b1:9e:95:16:f3:ad:3e:12:11:c1:14:7d:27:19:50:f1:
2c:fe:b8:bf:9a:c7:aa:48:d1:f0:5d:b8:84:be:55:ef:16:eb:
01:1e:b3:b3:5b:75:ef:17:32:7b:5f:9b:6d:fc:d5:18:97:6f:
29:e1:2b:b3:f4:8a:c0:bd:16:57:b2:46:40:b8:3e:23:e5:69:
df:35:46:01:89:c2:c3:11:10:9d:4f:f6:38:4e:f2:ef:1c:40:
10:09:01:5e:a3:a1:9b:77:bd:0b:36:8b:ba:c9:27:31:8c:1e:
e1:80:75:2d:b1:3b:82:61:59:5d:7b:3f:5a:19:6d:d7:9f:90:
48:12:c3:38:ec:07:05:4f:98:68:af:39:30:ce:ee:00:d7:3e:
1c:d8:5f:89:fe:5e:3f:e7:a0:31:fe:8a:a7:43:5e:7b:66:d3:
e4:6a:96:29:4e:0c:ec:6a:c5:0e:1b:3a:a1:49:e0:b6:c3:a1:
d5:a5:cc:a7:b9:f8:da:fa:6f:75:c0:e0:dd:de:31:92:91:d5:
99:a1:8c:43:8a:5e:cb:b5:2c:4c:e4:7a:f3:90:37:17:58:81:
9f:01:34:74:f7:aa:12:73:d7:34:39:e6:d9:8b:7d:5e:9d:b1:
11:34:37:4d:41:12:12:15:e0:94:57:1e:e1:fc:20:69:9b:f4:
79:05:50:29
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYdxugKgeuVOf0Ygfbhsd/FQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDExMTkxMDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjRiOGYxNGE1M2U5MWViMjdjZWVjNzVhNTliZWIxYzMyNzEwOTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3yJO6LLzA/CyXXFiJ+RhizDCoX2+
QqpfOzlbU86c+Opvtbe11gEBoMXBP3QfzeiDDIn4SzqFcQG5OqaAkPKboS/05gGa
Tb8CKfftn36vBXF9vmYrwypwTotwo1vBGBlPfpzx9VLhQNwyKRkx3wXvdeZFpBDg
P4aeOJmycKs7QIEin2zqL2LAfIB5D4hgrdg48y7NUbu4XdKSaF28Mg0Uz4NkvIgU
YjeMqFQT1YAFchF3vJSTpvovMzT+V7fG/Vo0z+RzVjQZqrM5ZyH/irHDlVmP8b1w
+lxzNbr2UvHvHYrqbmhJXVNRCILi9D4fUd5FRMEHEO//YzLPoGzpxjE3NQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCtLjxSlPpHrJ87sdaWb6xwycQlwMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvSzB1UEZLVS1rZXNuenV4MXBadnJIREp4Q1hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA0TsZ6VFvOtPhIRwRR9
JxlQ8Sz+uL+ax6pI0fBduIS+Ve8W6wEes7Nbde8XMntfm2381RiXbynhK7P0isC9
FleyRkC4PiPlad81RgGJwsMREJ1P9jhO8u8cQBAJAV6joZt3vQs2i7rJJzGMHuGA
dS2xO4JhWV17P1oZbdefkEgSwzjsBwVPmGivOTDO7gDXPhzYX4n+Xj/noDH+iqdD
Xntm0+RqlilODOxqxQ4bOqFJ4LbDodWlzKe5+Nr6b3XA4N3eMZKR1ZmhjEOKXsu1
LEzkevOQNxdYgZ8BNHT3qhJz1zQ55tmLfV6dsRE0N01BEhIV4JRXHuH8IGmb9HkF
UCk=
-----END CERTIFICATE-----
Generated at Wed Jun 11 06:17:08 2025 by rpki-client