Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KLNln4aUvUc7zv-kFkaGB_nmXYo.roa
File: KLNln4aUvUc7zv-kFkaGB_nmXYo.roa (raw, json)
Hash identifier: 72u9Z53ibF3x/2GeresdJ6FVPgNjb7HlFHuUdN6HnDE=
Subject key identifier: 28:B3:65:9F:86:94:BD:47:3B:CE:FF:A4:16:46:86:07:F9:E6:5D:8A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0183651F37E7F56719F6D225489BF36299DD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KLNln4aUvUc7zv-kFkaGB_nmXYo.roa
Signing time: Thu 22 Sep 2022 12:14:48 +0000
ROA not before: Thu 22 Sep 2022 12:14:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:183:50b3:5643/128 maxlen: 128
2001:67c:64:ffff:0:183:5f81:ab13/128 maxlen: 128
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:183:1279:659d/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:65:1f:37:e7:f5:67:19:f6:d2:25:48:9b:f3:62:99:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 22 12:14:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=28b3659f8694bd473bceffa416468607f9e65d8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:2b:8a:4f:b8:50:a8:ec:bd:b1:d6:32:69:59:
f0:ad:ea:bc:9e:02:99:11:f5:d9:ce:fe:e6:93:41:
0f:d6:82:6f:df:15:cf:72:c6:3f:5f:26:07:b2:9c:
95:96:91:e1:a9:af:94:d2:21:39:ce:58:d8:2b:5d:
51:83:76:85:6f:55:f0:c5:b6:ab:56:a1:d5:6c:50:
60:bb:b0:f9:5e:e9:44:18:cf:22:30:90:f4:8d:8b:
e4:aa:43:68:cd:dd:d5:22:35:9f:da:b5:2a:d6:88:
0b:58:e4:6c:b0:f3:52:84:47:44:d7:7a:72:3b:c5:
06:5d:e4:94:28:54:09:73:5e:10:85:16:79:24:64:
06:ee:d8:e5:31:e7:f1:cb:89:d9:e3:85:33:fd:59:
1b:c1:84:02:28:6a:82:05:74:cb:b6:78:3f:19:1e:
cb:e7:b3:eb:ec:df:0e:db:e7:92:5e:de:c1:82:58:
86:b8:2e:fc:cd:a2:a0:10:95:e7:d6:eb:02:9f:c5:
90:a2:b5:b2:4c:bf:6b:71:3f:eb:ef:fc:54:6b:47:
cd:96:a2:51:68:5e:8a:65:70:ed:a2:bf:89:bb:8a:
2f:70:99:97:73:80:9c:44:da:f7:1a:52:01:10:38:
08:e8:91:e8:58:fd:7e:06:1e:72:40:3a:da:ed:b3:
4a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:B3:65:9F:86:94:BD:47:3B:CE:FF:A4:16:46:86:07:F9:E6:5D:8A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KLNln4aUvUc7zv-kFkaGB_nmXYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:05:1c:26:9c:9a:4e:d5:d3:c2:f7:a4:35:77:33:da:a2:c6:
d6:a3:75:a3:e3:5e:96:ce:41:74:ce:97:b0:57:71:0a:d2:40:
fd:59:11:94:09:58:b8:a6:52:77:3c:be:7d:78:aa:5e:4e:e6:
ff:b5:25:63:25:51:58:ae:c7:c2:1b:f1:8f:14:64:47:f9:0c:
df:b2:6b:b9:dc:f2:27:70:2c:3e:36:76:72:f8:46:8d:4b:ae:
42:e4:ee:41:3d:1e:ac:bd:7c:e8:b6:75:95:f0:85:cb:42:e7:
19:f1:18:d1:7c:09:fe:b5:90:fe:ce:fb:2e:e5:45:e4:24:b8:
55:83:93:68:fe:37:bb:51:b6:03:5e:59:c2:83:c8:fd:ca:78:
98:61:20:57:a2:2d:09:04:bc:f4:49:54:e4:71:39:1f:f5:68:
f3:e3:ca:17:e3:88:ce:a3:3c:58:32:3d:96:55:d1:7e:61:bf:
39:4b:7c:0a:77:46:4a:c1:4f:5b:f3:35:fd:23:57:ff:32:00:
ee:d2:4c:fb:e6:39:82:e2:1e:0a:5e:33:13:e2:71:2d:a9:bd:
d9:1f:27:a8:d7:4a:cb:36:f6:39:3d:d1:d7:f2:15:73:da:f7:
60:d4:f9:fc:b7:51:6c:de:16:57:18:28:e7:da:15:d5:8d:8c:
61:bb:8c:f1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYNlHzfn9WcZ9tIlSJvzYpndMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTIyMTIxNDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGIzNjU5Zjg2OTRiZDQ3M2JjZWZmYTQxNjQ2ODYwN2Y5ZTY1ZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSuKT7hQqOy9sdYyaVnwreq8ngKZ
EfXZzv7mk0EP1oJv3xXPcsY/XyYHspyVlpHhqa+U0iE5zljYK11Rg3aFb1Xwxbar
VqHVbFBgu7D5XulEGM8iMJD0jYvkqkNozd3VIjWf2rUq1ogLWORssPNShEdE13py
O8UGXeSUKFQJc14QhRZ5JGQG7tjlMefxy4nZ44Uz/VkbwYQCKGqCBXTLtng/GR7L
57Pr7N8O2+eSXt7BgliGuC78zaKgEJXn1usCn8WQorWyTL9rcT/r7/xUa0fNlqJR
aF6KZXDtor+Ju4ovcJmXc4CcRNr3GlIBEDgI6JHoWP1+Bh5yQDra7bNKRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCizZZ+GlL1HO87/pBZGhgf55l2KMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS0xObG40YVV2VWM3enYta0ZrYUdCX25tWFlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEsFHCacmk7V08L3pDV3
M9qixtajdaPjXpbOQXTOl7BXcQrSQP1ZEZQJWLimUnc8vn14ql5O5v+1JWMlUViu
x8Ib8Y8UZEf5DN+ya7nc8idwLD42dnL4Ro1LrkLk7kE9Hqy9fOi2dZXwhctC5xnx
GNF8Cf61kP7O+y7lReQkuFWDk2j+N7tRtgNeWcKDyP3KeJhhIFeiLQkEvPRJVORx
OR/1aPPjyhfjiM6jPFgyPZZV0X5hvzlLfAp3RkrBT1vzNf0jV/8yAO7STPvmOYLi
HgpeMxPicS2pvdkfJ6jXSss29jk90dfyFXPa92DU+fy3UWzeFlcYKOfaFdWNjGG7
jPE=
-----END CERTIFICATE-----
Generated at Wed Jun 11 12:23:06 2025 by rpki-client