Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KhurQJHwaNoMMjL_tzSxcf_aPEk.roa
File: KhurQJHwaNoMMjL_tzSxcf_aPEk.roa (raw, json)
Hash identifier: 6Fb+AV37hq9UmDSaEgt6nh7p3PT78EjxBvHp7yjZCTc=
Subject key identifier: 2A:1B:AB:40:91:F0:68:DA:0C:32:32:FF:B7:34:B1:71:FF:DA:3C:49
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 75CEC5A2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KhurQJHwaNoMMjL_tzSxcf_aPEk.roa
Signing time: Sat 26 Mar 2022 07:09:31 +0000
ROA not before: Sat 26 Mar 2022 07:09:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64:ffff:0:17f:20ac:a2bd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:17f:87e3:2531/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1976485282 (0x75cec5a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 26 07:09:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a1bab4091f068da0c3232ffb734b171ffda3c49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:78:88:dc:e4:5a:34:ab:c4:82:83:48:73:f5:
69:fd:e0:fd:bc:5e:1f:d1:90:7b:3c:e5:2f:3b:12:
76:7c:45:b8:dc:29:0e:19:9a:16:f0:cb:99:52:9c:
11:c3:2f:c6:bf:4b:7c:ef:e2:47:be:90:dd:45:4f:
5f:e5:81:71:ed:f0:fa:85:be:45:4a:d7:d4:c8:5e:
71:03:70:84:4c:28:0a:8d:17:5e:de:b8:7d:7f:85:
ea:c2:5f:fd:f2:0f:7d:91:56:79:92:e2:d2:f7:d3:
95:dc:01:4d:03:46:22:6b:e8:48:8d:71:8e:a9:d4:
0d:c4:99:3b:d6:0f:18:2c:55:15:ef:f4:db:cf:04:
c7:a1:c8:cf:b6:a2:67:44:0e:8f:aa:65:11:ac:e0:
5c:62:16:20:14:16:28:e8:7b:94:5e:52:d3:cb:67:
e5:2c:e8:f9:3a:9e:b8:6c:fc:ff:19:a4:49:97:84:
ca:65:c0:39:17:ca:03:89:95:c8:cd:10:5b:24:02:
7a:61:65:3a:84:2c:5b:1f:00:62:f9:6b:e5:b2:3d:
b2:86:b4:5e:3b:6f:ae:29:1f:32:75:65:8e:de:2f:
e6:12:3e:83:76:20:26:17:aa:96:ae:5a:8f:c0:47:
38:fb:e1:3a:61:e1:0c:7d:dc:f5:9d:68:5f:4a:d2:
c8:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:1B:AB:40:91:F0:68:DA:0C:32:32:FF:B7:34:B1:71:FF:DA:3C:49
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KhurQJHwaNoMMjL_tzSxcf_aPEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
49:99:f7:84:bf:7e:13:76:f8:b0:92:77:1a:2f:97:a4:36:88:
34:8e:ee:93:cd:30:10:ff:10:f7:d9:c2:46:18:c7:3c:76:10:
1b:69:98:32:8f:e0:ef:74:c8:8b:38:9c:32:42:5a:bf:55:36:
ce:4d:b0:7d:78:ae:1b:50:14:4f:75:cf:b0:17:61:73:b0:3c:
5c:33:91:b1:3a:54:f4:d4:8d:2a:18:dc:06:e3:e7:42:6e:3e:
1d:d2:1a:52:84:bb:ee:7a:a7:08:6c:76:30:f6:b8:85:05:30:
d6:63:c1:2c:26:be:c8:4a:16:93:b9:f3:3b:00:c3:62:36:4a:
fb:a4:79:a7:2d:88:6b:ae:f3:59:62:95:f5:85:01:fd:a8:56:
4d:f6:8d:75:d5:45:c8:e5:af:7f:42:0b:62:c9:5a:86:27:c7:
10:44:cc:f1:4e:d2:86:a8:c4:55:20:84:0b:e9:68:e3:e1:0e:
fb:82:8c:71:4d:75:65:27:9d:35:85:9e:67:80:cc:b3:d4:68:
b7:30:08:52:90:f3:b0:22:bd:33:80:58:a0:8c:53:37:2d:6a:
cd:38:c3:e7:3f:9b:43:f9:3d:b5:79:52:8e:47:7e:9e:94:1c:
1d:2a:36:87:51:fc:96:f4:0c:61:6a:bc:96:9b:eb:42:74:6a:
b5:3b:34:df
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEdc7FojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDMy
NjA3MDkzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmExYmFiNDA5MWYw
NjhkYTBjMzIzMmZmYjczNGIxNzFmZmRhM2M0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL14iNzkWjSrxIKDSHP1af3g/bxeH9GQezzlLzsSdnxFuNwp
DhmaFvDLmVKcEcMvxr9LfO/iR76Q3UVPX+WBce3w+oW+RUrX1MhecQNwhEwoCo0X
Xt64fX+F6sJf/fIPfZFWeZLi0vfTldwBTQNGImvoSI1xjqnUDcSZO9YPGCxVFe/0
288Ex6HIz7aiZ0QOj6plEazgXGIWIBQWKOh7lF5S08tn5Szo+TqeuGz8/xmkSZeE
ymXAORfKA4mVyM0QWyQCemFlOoQsWx8AYvlr5bI9soa0XjtvrikfMnVljt4v5hI+
g3YgJheqlq5aj8BHOPvhOmHhDH3c9Z1oX0rSyKkCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQqG6tAkfBo2gwyMv+3NLFx/9o8STAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L0todXJRSkh3YU5vTU1qTF90elN4Y2ZfYVBFay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQBJmfeEv34TdviwkncaL5ekNog0ju6TzTAQ/xD3
2cJGGMc8dhAbaZgyj+DvdMiLOJwyQlq/VTbOTbB9eK4bUBRPdc+wF2FzsDxcM5Gx
OlT01I0qGNwG4+dCbj4d0hpShLvueqcIbHYw9riFBTDWY8EsJr7IShaTufM7AMNi
Nkr7pHmnLYhrrvNZYpX1hQH9qFZN9o111UXI5a9/QgtiyVqGJ8cQRMzxTtKGqMRV
IIQL6Wjj4Q77goxxTXVlJ501hZ5ngMyz1Gi3MAhSkPOwIr0zgFigjFM3LWrNOMPn
P5tD+T21eVKOR36elBwdKjaHUfyW9AxharyWm+tCdGq1OzTf
-----END CERTIFICATE-----
Generated at Mon Jun 9 07:58:15 2025 by rpki-client