Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KmWYpBA5TQ531U-k0DY5Oa1GTKc.roa
File: KmWYpBA5TQ531U-k0DY5Oa1GTKc.roa (raw, json)
Hash identifier: atiTc8vhQKnt7U46NlwRDkVB1qhS4RnHjqEJF7BlOdc=
Subject key identifier: 2A:65:98:A4:10:39:4D:0E:77:D5:4F:A4:D0:36:39:39:AD:46:4C:A7
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189BFD50D3F1FF4D2DC1F89ABB83595700F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KmWYpBA5TQ531U-k0DY5Oa1GTKc.roa
Signing time: Fri 04 Aug 2023 09:15:58 +0000
ROA not before: Fri 04 Aug 2023 09:15:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bf:d5:0d:3f:1f:f4:d2:dc:1f:89:ab:b8:35:95:70:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 4 09:15:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2a6598a410394d0e77d54fa4d0363939ad464ca7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:18:56:e9:5c:2f:c7:41:dd:7b:bb:cc:60:b2:
3b:e4:6c:5b:56:c2:76:7d:81:cc:ba:c3:ff:2c:12:
5e:ef:be:0c:4d:36:23:ef:70:5d:18:72:c2:a7:61:
99:52:6a:ff:2a:87:11:fa:ba:0b:f5:9e:f2:04:dc:
aa:8c:52:18:b9:92:78:99:8b:ef:3e:f9:e9:99:78:
35:3e:16:1a:15:6d:38:e0:af:af:ab:bd:53:99:3b:
43:df:78:e9:82:c0:ea:76:ef:4c:e5:1f:4a:93:7d:
d3:c6:6f:4f:75:5b:94:4c:f7:b0:f2:a7:55:48:ff:
d7:ed:32:1c:b3:e2:5c:53:7f:a6:5e:c0:85:bf:f9:
de:54:bd:68:ef:6d:4e:81:53:c1:63:29:cc:eb:93:
09:04:ac:5d:b1:88:8d:b7:a9:cf:82:e0:67:70:59:
f0:07:28:1f:93:d5:64:2b:ca:78:2e:fe:46:1c:eb:
7b:25:34:82:0f:e4:60:62:84:6e:11:35:e4:de:2a:
7a:f1:f7:0d:5e:69:ff:54:01:a8:68:1e:89:bf:c7:
56:07:8f:65:3b:8f:84:e4:7c:0b:9c:f5:b1:7b:d9:
c5:87:08:83:ad:21:ae:6a:5c:fd:30:90:1e:65:b4:
cf:96:0f:2a:cd:6b:81:22:05:be:d0:91:47:ed:e8:
38:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:65:98:A4:10:39:4D:0E:77:D5:4F:A4:D0:36:39:39:AD:46:4C:A7
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KmWYpBA5TQ531U-k0DY5Oa1GTKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
97:35:c1:81:b2:50:44:f0:d6:d0:ff:46:5a:26:0d:a9:60:75:
cf:30:21:b6:e1:6a:6d:aa:34:98:dc:36:c9:d6:be:4f:1f:60:
49:3f:25:61:7b:b9:0b:d2:d4:86:84:05:91:8d:32:68:cc:93:
58:5f:3f:10:e2:4e:e5:e8:24:27:00:62:34:ec:26:78:e8:9c:
73:62:ab:d3:5b:44:03:d1:a9:11:83:19:cd:c5:1d:50:19:4a:
d5:91:e7:43:7e:3e:6e:4a:90:6f:3f:0c:96:68:db:2b:c7:cd:
e1:95:8e:d2:eb:5d:81:a0:75:eb:d5:e6:50:2c:37:0d:17:c1:
fc:bb:d1:f6:40:22:cb:9f:57:01:6f:cd:d6:e9:e5:e2:5f:1a:
8d:7b:88:f4:4f:e6:6c:a5:91:09:a7:af:91:f8:47:89:66:ff:
b6:f9:b1:84:89:a0:db:59:68:75:8f:c5:96:05:14:df:9d:e5:
a8:7e:27:79:6f:e4:b1:0e:f4:1a:f6:48:20:32:35:9d:bb:3c:
7d:47:22:54:07:70:34:c2:ce:22:e9:74:a3:4c:2f:5b:3f:09:
32:de:2d:db:77:8e:9b:ac:b9:5c:c3:92:55:72:ba:8d:a7:c6:
28:fe:20:56:04:95:07:67:3a:2b:ae:28:9d:ca:18:31:8b:0c:
a1:fd:29:a5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYm/1Q0/H/TS3B+Jq7g1lXAPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODA0MDkxNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTY1OThhNDEwMzk0ZDBlNzdkNTRmYTRkMDM2MzkzOWFkNDY0Y2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixhW6Vwvx0Hde7vMYLI75GxbVsJ2
fYHMusP/LBJe774MTTYj73BdGHLCp2GZUmr/KocR+roL9Z7yBNyqjFIYuZJ4mYvv
PvnpmXg1PhYaFW044K+vq71TmTtD33jpgsDqdu9M5R9Kk33Txm9PdVuUTPew8qdV
SP/X7TIcs+JcU3+mXsCFv/neVL1o721OgVPBYynM65MJBKxdsYiNt6nPguBncFnw
Bygfk9VkK8p4Lv5GHOt7JTSCD+RgYoRuETXk3ip68fcNXmn/VAGoaB6Jv8dWB49l
O4+E5HwLnPWxe9nFhwiDrSGualz9MJAeZbTPlg8qzWuBIgW+0JFH7eg4lQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCplmKQQOU0Od9VPpNA2OTmtRkynMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS21XWXBCQTVUUTUzMVUtazBEWTVPYTFHVEtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJc1wYGyUETw1tD/Rlom
Dalgdc8wIbbham2qNJjcNsnWvk8fYEk/JWF7uQvS1IaEBZGNMmjMk1hfPxDiTuXo
JCcAYjTsJnjonHNiq9NbRAPRqRGDGc3FHVAZStWR50N+Pm5KkG8/DJZo2yvHzeGV
jtLrXYGgdevV5lAsNw0Xwfy70fZAIsufVwFvzdbp5eJfGo17iPRP5mylkQmnr5H4
R4lm/7b5sYSJoNtZaHWPxZYFFN+d5ah+J3lv5LEO9Br2SCAyNZ27PH1HIlQHcDTC
ziLpdKNML1s/CTLeLdt3jpusuVzDklVyuo2nxij+IFYElQdnOiuuKJ3KGDGLDKH9
KaU=
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:23:20 2025 by rpki-client