Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KrYGxdGCdGZgkaZyzDPG5Hg0tso.roa
File: KrYGxdGCdGZgkaZyzDPG5Hg0tso.roa (raw, json)
Hash identifier: Ivyqwlfc1q4yYcqHymmEnny/zxjmuiWlWm/siPtNViU=
Subject key identifier: 2A:B6:06:C5:D1:82:74:66:60:91:A6:72:CC:33:C6:E4:78:34:B6:CA
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 79049300
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KrYGxdGCdGZgkaZyzDPG5Hg0tso.roa
Signing time: Wed 06 Apr 2022 18:13:17 +0000
ROA not before: Wed 06 Apr 2022 18:13:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2030342912 (0x79049300)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 6 18:13:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ab606c5d18274666091a672cc33c6e47834b6ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7d:e5:f8:3e:6c:3b:88:f2:1f:1c:d5:68:67:
12:92:2a:db:4f:66:98:cc:ab:a9:22:3f:ea:ff:1f:
52:2e:a8:d8:80:a8:02:3c:3a:f8:c8:14:f6:4a:05:
7e:62:c0:54:a1:8c:e8:66:c4:48:c4:ef:74:01:6f:
73:86:15:49:0c:2f:ab:a8:7d:ee:ce:b1:3f:2d:e1:
90:08:28:cf:83:82:81:0d:69:4a:84:8b:b4:47:82:
97:33:1b:f0:e5:6b:67:59:4e:15:42:18:f7:2f:75:
b0:98:bd:9c:20:e2:70:74:9a:a5:7f:2b:02:37:ca:
7e:93:c8:f6:2a:0c:3f:77:bb:ca:5e:32:41:a0:16:
89:e3:c3:33:b6:b1:c0:3e:de:26:72:ab:0e:2f:47:
f0:92:86:dc:36:d9:4d:bd:fa:9a:d3:52:dc:45:79:
e4:36:19:04:3e:4f:0c:d0:f6:25:b1:0d:42:ff:ff:
d7:1c:b8:82:10:7a:46:e7:27:1b:71:a9:ba:ff:a3:
db:22:4c:3f:48:a3:3d:ca:2f:b7:53:29:4c:56:20:
48:a8:4e:43:89:86:48:f9:17:08:55:8b:54:a5:fe:
19:53:95:60:5c:7b:82:82:90:ee:be:72:e4:b1:b0:
72:dc:6a:fb:3d:b7:6e:9b:e7:b9:65:76:2e:f7:ad:
b8:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:B6:06:C5:D1:82:74:66:60:91:A6:72:CC:33:C6:E4:78:34:B6:CA
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KrYGxdGCdGZgkaZyzDPG5Hg0tso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
04:dd:90:8e:45:05:0c:02:a6:29:d2:af:08:a2:ad:55:d6:f6:
6e:61:59:d7:d1:22:44:b5:27:5a:ef:ae:3c:27:41:d1:86:bf:
69:fa:c4:dd:c2:e2:4d:b0:b8:d4:6b:36:bf:05:c8:8f:4b:19:
f4:07:42:7f:4a:55:a1:cd:a2:b7:2a:e2:97:44:62:2b:29:85:
05:e4:6f:04:4b:76:58:82:24:79:c5:7f:9e:6a:fe:8e:c5:12:
ee:16:17:59:a3:c3:14:b1:01:23:e1:04:20:bb:c1:61:33:04:
f1:9a:84:04:35:b5:8b:57:71:db:38:2f:93:fa:7e:ab:12:83:
00:1f:87:6d:b4:fa:13:1f:c3:27:c0:51:d8:e5:9b:d6:0a:6b:
44:48:ee:55:c5:45:8a:2a:b0:70:b3:97:98:8f:bb:77:d1:41:
14:b4:9f:72:22:ac:14:46:16:6b:d7:e0:17:30:1e:bb:aa:71:
18:85:1a:7d:2f:2b:65:9d:ed:92:2c:75:99:06:43:bd:6b:b1:
03:cd:16:25:4e:14:02:bf:2a:44:e7:6a:32:84:1e:51:55:fb:
91:02:8d:c3:9d:41:f8:6c:7c:2b:1e:70:2a:3c:7e:64:69:f6:
79:fe:b1:9b:cc:48:35:5e:11:fa:7e:ae:42:1b:58:d8:e0:46:
dc:ca:01:50
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEeQSTADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDQw
NjE4MTMxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmFiNjA2YzVkMTgy
NzQ2NjYwOTFhNjcyY2MzM2M2ZTQ3ODM0YjZjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL595fg+bDuI8h8c1WhnEpIq209mmMyrqSI/6v8fUi6o2ICo
Ajw6+MgU9koFfmLAVKGM6GbESMTvdAFvc4YVSQwvq6h97s6xPy3hkAgoz4OCgQ1p
SoSLtEeClzMb8OVrZ1lOFUIY9y91sJi9nCDicHSapX8rAjfKfpPI9ioMP3e7yl4y
QaAWiePDM7axwD7eJnKrDi9H8JKG3DbZTb36mtNS3EV55DYZBD5PDND2JbENQv//
1xy4ghB6RucnG3Gpuv+j2yJMP0ijPcovt1MpTFYgSKhOQ4mGSPkXCFWLVKX+GVOV
YFx7goKQ7r5y5LGwctxq+z23bpvnuWV2LvetuMUCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQqtgbF0YJ0ZmCRpnLMM8bkeDS2yjAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L0tyWUd4ZEdDZEdaZ2thWnl6RFBHNUhnMHRzby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQAE3ZCORQUMAqYp0q8Ioq1V1vZuYVnX0SJEtSda
7648J0HRhr9p+sTdwuJNsLjUaza/BciPSxn0B0J/SlWhzaK3KuKXRGIrKYUF5G8E
S3ZYgiR5xX+eav6OxRLuFhdZo8MUsQEj4QQgu8FhMwTxmoQENbWLV3HbOC+T+n6r
EoMAH4dttPoTH8MnwFHY5ZvWCmtESO5VxUWKKrBws5eYj7t30UEUtJ9yIqwURhZr
1+AXMB67qnEYhRp9Lytlne2SLHWZBkO9a7EDzRYlThQCvypE52oyhB5RVfuRAo3D
nUH4bHwrHnAqPH5kafZ5/rGbzEg1XhH6fq5CG1jY4EbcygFQ
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:24:07 2025 by rpki-client