Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KzHQA7G1ggIYuGGHuTenNtEnSGA.roa
File: KzHQA7G1ggIYuGGHuTenNtEnSGA.roa (raw, json)
Hash identifier: LT5CsBdYtInq1by8//gPPCrVcDIrmPR0BneyNV35/l0=
Subject key identifier: 2B:31:D0:03:B1:B5:82:02:18:B8:61:87:B9:37:A7:36:D1:27:48:60
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01851A331C94677F57705C13C3A1D5C2CEAB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KzHQA7G1ggIYuGGHuTenNtEnSGA.roa
Signing time: Fri 16 Dec 2022 09:10:35 +0000
ROA not before: Fri 16 Dec 2022 09:10:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1a:33:1c:94:67:7f:57:70:5c:13:c3:a1:d5:c2:ce:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 16 09:10:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b31d003b1b5820218b86187b937a736d1274860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1b:ef:dd:e8:49:ca:07:b6:76:c3:ae:68:94:
77:f1:a3:67:68:3f:5b:ac:59:34:35:29:39:c6:d5:
15:2a:38:8c:92:09:8b:9f:db:ce:8f:d2:6d:7e:6c:
31:ed:a4:7b:cd:7a:37:6f:1b:cb:92:5f:69:9e:d7:
a1:b8:c8:ea:8e:a2:69:6c:f5:a8:99:9e:59:f1:8a:
09:57:e9:b7:39:5a:02:34:f8:7e:bd:4a:6f:3b:85:
e6:b1:11:37:3e:6d:02:08:59:9b:53:2d:55:7b:7b:
92:6d:03:7c:f7:4e:7e:0d:c0:4d:b3:c7:8c:55:7a:
6c:84:91:ec:c1:e8:bf:3a:41:7e:6d:a3:21:d5:fe:
a3:2e:88:8e:6c:00:c7:b4:4e:c3:f4:b1:0a:59:e3:
fa:77:2f:ad:9a:1a:cc:72:64:68:46:f8:df:1c:9d:
8c:ef:af:b5:1f:67:e0:0d:e6:49:96:6c:78:14:5b:
3f:97:ac:a7:0c:7e:32:bf:d9:8f:71:fc:62:37:a0:
39:57:84:77:4b:82:df:13:3d:9c:be:da:ca:80:14:
ce:60:ce:0c:ad:fb:b4:2c:ee:1d:79:10:fa:dc:7b:
27:82:29:77:14:88:81:7a:c1:72:e1:2b:6e:54:64:
3c:24:d7:87:ce:01:cf:f4:12:a8:bd:98:90:c8:5e:
16:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:31:D0:03:B1:B5:82:02:18:B8:61:87:B9:37:A7:36:D1:27:48:60
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/KzHQA7G1ggIYuGGHuTenNtEnSGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:2f:77:38:17:70:61:1e:66:22:a2:23:ad:e4:8a:92:7d:14:
38:c0:12:44:56:80:3f:4c:2b:2d:36:0b:c8:f8:9d:1b:04:8c:
92:e9:d2:69:ad:05:79:9f:04:14:13:03:d0:63:6f:7f:a1:d3:
bf:b8:a2:e6:18:23:f6:7a:8a:a7:84:b5:aa:9b:04:91:84:e9:
ae:56:69:b1:71:52:0e:b0:81:62:fd:79:1e:c4:25:c1:ab:0c:
7d:9f:19:85:13:63:72:2e:9b:df:67:03:6b:cb:dc:fb:68:b5:
c5:5b:83:a9:01:50:aa:35:46:a6:db:85:60:c6:59:23:28:bc:
32:55:14:34:49:46:2d:82:0d:87:72:46:47:38:0e:1a:0b:be:
20:4c:cc:ef:7c:f1:a8:34:f5:26:05:d4:ff:9b:2b:42:b5:ce:
87:0d:f0:5a:4a:f0:63:32:1e:64:11:e9:12:7b:32:2d:b4:d3:
58:27:e3:be:e1:97:b3:03:3f:31:47:f8:09:0d:e5:97:a1:65:
d2:65:12:cf:a8:3c:75:b5:13:15:8e:a7:3e:12:3f:3e:6a:da:
5d:a4:ae:ee:f7:98:8d:71:49:b8:30:92:d2:9d:7c:28:b2:c3:
f3:61:c2:2d:9c:61:c3:96:e2:bc:3f:21:54:92:eb:17:0d:a8:
59:20:e2:c4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUaMxyUZ39XcFwTw6HVws6rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE2MDkxMDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjMxZDAwM2IxYjU4MjAyMThiODYxODdiOTM3YTczNmQxMjc0ODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxvv3ehJyge2dsOuaJR38aNnaD9b
rFk0NSk5xtUVKjiMkgmLn9vOj9Jtfmwx7aR7zXo3bxvLkl9pntehuMjqjqJpbPWo
mZ5Z8YoJV+m3OVoCNPh+vUpvO4XmsRE3Pm0CCFmbUy1Ve3uSbQN8905+DcBNs8eM
VXpshJHswei/OkF+baMh1f6jLoiObADHtE7D9LEKWeP6dy+tmhrMcmRoRvjfHJ2M
76+1H2fgDeZJlmx4FFs/l6ynDH4yv9mPcfxiN6A5V4R3S4LfEz2cvtrKgBTOYM4M
rfu0LO4deRD63Hsngil3FIiBesFy4StuVGQ8JNeHzgHP9BKovZiQyF4WhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCsx0AOxtYICGLhhh7k3pzbRJ0hgMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvS3pIUUE3RzFnZ0lZdUdHSHVUZW5OdEVuU0dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGMvdzgXcGEeZiKiI63k
ipJ9FDjAEkRWgD9MKy02C8j4nRsEjJLp0mmtBXmfBBQTA9Bjb3+h07+4ouYYI/Z6
iqeEtaqbBJGE6a5WabFxUg6wgWL9eR7EJcGrDH2fGYUTY3Ium99nA2vL3PtotcVb
g6kBUKo1RqbbhWDGWSMovDJVFDRJRi2CDYdyRkc4DhoLviBMzO988ag09SYF1P+b
K0K1zocN8FpK8GMyHmQR6RJ7Mi2001gn477hl7MDPzFH+AkN5ZehZdJlEs+oPHW1
ExWOpz4SPz5q2l2kru73mI1xSbgwktKdfCiyw/Nhwi2cYcOW4rw/IVSS6xcNqFkg
4sQ=
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:13:16 2025 by rpki-client