Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kLL-tnCEzRzXqZXuqZZeb62A420.roa
File: kLL-tnCEzRzXqZXuqZZeb62A420.roa (raw, json)
Hash identifier: gd7axgulwtr+RCBQ4uv/LIIR37JEq+KOvBymJvbF5Dg=
Subject key identifier: 90:B2:FE:B6:70:84:CD:1C:D7:A9:95:EE:A9:96:5E:6F:AD:80:E3:6D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01898FF0C1DE4CA595E9C8B7A8D9434444CC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kLL-tnCEzRzXqZXuqZZeb62A420.roa
Signing time: Wed 26 Jul 2023 02:04:27 +0000
ROA not before: Wed 26 Jul 2023 02:04:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:8ff0:a6fe/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8f:f0:c1:de:4c:a5:95:e9:c8:b7:a8:d9:43:44:44:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 26 02:04:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90b2feb67084cd1cd7a995eea9965e6fad80e36d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:43:f8:4b:80:2d:09:da:95:3a:6a:f7:d4:0b:
96:fd:64:e6:ca:7b:00:b6:fb:6a:d7:f5:c3:f8:44:
a3:96:73:b1:61:33:ae:77:7e:ed:6d:17:5c:ea:b1:
0f:0e:e1:1f:15:7b:f1:c2:47:ba:9b:35:ce:43:cc:
b1:d5:6d:ae:c1:b3:32:e4:3a:ca:b1:ed:0b:14:bb:
f3:cd:a9:a8:db:b4:88:cf:10:0f:34:5f:96:92:ba:
66:c6:21:e0:d9:0a:73:49:a7:7a:21:b1:6f:2f:a5:
96:bc:cb:b2:01:8f:89:c6:ca:26:05:9e:c8:56:2e:
5d:96:05:d6:97:8c:f2:a3:3c:44:f5:39:de:66:20:
7c:d2:ca:15:f8:f4:52:cf:93:64:5e:0f:79:6f:4d:
f8:3c:16:3f:eb:68:f8:d3:23:c2:c3:54:2e:b7:4a:
54:27:c5:46:0c:64:f9:d0:36:e2:5c:62:3f:62:54:
ce:73:74:53:d5:22:6e:03:45:78:91:4b:66:ca:70:
26:51:c2:ee:ba:b1:ce:3e:0f:49:ad:48:e6:98:aa:
c5:24:65:24:28:95:35:ed:61:47:82:92:73:97:da:
0f:51:4e:33:48:65:d3:22:a9:6e:4c:16:2a:d4:32:
b8:83:8e:49:03:8e:c0:38:84:77:33:97:0b:0a:96:
ca:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:B2:FE:B6:70:84:CD:1C:D7:A9:95:EE:A9:96:5E:6F:AD:80:E3:6D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kLL-tnCEzRzXqZXuqZZeb62A420.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:d8:d4:fd:76:8a:88:0d:03:5f:a9:6e:20:f4:95:9c:75:44:
ae:65:cc:47:6b:fd:3b:95:87:68:dd:07:cd:10:5c:e0:de:84:
57:65:2f:a5:66:88:d5:fe:6d:60:62:90:9f:19:b9:15:e0:2e:
b7:d6:3e:4c:0a:1a:a6:c4:0b:25:fe:d2:b9:25:6f:37:c4:15:
c1:eb:55:e1:61:e3:ab:f1:3e:ae:a8:31:e8:58:2d:78:76:8d:
81:5f:1d:ac:2c:00:58:08:ef:75:82:d6:81:c1:e5:c2:c9:f5:
d9:52:bc:40:d5:2c:a8:2f:1f:63:f8:2e:83:10:e1:0b:05:81:
d0:22:1f:ea:ec:01:1b:23:53:9a:68:18:c2:a1:bc:5c:3c:ca:
40:52:a2:d2:54:c3:f6:d9:35:00:63:35:d7:9a:12:c1:cd:a9:
03:3d:f4:91:49:2a:34:1b:3e:54:22:56:60:be:f1:1c:dc:98:
03:44:cd:10:67:c8:07:8c:e4:60:24:e1:7b:da:61:4e:6d:9d:
7b:6b:45:fe:3b:67:55:9d:03:82:ce:b2:e4:e6:ec:6c:c8:17:
f3:a5:b1:27:1f:b3:28:fc:a9:83:6d:4b:51:e0:32:7c:cf:fe:
3a:bd:e9:0b:62:4e:36:c3:f6:b7:b1:c2:e6:29:72:b0:a7:42:
78:8b:97:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmP8MHeTKWV6ci3qNlDRETMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzI2MDIwNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGIyZmViNjcwODRjZDFjZDdhOTk1ZWVhOTk2NWU2ZmFkODBlMzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUP4S4AtCdqVOmr31AuW/WTmynsA
tvtq1/XD+ESjlnOxYTOud37tbRdc6rEPDuEfFXvxwke6mzXOQ8yx1W2uwbMy5DrK
se0LFLvzzamo27SIzxAPNF+WkrpmxiHg2QpzSad6IbFvL6WWvMuyAY+JxsomBZ7I
Vi5dlgXWl4zyozxE9TneZiB80soV+PRSz5NkXg95b034PBY/62j40yPCw1Qut0pU
J8VGDGT50DbiXGI/YlTOc3RT1SJuA0V4kUtmynAmUcLuurHOPg9JrUjmmKrFJGUk
KJU17WFHgpJzl9oPUU4zSGXTIqluTBYq1DK4g45JA47AOIR3M5cLCpbKXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJCy/rZwhM0c16mV7qmWXm+tgONtMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEva0xMLXRuQ0V6UnpYcVpYdXFaWmViNjJBNDIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA7Y1P12iogNA1+pbiD0
lZx1RK5lzEdr/TuVh2jdB80QXODehFdlL6VmiNX+bWBikJ8ZuRXgLrfWPkwKGqbE
CyX+0rklbzfEFcHrVeFh46vxPq6oMehYLXh2jYFfHawsAFgI73WC1oHB5cLJ9dlS
vEDVLKgvH2P4LoMQ4QsFgdAiH+rsARsjU5poGMKhvFw8ykBSotJUw/bZNQBjNdea
EsHNqQM99JFJKjQbPlQiVmC+8RzcmANEzRBnyAeM5GAk4XvaYU5tnXtrRf47Z1Wd
A4LOsuTm7GzIF/OlsScfsyj8qYNtS1HgMnzP/jq96QtiTjbD9rexwuYpcrCnQniL
lwI=
-----END CERTIFICATE-----
Generated at Fri Jun 13 13:12:11 2025 by rpki-client