Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kkZPn1jnv6FX0jyBCd3uXCmvKyU.roa
File: kkZPn1jnv6FX0jyBCd3uXCmvKyU.roa (raw, json)
Hash identifier: 39aeXtGGtW5DglLAcPFxFjY6AJ2VElok6bvvxE89bco=
Subject key identifier: 92:46:4F:9F:58:E7:BF:A1:57:D2:3C:81:09:DD:EE:5C:29:AF:2B:25
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189F6B908553DC02ECC0887374FC11C33F6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kkZPn1jnv6FX0jyBCd3uXCmvKyU.roa
Signing time: Tue 15 Aug 2023 01:04:28 +0000
ROA not before: Tue 15 Aug 2023 01:04:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
2001:67c:64:ffff:0:189:f6b8:e1a8/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f6:b9:08:55:3d:c0:2e:cc:08:87:37:4f:c1:1c:33:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 15 01:04:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92464f9f58e7bfa157d23c8109ddee5c29af2b25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b4:21:4c:20:96:12:53:ae:59:88:38:c3:52:
ca:9d:f1:5f:c2:d6:2e:f0:b7:86:5f:05:e1:c9:7f:
ff:c6:64:f9:cc:b3:57:b5:b6:a3:1d:06:3e:1d:e0:
a6:a3:f4:e8:03:38:c9:8e:2d:06:58:25:74:8a:66:
e6:62:85:40:d0:82:c0:f7:e1:5a:c6:08:c8:87:86:
c9:89:c3:8e:18:a0:a3:51:fb:0a:a0:8a:82:90:72:
53:37:cc:7b:9e:f9:88:79:79:92:99:bd:e2:c8:b0:
88:ee:80:1d:62:77:f9:27:cb:89:61:6e:fe:4f:66:
09:ed:87:c5:6b:66:ba:df:2c:13:4c:1a:83:6f:8d:
b2:81:9b:5d:75:90:7a:58:cb:78:6c:4b:66:aa:3c:
bd:db:c5:3d:16:c2:e9:62:de:b4:50:90:f5:bf:6c:
5d:2a:99:ad:39:ae:60:86:e7:fc:8a:cc:2e:8b:dd:
20:0d:83:92:88:17:06:5c:f9:4a:8c:94:b6:f7:8e:
10:b8:f9:5c:b0:3b:7b:97:2e:75:ce:00:1e:4a:0b:
fd:62:72:5d:ad:39:e2:28:b0:bb:a1:06:2c:1d:83:
f3:cb:53:06:c4:78:ef:44:d4:7b:2b:ab:d1:dd:f4:
95:54:7b:11:d0:d1:87:ed:95:97:4a:d1:a6:45:b3:
45:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:46:4F:9F:58:E7:BF:A1:57:D2:3C:81:09:DD:EE:5C:29:AF:2B:25
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kkZPn1jnv6FX0jyBCd3uXCmvKyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:30:73:9b:5e:6b:64:3c:68:c2:64:ca:9b:5f:70:65:d5:3f:
c7:ad:39:a3:69:d5:07:de:0e:00:64:4b:c6:3f:44:2e:65:b1:
9b:e1:8a:13:38:9f:3c:eb:f1:d4:03:cb:72:8e:0c:1d:98:e9:
81:c6:e1:15:eb:1e:67:dd:0e:0e:67:63:11:7f:85:8e:15:b7:
36:e8:eb:00:41:14:41:2e:1d:1f:e4:6f:04:9d:cb:45:49:d0:
40:00:52:f9:9d:f5:00:dd:46:76:68:1a:56:71:60:9b:4c:b8:
fa:44:0b:6b:f3:d7:f9:0e:c0:0a:3d:20:d1:74:cb:79:5c:20:
f6:8c:85:ea:00:0f:06:fd:4a:7a:cd:2c:db:e1:f5:57:a2:bc:
dc:d7:21:8b:b7:8d:70:8e:0d:a1:3f:76:c7:b9:04:47:e1:d7:
98:00:d7:e5:8f:5d:93:2a:a8:c5:29:68:0f:01:8e:fb:d2:45:
41:5b:7e:11:95:7c:9b:ea:f4:d2:dd:55:06:ea:af:d9:24:60:
9e:b6:8d:5c:96:a3:80:76:52:92:fe:99:70:84:7a:16:9a:f0:
7a:3d:24:40:7e:21:70:db:f9:65:d1:6a:2a:40:6f:b7:a8:50:
a1:c6:bc:2f:7a:09:a3:37:b2:92:2c:89:2a:fc:3f:8e:d8:84:
8c:6b:17:83
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYn2uQhVPcAuzAiHN0/BHDP2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE1MDEwNDI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjQ2NGY5ZjU4ZTdiZmExNTdkMjNjODEwOWRkZWU1YzI5YWYyYjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbQhTCCWElOuWYg4w1LKnfFfwtYu
8LeGXwXhyX//xmT5zLNXtbajHQY+HeCmo/ToAzjJji0GWCV0imbmYoVA0ILA9+Fa
xgjIh4bJicOOGKCjUfsKoIqCkHJTN8x7nvmIeXmSmb3iyLCI7oAdYnf5J8uJYW7+
T2YJ7YfFa2a63ywTTBqDb42ygZtddZB6WMt4bEtmqjy928U9FsLpYt60UJD1v2xd
KpmtOa5ghuf8iswui90gDYOSiBcGXPlKjJS2944QuPlcsDt7ly51zgAeSgv9YnJd
rTniKLC7oQYsHYPzy1MGxHjvRNR7K6vR3fSVVHsR0NGH7ZWXStGmRbNFzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJJGT59Y57+hV9I8gQnd7lwpryslMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEva2taUG4xam52NkZYMGp5QkNkM3VYQ212S3lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHMwc5tea2Q8aMJkyptf
cGXVP8etOaNp1QfeDgBkS8Y/RC5lsZvhihM4nzzr8dQDy3KODB2Y6YHG4RXrHmfd
Dg5nYxF/hY4Vtzbo6wBBFEEuHR/kbwSdy0VJ0EAAUvmd9QDdRnZoGlZxYJtMuPpE
C2vz1/kOwAo9INF0y3lcIPaMheoADwb9SnrNLNvh9VeivNzXIYu3jXCODaE/dse5
BEfh15gA1+WPXZMqqMUpaA8BjvvSRUFbfhGVfJvq9NLdVQbqr9kkYJ62jVyWo4B2
UpL+mXCEehaa8Ho9JEB+IXDb+WXRaipAb7eoUKHGvC96CaM3spIsiSr8P47YhIxr
F4M=
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:09:29 2025 by rpki-client