Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ktNSJftfPmK5Yv_urbOstGDql-s.roa
File: ktNSJftfPmK5Yv_urbOstGDql-s.roa (raw, json)
Hash identifier: IV4bv+/UOmi2Z1L5LUjnUCwVq4UiQe0uuXx+T3j3xSs=
Subject key identifier: 92:D3:52:25:FB:5F:3E:62:B9:62:FF:EE:AD:B3:AC:B4:60:EA:97:EB
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01899FD29BB6F70D4949A186BA367CD7B04C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ktNSJftfPmK5Yv_urbOstGDql-s.roa
Signing time: Sat 29 Jul 2023 04:05:27 +0000
ROA not before: Sat 29 Jul 2023 04:05:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:9fd1:e7dc/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9f:d2:9b:b6:f7:0d:49:49:a1:86:ba:36:7c:d7:b0:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 29 04:05:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92d35225fb5f3e62b962ffeeadb3acb460ea97eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:89:cf:25:cb:97:e9:f6:0e:13:00:56:a6:63:
63:eb:53:db:bb:28:6a:f9:12:ae:20:a4:2a:d5:10:
f2:c9:6b:68:63:a3:e2:93:a1:39:d6:c3:31:a2:67:
84:7c:b7:37:94:df:ab:fa:dd:23:a5:db:48:5a:65:
b8:6e:6b:05:5a:16:2f:75:96:c8:ed:39:06:7e:ef:
11:2f:6a:61:96:2f:f2:4a:23:8e:d3:6b:df:62:e3:
3c:9c:6b:c9:92:0b:61:9c:69:bd:fb:01:46:46:f4:
18:32:69:67:7f:c7:c1:7a:b1:ca:fb:72:43:5c:c6:
0a:cd:2d:f4:bc:a7:1f:c4:d8:b1:e7:1f:4a:88:4c:
69:3e:f1:a1:c8:5c:ae:91:f1:2e:8b:fb:e2:8c:73:
09:69:a7:01:66:71:c4:78:77:a2:9f:7d:32:77:85:
eb:31:f2:82:6f:5b:9e:8e:ce:74:2b:a6:56:bb:a4:
18:6f:0f:a3:59:46:9f:d8:bf:ac:d8:c4:89:be:92:
2b:c9:e6:b3:53:cd:0f:a4:f8:02:d3:4b:ac:08:3c:
23:03:5a:42:89:23:51:aa:3a:cb:cc:6e:aa:f9:37:
7f:9f:35:cb:6e:33:61:fe:cb:ba:ce:fd:70:15:ee:
58:c6:6d:9c:7c:ed:9b:ce:b9:e1:f5:0b:de:55:57:
8b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:D3:52:25:FB:5F:3E:62:B9:62:FF:EE:AD:B3:AC:B4:60:EA:97:EB
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ktNSJftfPmK5Yv_urbOstGDql-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:15:3a:ad:8c:c2:e0:1d:7f:ff:a2:e7:cb:7f:2c:37:c7:76:
1f:a0:da:16:05:bb:41:c7:af:e9:15:15:e9:41:6d:b7:33:9e:
87:b6:77:3e:67:cc:38:23:1e:93:4e:e9:f6:5e:80:7f:ea:65:
ef:4f:63:2f:69:81:58:f4:f2:17:7f:71:56:67:6c:3c:9f:4f:
41:a9:dd:e7:33:c2:a9:8e:7d:88:54:ce:f5:00:6c:7e:49:13:
d7:d0:45:5f:98:76:9e:1c:55:19:b8:c9:b9:56:2d:9d:59:ad:
bb:30:23:a6:49:95:53:ed:53:78:2a:1b:b8:52:1e:99:a4:c7:
90:9d:f0:32:80:d8:c8:01:36:03:10:1a:9b:83:8f:70:55:2c:
99:05:71:7d:c7:6c:00:e5:38:44:c9:86:05:97:a6:f4:a5:fc:
4b:ae:dd:91:5c:b9:50:6a:67:be:69:72:3b:8c:64:c8:bc:45:
c0:de:80:79:5c:df:fc:02:4b:16:fd:5a:51:88:c4:f8:57:d5:
77:14:fd:a8:20:13:06:67:0e:68:43:94:c8:08:29:77:f1:af:
bd:bc:e8:72:c2:61:13:6f:31:b0:9d:3d:43:8d:9a:56:de:1b:
d8:7a:71:87:2a:10:c7:f9:dc:f2:33:35:38:68:c3:67:be:e3:
a9:75:79:16
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmf0pu29w1JSaGGujZ817BMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzI5MDQwNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmQzNTIyNWZiNWYzZTYyYjk2MmZmZWVhZGIzYWNiNDYwZWE5N2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgInPJcuX6fYOEwBWpmNj61Pbuyhq
+RKuIKQq1RDyyWtoY6Pik6E51sMxomeEfLc3lN+r+t0jpdtIWmW4bmsFWhYvdZbI
7TkGfu8RL2phli/ySiOO02vfYuM8nGvJkgthnGm9+wFGRvQYMmlnf8fBerHK+3JD
XMYKzS30vKcfxNix5x9KiExpPvGhyFyukfEui/vijHMJaacBZnHEeHein30yd4Xr
MfKCb1uejs50K6ZWu6QYbw+jWUaf2L+s2MSJvpIryeazU80PpPgC00usCDwjA1pC
iSNRqjrLzG6q+Td/nzXLbjNh/su6zv1wFe5Yxm2cfO2bzrnh9QveVVeLZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJLTUiX7Xz5iuWL/7q2zrLRg6pfrMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEva3ROU0pmdGZQbUs1WXZfdXJiT3N0R0RxbC1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF8VOq2MwuAdf/+i58t/
LDfHdh+g2hYFu0HHr+kVFelBbbcznoe2dz5nzDgjHpNO6fZegH/qZe9PYy9pgVj0
8hd/cVZnbDyfT0Gp3eczwqmOfYhUzvUAbH5JE9fQRV+Ydp4cVRm4yblWLZ1Zrbsw
I6ZJlVPtU3gqG7hSHpmkx5Cd8DKA2MgBNgMQGpuDj3BVLJkFcX3HbADlOETJhgWX
pvSl/Euu3ZFcuVBqZ75pcjuMZMi8RcDegHlc3/wCSxb9WlGIxPhX1XcU/aggEwZn
DmhDlMgIKXfxr7286HLCYRNvMbCdPUONmlbeG9h6cYcqEMf53PIzNThow2e+46l1
eRY=
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:12:17 2025 by rpki-client