Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kulf4sdIjulaUrs1mzKApGn4zIU.roa
File: kulf4sdIjulaUrs1mzKApGn4zIU.roa (raw, json)
Hash identifier: P6Y32GIQN7QjW+iohO5ssK1qSuN/4+xnRfI7cH1wD6w=
Subject key identifier: 92:E9:5F:E2:C7:48:8E:E9:5A:52:BB:35:9B:32:80:A4:69:F8:CC:85
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185774E0CF6A2564E9F55C6AA53B5361EAB
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kulf4sdIjulaUrs1mzKApGn4zIU.roa
Signing time: Tue 03 Jan 2023 11:04:41 +0000
ROA not before: Tue 03 Jan 2023 11:04:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:185:774d:ae43/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:77:4e:0c:f6:a2:56:4e:9f:55:c6:aa:53:b5:36:1e:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 3 11:04:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92e95fe2c7488ee95a52bb359b3280a469f8cc85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:05:c8:c0:83:9e:72:4e:db:b0:3e:47:4c:cb:
49:dc:28:2b:fe:4b:b6:bd:9f:9a:50:01:e3:9e:14:
ec:2b:72:b2:13:cd:aa:e8:e9:b3:0d:53:a3:7f:88:
be:51:08:7c:9f:b3:44:12:85:49:ec:35:47:bd:b6:
fa:ce:6b:98:ec:0a:ec:ab:83:71:94:3f:64:52:59:
38:56:96:74:89:99:32:b6:02:33:c1:70:56:0c:71:
8f:8d:79:a7:e8:0e:bd:61:58:79:62:1a:45:5d:3c:
7f:e1:ae:e1:02:ba:9e:75:a1:41:03:d7:75:92:4e:
0c:15:a1:b6:6b:c7:44:12:36:2a:15:13:e1:bd:d1:
f3:de:43:85:4a:ef:86:f5:f5:23:83:4f:bd:0a:bc:
c3:6d:8c:aa:21:06:26:b1:e4:39:0b:dd:5a:bc:bc:
b0:d4:d8:9c:b4:49:34:bc:73:d3:1f:6d:3e:96:be:
bd:e5:de:9b:a5:2e:d8:94:e6:1a:d7:81:a0:87:34:
6c:02:0d:e3:3c:d1:0b:7a:61:46:c1:0a:b8:12:7d:
3b:35:76:2b:34:7e:1b:1d:b9:94:0d:25:7d:d8:b4:
91:89:f9:ca:5f:d6:cc:13:04:12:29:3b:f1:82:7b:
3a:e8:b2:f8:0b:c9:43:02:8e:d1:08:3a:bd:35:68:
ff:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:E9:5F:E2:C7:48:8E:E9:5A:52:BB:35:9B:32:80:A4:69:F8:CC:85
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/kulf4sdIjulaUrs1mzKApGn4zIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:d1:91:dd:6b:c2:71:63:d3:75:af:14:64:f7:ac:31:c8:e8:
02:5f:f2:67:4e:1f:6c:5f:50:c8:98:b0:77:63:2d:25:98:68:
c9:69:7c:6e:2e:52:b0:6b:e1:4c:93:a5:99:10:4b:a1:ed:ea:
77:1e:60:5f:2f:8d:ed:01:75:3b:2c:07:91:66:e6:bc:69:82:
ba:c2:c2:1c:9f:ae:5f:c9:99:19:fe:b8:c0:63:3f:1a:d8:12:
30:ce:df:52:93:a7:50:54:59:cb:14:4b:63:fb:34:89:26:ed:
82:48:05:20:63:5a:af:f4:fd:e2:8f:1f:b6:e2:6d:3d:27:ff:
16:87:84:56:82:ff:90:e3:f0:a8:76:b6:8d:91:19:23:8d:1e:
35:2f:5f:40:7f:81:56:d1:94:24:f9:31:a9:23:02:4f:7a:be:
02:d4:ae:25:f0:4e:41:89:5c:56:73:21:de:bd:8d:3c:60:86:
cd:89:26:bb:69:c2:3b:b2:8e:b5:17:5c:8b:b2:f4:4b:9e:59:
ae:d1:81:16:56:57:72:12:2c:f7:31:a3:6c:18:1f:4b:d5:28:
82:68:bb:fa:8f:ab:48:d9:d2:fb:af:8e:6f:e6:a5:99:19:ce:
19:04:44:04:49:8e:65:50:11:1a:65:62:9b:db:d1:af:09:52:
aa:43:96:66
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYV3Tgz2olZOn1XGqlO1Nh6rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTAzMTEwNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmU5NWZlMmM3NDg4ZWU5NWE1MmJiMzU5YjMyODBhNDY5ZjhjYzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAXIwIOeck7bsD5HTMtJ3Cgr/ku2
vZ+aUAHjnhTsK3KyE82q6OmzDVOjf4i+UQh8n7NEEoVJ7DVHvbb6zmuY7Arsq4Nx
lD9kUlk4VpZ0iZkytgIzwXBWDHGPjXmn6A69YVh5YhpFXTx/4a7hArqedaFBA9d1
kk4MFaG2a8dEEjYqFRPhvdHz3kOFSu+G9fUjg0+9CrzDbYyqIQYmseQ5C91avLyw
1NictEk0vHPTH20+lr695d6bpS7YlOYa14GghzRsAg3jPNELemFGwQq4En07NXYr
NH4bHbmUDSV92LSRifnKX9bMEwQSKTvxgns66LL4C8lDAo7RCDq9NWj/GwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJLpX+LHSI7pWlK7NZsygKRp+MyFMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEva3VsZjRzZElqdWxhVXJzMW16S0FwR240eklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAETRkd1rwnFj03WvFGT3
rDHI6AJf8mdOH2xfUMiYsHdjLSWYaMlpfG4uUrBr4UyTpZkQS6Ht6nceYF8vje0B
dTssB5Fm5rxpgrrCwhyfrl/JmRn+uMBjPxrYEjDO31KTp1BUWcsUS2P7NIkm7YJI
BSBjWq/0/eKPH7bibT0n/xaHhFaC/5Dj8Kh2to2RGSONHjUvX0B/gVbRlCT5Makj
Ak96vgLUriXwTkGJXFZzId69jTxghs2JJrtpwjuyjrUXXIuy9EueWa7RgRZWV3IS
LPcxo2wYH0vVKIJou/qPq0jZ0vuvjm/mpZkZzhkERARJjmVQERplYpvb0a8JUqpD
lmY=
-----END CERTIFICATE-----
Generated at Mon Jun 9 04:08:56 2025 by rpki-client