Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/LESfYqaDsyh7L9-CKbaQaO67Vpo.roa
File: LESfYqaDsyh7L9-CKbaQaO67Vpo.roa (raw, json)
Hash identifier: wNTsSOArxPx+DPoY1ArqQAA/gySH6YzrckyskMXWXtQ=
Subject key identifier: 2C:44:9F:62:A6:83:B3:28:7B:2F:DF:82:29:B6:90:68:EE:BB:56:9A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018699AE0C71B8A8D465246A8A3CA2984032
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/LESfYqaDsyh7L9-CKbaQaO67Vpo.roa
Signing time: Tue 28 Feb 2023 20:19:25 +0000
ROA not before: Tue 28 Feb 2023 20:19:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:99:ae:0c:71:b8:a8:d4:65:24:6a:8a:3c:a2:98:40:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 28 20:19:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c449f62a683b3287b2fdf8229b69068eebb569a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:be:63:b0:17:0c:e6:ee:65:a0:e0:6c:a5:17:
e6:42:8f:3f:62:00:c8:e4:f8:c2:3b:b1:7a:30:c8:
55:fe:bb:b9:4d:cc:ea:07:5c:0f:ae:2a:1e:38:89:
3a:cc:a0:4b:1d:f8:06:dc:06:fd:c2:d3:d8:11:a6:
6b:a6:5e:11:c3:98:a0:09:4e:4f:09:76:06:e8:75:
6d:70:a7:ce:68:3a:8f:b3:64:81:0c:6d:24:1b:4f:
bf:b7:53:59:53:4c:27:1d:20:d8:83:5b:da:de:c7:
e4:00:86:2e:bb:f7:83:24:de:1d:50:2d:72:e6:a1:
97:33:5a:d5:66:76:65:68:40:cd:1c:42:0a:7e:ab:
d3:7d:14:df:97:4a:9f:1c:62:50:f7:fa:af:3e:ea:
3b:84:46:33:83:03:e8:0b:f2:93:b0:93:62:9e:cd:
93:83:f2:d3:8f:c7:53:f9:3c:c8:6d:ac:87:ba:e4:
9b:7a:3a:bf:96:b5:a9:17:e4:b3:c1:89:30:94:c3:
88:b1:e4:fb:2d:56:89:47:c6:c6:41:02:f7:20:f6:
69:aa:4c:f8:42:6c:34:c7:d4:2b:d5:91:3b:52:97:
b3:9e:d6:f7:17:af:69:59:46:62:a2:41:99:8f:97:
93:3a:45:7e:dd:93:eb:9d:0c:a4:9e:35:2a:37:0d:
f1:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:44:9F:62:A6:83:B3:28:7B:2F:DF:82:29:B6:90:68:EE:BB:56:9A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/LESfYqaDsyh7L9-CKbaQaO67Vpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a8:2b:07:1e:7d:51:e6:00:e9:1e:0d:1b:e7:8b:9b:3a:ef:bd:
c2:f7:ce:79:70:f1:de:05:8f:95:67:ec:29:4f:83:6f:b2:f4:
98:bc:4b:ac:b2:b6:af:62:2e:66:7c:4e:cf:99:ed:f8:db:be:
13:70:7f:52:2c:74:a6:c4:0d:48:23:d8:ab:17:f1:59:ad:68:
c2:db:00:66:7e:fc:c7:57:ec:e7:87:7e:9c:d9:aa:e6:d1:10:
8a:63:f0:24:dc:c9:cb:8d:20:a8:91:7f:07:e9:b4:a5:a1:84:
18:d9:a3:60:ad:31:81:67:39:5b:42:84:98:43:0c:54:e9:bd:
d5:1f:c5:d9:d2:af:73:98:f1:8c:76:fe:fe:76:a6:e8:c4:f6:
e8:a4:a4:e6:b4:8a:3e:22:97:08:73:8e:20:b5:cf:62:02:ec:
79:fe:5f:1e:2b:19:cf:f4:ea:c8:d8:65:2f:a3:a7:be:4e:99:
97:88:40:27:14:7a:93:14:2d:3d:f8:7a:45:97:dc:77:a4:75:
37:d5:5e:ce:8c:48:28:a0:f0:1d:e5:3c:5b:31:ff:5f:43:1e:
ea:ff:ed:8b:ee:37:2c:bb:c0:ad:b4:8b:0d:83:18:98:af:f8:
18:74:5a:d4:71:4c:c5:d7:e4:71:18:63:69:93:fb:9c:7a:97:
89:1d:c8:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaZrgxxuKjUZSRqijyimEAyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI4MjAxOTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzQ0OWY2MmE2ODNiMzI4N2IyZmRmODIyOWI2OTA2OGVlYmI1NjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAub5jsBcM5u5loOBspRfmQo8/YgDI
5PjCO7F6MMhV/ru5TczqB1wPrioeOIk6zKBLHfgG3Ab9wtPYEaZrpl4Rw5igCU5P
CXYG6HVtcKfOaDqPs2SBDG0kG0+/t1NZU0wnHSDYg1va3sfkAIYuu/eDJN4dUC1y
5qGXM1rVZnZlaEDNHEIKfqvTfRTfl0qfHGJQ9/qvPuo7hEYzgwPoC/KTsJNins2T
g/LTj8dT+TzIbayHuuSbejq/lrWpF+SzwYkwlMOIseT7LVaJR8bGQQL3IPZpqkz4
Qmw0x9Qr1ZE7Upezntb3F69pWUZiokGZj5eTOkV+3ZPrnQyknjUqNw3xiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCxEn2Kmg7Moey/fgim2kGjuu1aaMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTEVTZllxYURzeWg3TDktQ0tiYVFhTzY3VnBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKgrBx59UeYA6R4NG+eL
mzrvvcL3znlw8d4Fj5Vn7ClPg2+y9Ji8S6yytq9iLmZ8Ts+Z7fjbvhNwf1IsdKbE
DUgj2KsX8VmtaMLbAGZ+/MdX7OeHfpzZqubREIpj8CTcycuNIKiRfwfptKWhhBjZ
o2CtMYFnOVtChJhDDFTpvdUfxdnSr3OY8Yx2/v52pujE9uikpOa0ij4ilwhzjiC1
z2IC7Hn+Xx4rGc/06sjYZS+jp75OmZeIQCcUepMULT34ekWX3HekdTfVXs6MSCig
8B3lPFsx/19DHur/7YvuNyy7wK20iw2DGJiv+Bh0WtRxTMXX5HEYY2mT+5x6l4kd
yFg=
-----END CERTIFICATE-----
Generated at Fri May 2 17:33:04 2025 by rpki-client