Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/LdOZ2wHpgLbwwFVbx9DzhF-FC4E.roa
File: LdOZ2wHpgLbwwFVbx9DzhF-FC4E.roa (raw, json)
Hash identifier: ZQQ0tJqKgYtscAOXxQf1QP//mdFvW+23xEo3P4JyXCY=
Subject key identifier: 2D:D3:99:DB:01:E9:80:B6:F0:C0:55:5B:C7:D0:F3:84:5F:85:0B:81
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01855FB90FC620026F4C81C89D52E0010F38
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/LdOZ2wHpgLbwwFVbx9DzhF-FC4E.roa
Signing time: Thu 29 Dec 2022 21:10:41 +0000
ROA not before: Thu 29 Dec 2022 21:10:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5f:b9:0f:c6:20:02:6f:4c:81:c8:9d:52:e0:01:0f:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 29 21:10:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2dd399db01e980b6f0c0555bc7d0f3845f850b81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:41:3c:ee:79:09:8e:45:69:d6:e3:c4:5e:fd:
d3:01:db:98:fc:c1:95:48:e6:61:e5:c7:5c:bb:da:
53:72:6d:a5:19:aa:fa:20:b1:78:11:8f:01:0f:8d:
84:37:1e:4c:8a:d8:2e:29:0d:17:8a:9e:d7:04:c3:
55:9b:86:27:bc:ef:66:47:d2:7f:d7:bc:d8:19:74:
c0:8a:7c:72:31:d3:79:2c:4d:6f:5d:e7:6f:09:71:
e3:a6:a6:7a:ee:61:ac:6b:d1:72:ba:56:44:1b:64:
08:d4:08:d8:1f:4d:32:c9:69:c2:2a:98:5b:49:1d:
59:17:57:40:20:ad:c7:d1:d6:d2:7e:b5:9a:f6:6b:
b3:36:42:ad:0c:d1:e8:82:6b:fe:c2:7c:84:0f:6c:
8f:ea:82:5b:e4:7f:ba:b5:b8:63:d0:35:af:f0:11:
be:dd:b7:a5:34:67:36:ae:2c:6d:bf:c5:0b:84:2d:
6b:5f:a5:70:3e:74:02:f0:15:fc:49:16:0d:00:dd:
79:52:4d:14:cd:53:dc:75:b4:1d:89:87:5d:47:a4:
2f:cd:b4:fc:c9:7f:6f:47:54:d1:a7:92:36:dc:7c:
98:5b:39:52:fe:2e:1a:ed:74:32:da:b9:86:dd:59:
b8:10:cd:b6:d3:fa:15:08:86:f5:02:83:8b:19:23:
54:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D3:99:DB:01:E9:80:B6:F0:C0:55:5B:C7:D0:F3:84:5F:85:0B:81
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/LdOZ2wHpgLbwwFVbx9DzhF-FC4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ac:89:38:fd:bd:be:f0:cc:b5:74:86:64:7a:a1:73:c0:87:62:
6f:90:31:d0:eb:62:13:74:b9:6d:05:aa:14:72:a3:71:a7:f1:
bd:75:53:4d:c3:58:aa:fd:de:f4:ce:8d:0a:cc:7a:2a:c3:0d:
57:2d:9f:0a:b6:87:1a:f2:76:b6:5b:62:98:b3:83:e2:39:f7:
60:c8:61:de:06:17:48:49:46:34:f5:c5:7b:1f:b8:e8:20:e5:
bd:b1:47:5b:0d:df:e8:bc:d4:68:df:d2:1d:28:73:5b:bc:21:
2f:44:a0:2f:59:56:69:0a:0a:85:14:b9:e3:35:49:14:2c:95:
77:47:80:81:b3:61:c9:09:84:73:66:81:88:05:b3:d5:08:04:
37:d8:e8:ea:62:81:be:f2:58:b9:b0:eb:fe:96:66:e8:d7:ce:
b4:f7:bc:82:6e:9b:23:17:43:18:76:b4:f7:c2:07:53:cb:8f:
4e:8b:cb:f2:4a:cd:71:1b:02:ac:90:d7:ce:ff:dd:00:e1:f5:
af:31:6e:dc:73:d3:f4:31:6a:09:a1:e3:25:b9:9b:c4:8a:27:
c2:be:de:73:f9:98:b5:65:b5:4c:35:92:5e:1e:44:44:b4:ac:
33:ce:8f:c6:47:d7:84:e1:43:f9:d8:bf:25:7e:17:5d:37:dd:
1c:35:18:38
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVfuQ/GIAJvTIHInVLgAQ84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI5MjExMDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGQzOTlkYjAxZTk4MGI2ZjBjMDU1NWJjN2QwZjM4NDVmODUwYjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUE87nkJjkVp1uPEXv3TAduY/MGV
SOZh5cdcu9pTcm2lGar6ILF4EY8BD42ENx5MitguKQ0Xip7XBMNVm4YnvO9mR9J/
17zYGXTAinxyMdN5LE1vXedvCXHjpqZ67mGsa9FyulZEG2QI1AjYH00yyWnCKphb
SR1ZF1dAIK3H0dbSfrWa9muzNkKtDNHogmv+wnyED2yP6oJb5H+6tbhj0DWv8BG+
3belNGc2rixtv8ULhC1rX6VwPnQC8BX8SRYNAN15Uk0UzVPcdbQdiYddR6QvzbT8
yX9vR1TRp5I23HyYWzlS/i4a7XQy2rmG3Vm4EM220/oVCIb1AoOLGSNUGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC3TmdsB6YC28MBVW8fQ84RfhQuBMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTGRPWjJ3SHBnTGJ3d0ZWYng5RHpoRi1GQzRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKyJOP29vvDMtXSGZHqh
c8CHYm+QMdDrYhN0uW0FqhRyo3Gn8b11U03DWKr93vTOjQrMeirDDVctnwq2hxry
drZbYpizg+I592DIYd4GF0hJRjT1xXsfuOgg5b2xR1sN3+i81Gjf0h0oc1u8IS9E
oC9ZVmkKCoUUueM1SRQslXdHgIGzYckJhHNmgYgFs9UIBDfY6Opigb7yWLmw6/6W
ZujXzrT3vIJumyMXQxh2tPfCB1PLj06Ly/JKzXEbAqyQ187/3QDh9a8xbtxz0/Qx
agmh4yW5m8SKJ8K+3nP5mLVltUw1kl4eRES0rDPOj8ZH14ThQ/nYvyV+F1033Rw1
GDg=
-----END CERTIFICATE-----
Generated at Thu May 1 01:29:28 2025 by rpki-client