Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Lh124XfwHf2DCUO52W70PbPIHbA.roa
File: Lh124XfwHf2DCUO52W70PbPIHbA.roa (raw, json)
Hash identifier: orEzG+QEi0czSomMbDmck7Lv40VrMsvWMmKnEJc1M8Q=
Subject key identifier: 2E:1D:76:E1:77:F0:1D:FD:83:09:43:B9:D9:6E:F4:3D:B3:C8:1D:B0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018545BCD737D796930C998F7780E3B98DEF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Lh124XfwHf2DCUO52W70PbPIHbA.roa
Signing time: Sat 24 Dec 2022 20:04:41 +0000
ROA not before: Sat 24 Dec 2022 20:04:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:45bc:50e7/128 maxlen: 128
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:45:bc:d7:37:d7:96:93:0c:99:8f:77:80:e3:b9:8d:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 24 20:04:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e1d76e177f01dfd830943b9d96ef43db3c81db0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:5e:c2:5e:b2:f7:7e:23:e0:6e:8e:23:70:00:
94:3d:d9:49:65:4b:10:03:97:4f:0f:2b:8c:03:d9:
b2:4c:f3:e1:79:e3:2c:f2:63:80:28:da:63:17:1f:
12:ca:1d:0f:90:2d:8e:34:83:1d:f6:ef:03:eb:78:
ca:04:ee:36:53:2d:fd:90:1b:2d:d3:4e:2c:d0:b3:
5b:4e:2f:f9:53:8c:d2:65:b2:4b:1f:4e:88:9d:15:
79:3b:44:22:22:a2:99:91:77:ed:9c:94:57:08:fd:
b4:c2:90:b6:c1:91:99:4c:e9:dd:59:9d:ee:99:8f:
2a:c8:82:a8:7b:c8:00:49:ec:31:c0:35:f2:9b:ae:
c5:49:00:95:8e:93:0a:14:4b:af:56:ab:3a:d9:ab:
b9:a9:b8:e0:3d:6c:60:21:1f:f0:7f:83:50:e8:1b:
ca:27:76:7f:b0:0a:81:e0:d3:8d:33:7b:ed:64:70:
98:04:82:37:b0:22:15:4d:41:55:69:55:81:1d:62:
d2:95:ae:d1:2c:fe:00:79:b2:7f:4f:cd:2f:66:12:
14:da:6b:ef:0c:df:77:46:96:d8:06:b2:7d:3c:2d:
17:cd:5c:eb:df:8e:07:f1:e0:ca:62:59:53:15:bf:
c4:4e:14:0a:e1:ed:74:ea:fb:64:9f:4e:4a:43:da:
59:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:1D:76:E1:77:F0:1D:FD:83:09:43:B9:D9:6E:F4:3D:B3:C8:1D:B0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Lh124XfwHf2DCUO52W70PbPIHbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
26:ad:ae:40:0e:35:9d:c2:f5:1e:ab:23:61:0d:b4:24:83:9e:
42:e3:30:5e:af:f1:19:1f:4b:e2:4e:bb:94:1a:fb:11:fb:7e:
0f:0d:a8:62:a7:67:54:b1:36:a8:96:d0:88:8b:ad:a1:77:f6:
a5:b8:94:2c:60:4c:e5:39:21:5d:d9:1a:50:a4:ac:b4:68:3f:
fd:ab:93:f0:99:89:d5:74:34:19:e4:7e:35:b8:58:99:05:1c:
b2:08:58:c0:64:3d:41:e5:4e:80:5a:a3:84:8d:a5:c0:4b:16:
91:35:8e:12:99:e5:1e:91:a0:8a:96:f8:c6:4b:60:67:8c:ac:
c6:c3:2b:18:1d:f7:18:31:7a:46:f9:27:a9:25:31:66:65:47:
bb:64:21:40:d0:7d:7a:27:7d:e7:6e:95:00:35:d0:f9:5c:77:
f6:25:0f:59:3c:ca:d2:d6:e2:55:20:50:01:37:c8:7c:45:3f:
63:80:ee:e1:5a:c2:3a:96:27:29:4c:f1:f6:2a:09:7f:7e:23:
e3:7d:7c:77:27:b3:f4:fb:b4:7e:c8:be:3d:79:bd:f3:7f:b6:
ba:02:47:15:ff:ec:5c:00:d0:7d:1a:24:21:94:6d:aa:fa:5e:
44:ef:06:f6:fb:85:cc:b4:b3:9b:77:eb:ff:58:20:2f:bd:11:
39:5d:a3:e2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVFvNc315aTDJmPd4DjuY3vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI0MjAwNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTFkNzZlMTc3ZjAxZGZkODMwOTQzYjlkOTZlZjQzZGIzYzgxZGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgF7CXrL3fiPgbo4jcACUPdlJZUsQ
A5dPDyuMA9myTPPheeMs8mOAKNpjFx8Syh0PkC2ONIMd9u8D63jKBO42Uy39kBst
004s0LNbTi/5U4zSZbJLH06InRV5O0QiIqKZkXftnJRXCP20wpC2wZGZTOndWZ3u
mY8qyIKoe8gASewxwDXym67FSQCVjpMKFEuvVqs62au5qbjgPWxgIR/wf4NQ6BvK
J3Z/sAqB4NONM3vtZHCYBII3sCIVTUFVaVWBHWLSla7RLP4AebJ/T80vZhIU2mvv
DN93RpbYBrJ9PC0XzVzr344H8eDKYllTFb/EThQK4e106vtkn05KQ9pZxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC4dduF38B39gwlDudlu9D2zyB2wMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTGgxMjRYZndIZjJEQ1VPNTJXNzBQYlBJSGJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACatrkAONZ3C9R6rI2EN
tCSDnkLjMF6v8RkfS+JOu5Qa+xH7fg8NqGKnZ1SxNqiW0IiLraF39qW4lCxgTOU5
IV3ZGlCkrLRoP/2rk/CZidV0NBnkfjW4WJkFHLIIWMBkPUHlToBao4SNpcBLFpE1
jhKZ5R6RoIqW+MZLYGeMrMbDKxgd9xgxekb5J6klMWZlR7tkIUDQfXonfedulQA1
0Plcd/YlD1k8ytLW4lUgUAE3yHxFP2OA7uFawjqWJylM8fYqCX9+I+N9fHcns/T7
tH7Ivj15vfN/troCRxX/7FwA0H0aJCGUbar6XkTvBvb7hcy0s5t36/9YIC+9ETld
o+I=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:40:59 2025 by rpki-client