Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/LmMHcNU61mqS-u9pcAAAJK4iThY.roa
File: LmMHcNU61mqS-u9pcAAAJK4iThY.roa (raw, json)
Hash identifier: 5GIkqGmliw9ZWB3DsugiZ4bhsq1U+JptoiCRJRJkjGU=
Subject key identifier: 2E:63:07:70:D5:3A:D6:6A:92:FA:EF:69:70:00:00:24:AE:22:4E:16
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185E7C2B2E5450EC478785F6D76F7F8E550
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/LmMHcNU61mqS-u9pcAAAJK4iThY.roa
Signing time: Wed 25 Jan 2023 07:09:34 +0000
ROA not before: Wed 25 Jan 2023 07:09:34 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e7:c2:b2:e5:45:0e:c4:78:78:5f:6d:76:f7:f8:e5:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 25 07:09:34 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e630770d53ad66a92faef6970000024ae224e16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0e:4a:0c:22:c9:df:0d:87:d5:60:5e:25:92:
f9:f2:3f:38:0b:b0:e3:ab:b3:ce:df:2d:53:1c:f5:
80:0e:a0:a8:af:c0:89:b0:dd:88:6f:39:95:f2:5a:
62:7c:08:20:f4:27:ad:50:2c:9f:ec:e8:59:e3:1f:
cf:5c:83:04:d8:28:8d:f4:82:cf:c4:c7:e0:a5:dc:
6f:bb:5f:5c:74:fc:f3:14:24:e7:fe:95:e0:35:25:
12:46:af:d7:b9:1e:60:e9:72:16:ab:f5:3b:b0:6c:
43:bd:3e:01:e4:f4:4c:fa:b0:98:c9:7c:d7:8b:50:
45:b4:6f:b1:92:2f:cc:b3:ec:e4:87:87:f1:39:db:
c7:66:f4:72:46:45:ef:50:74:3a:a9:05:6d:48:0b:
b9:33:2e:93:15:7f:68:84:00:aa:be:6e:c2:3e:eb:
90:d7:52:f8:aa:a4:7b:aa:1e:b9:bf:1f:8e:9b:d7:
86:96:85:90:82:29:77:99:97:4c:12:af:3b:29:43:
20:41:d6:69:0b:79:1a:bf:ad:31:64:e4:e1:1b:3c:
e6:d0:b7:d2:0c:92:03:ef:25:ff:f6:a6:94:7b:5f:
c4:72:ff:02:4f:f9:94:f9:72:00:33:05:2e:07:f7:
cc:3e:3d:6c:fd:e2:4b:a1:76:af:ad:90:1f:00:84:
0c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:63:07:70:D5:3A:D6:6A:92:FA:EF:69:70:00:00:24:AE:22:4E:16
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/LmMHcNU61mqS-u9pcAAAJK4iThY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:6f:be:c0:a8:3f:20:20:6a:86:f7:d7:42:73:bf:a2:43:5b:
5a:4b:99:bb:d0:f4:93:16:31:03:c6:c2:b6:af:f2:96:38:ce:
41:da:27:45:cc:06:37:e1:32:0b:fd:e4:23:5d:e7:20:23:82:
61:c2:fe:ea:34:19:85:8e:af:1c:86:7b:6f:02:f7:76:fe:1c:
12:7f:d7:81:2d:88:20:6c:76:c0:cc:b6:06:88:b6:be:b7:23:
cf:6a:d5:c3:bc:d4:3c:9b:18:9c:18:62:8c:15:ec:46:90:5d:
31:e3:62:b1:c8:4c:6f:58:48:a7:4e:d7:eb:aa:a8:fe:36:13:
00:9b:8b:bc:f3:a2:69:3a:49:f5:7a:07:9b:df:7f:62:84:2f:
c3:b7:ab:93:5a:49:bd:ac:f5:3e:29:f3:6a:f2:e4:46:f1:8d:
b4:0b:1c:28:e1:16:f9:d9:69:c7:ee:1a:7a:a7:65:1b:05:c1:
ed:57:a9:10:80:41:22:a0:51:08:d4:5a:4e:50:89:c6:62:79:
23:ad:d5:ee:80:81:06:45:bd:44:0d:a4:1b:ea:48:87:39:1f:
30:e7:5d:27:ad:0f:cb:2a:cb:53:af:ba:ff:e7:57:0e:44:1a:
4e:4b:16:fc:ef:54:04:2b:b3:7c:da:8d:4b:53:fe:07:29:c0:
bf:02:4e:60
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXnwrLlRQ7EeHhfbXb3+OVQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTI1MDcwOTM0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTYzMDc3MGQ1M2FkNjZhOTJmYWVmNjk3MDAwMDAyNGFlMjI0ZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQ5KDCLJ3w2H1WBeJZL58j84C7Dj
q7PO3y1THPWADqCor8CJsN2IbzmV8lpifAgg9CetUCyf7OhZ4x/PXIME2CiN9ILP
xMfgpdxvu19cdPzzFCTn/pXgNSUSRq/XuR5g6XIWq/U7sGxDvT4B5PRM+rCYyXzX
i1BFtG+xki/Ms+zkh4fxOdvHZvRyRkXvUHQ6qQVtSAu5My6TFX9ohACqvm7CPuuQ
11L4qqR7qh65vx+Om9eGloWQgil3mZdMEq87KUMgQdZpC3kav60xZOThGzzm0LfS
DJID7yX/9qaUe1/Ecv8CT/mU+XIAMwUuB/fMPj1s/eJLoXavrZAfAIQMNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC5jB3DVOtZqkvrvaXAAACSuIk4WMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTG1NSGNOVTYxbXFTLXU5cGNBQUFKSzRpVGhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA5vvsCoPyAgaob310Jz
v6JDW1pLmbvQ9JMWMQPGwrav8pY4zkHaJ0XMBjfhMgv95CNd5yAjgmHC/uo0GYWO
rxyGe28C93b+HBJ/14EtiCBsdsDMtgaItr63I89q1cO81DybGJwYYowV7EaQXTHj
YrHITG9YSKdO1+uqqP42EwCbi7zzomk6SfV6B5vff2KEL8O3q5NaSb2s9T4p82ry
5EbxjbQLHCjhFvnZacfuGnqnZRsFwe1XqRCAQSKgUQjUWk5QicZieSOt1e6AgQZF
vUQNpBvqSIc5HzDnXSetD8sqy1Ovuv/nVw5EGk5LFvzvVAQrs3zajUtT/gcpwL8C
TmA=
-----END CERTIFICATE-----
Generated at Wed Apr 30 21:50:30 2025 by rpki-client