Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/LtzOMDICDHnzf__a9mwarVHrdwY.roa
File: LtzOMDICDHnzf__a9mwarVHrdwY.roa (raw, json)
Hash identifier: y7e8ubns2WjYppqlud3ZiLPELoA5JlDjSrrDORHh5d0=
Subject key identifier: 2E:DC:CE:30:32:02:0C:79:F3:7F:FF:DA:F6:6C:1A:AD:51:EB:77:06
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01854D0C2E60BC44C46ABF239966D0F96986
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/LtzOMDICDHnzf__a9mwarVHrdwY.roa
Signing time: Mon 26 Dec 2022 06:08:41 +0000
ROA not before: Mon 26 Dec 2022 06:08:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4d:0c:2e:60:bc:44:c4:6a:bf:23:99:66:d0:f9:69:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 26 06:08:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2edcce3032020c79f37fffdaf66c1aad51eb7706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:be:83:ec:9a:01:51:ca:48:ab:31:e1:0f:b4:
fd:2d:ad:a7:be:85:f8:89:01:b1:2f:75:84:7d:64:
64:2b:90:61:e0:0b:d0:91:a4:89:ad:d7:3f:5a:b1:
e4:65:2e:a5:15:8a:71:90:56:51:53:e0:a7:d3:d1:
38:33:2a:4d:89:1e:39:c0:f3:ae:c5:13:01:b3:4a:
9b:57:72:eb:34:5b:72:46:64:ed:a6:38:bc:d9:71:
3d:e7:1f:76:28:b8:40:1c:16:b2:89:1f:0d:66:d2:
2e:5d:a1:99:2e:25:ae:6e:a1:4c:4d:f0:00:55:a1:
21:92:41:53:0d:38:90:fd:79:05:fb:d1:7f:c3:42:
b8:8b:4a:9e:99:54:9f:d0:c6:24:4d:2f:62:73:95:
85:28:9a:da:6e:04:69:cf:00:63:a8:f7:d7:f0:b5:
8d:6a:7e:91:85:6f:be:1c:e2:0a:dd:c6:30:54:0c:
b1:a4:a2:65:4b:cc:6b:d9:67:94:7f:df:49:c0:38:
df:fc:ef:c6:df:cc:ea:1a:74:0d:67:b2:2c:af:2b:
c5:b5:34:25:25:37:2d:80:0b:fe:76:be:72:bf:55:
72:7c:cb:1c:b1:d7:7a:f1:4e:ab:a8:68:49:7a:f3:
b0:ae:5d:7b:3f:3a:bd:3b:da:3a:a4:8a:d3:90:e6:
60:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:DC:CE:30:32:02:0C:79:F3:7F:FF:DA:F6:6C:1A:AD:51:EB:77:06
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/LtzOMDICDHnzf__a9mwarVHrdwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2a:26:25:be:7b:d0:8a:ce:98:20:71:b0:37:5e:d2:0a:78:95:
fc:7a:f2:d6:b4:7d:31:54:77:8f:3b:99:91:2c:7c:99:a8:a6:
2d:5e:d0:b5:40:71:3a:79:fb:81:35:0c:be:46:d8:a3:36:b1:
a8:5b:09:ec:28:5b:fa:25:ed:38:9b:9e:e5:b1:5f:3a:75:db:
b2:72:da:22:44:0c:fc:a2:e8:7c:39:bf:7d:f9:da:3a:c4:1f:
0c:2a:20:5b:a4:1f:c3:b3:6c:ce:29:95:a1:77:91:3e:28:86:
fe:3f:77:d9:2f:bc:2b:f2:0c:38:0e:b9:79:6f:a2:d3:b6:93:
13:f6:d6:7b:32:8f:e7:79:3f:14:e4:4a:78:6d:87:51:e6:c2:
a1:86:38:33:62:9f:00:12:46:31:83:5d:8f:38:e8:df:55:7b:
b3:7a:10:85:83:e9:9c:16:90:52:30:80:2b:b5:10:c6:f2:b5:
2d:80:cb:d4:43:58:14:1a:a6:8a:b1:9d:d9:6f:7d:36:76:12:
d0:b9:77:a1:f2:c5:72:15:67:f3:45:40:9d:a6:c5:2d:84:2f:
38:ae:f3:5a:81:63:e5:1e:72:50:dd:a3:94:e7:4a:b6:e9:00:
12:cf:f2:78:0d:f1:6f:0e:86:e3:15:99:4e:96:f2:70:19:ef:
22:15:95:03
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVNDC5gvETEar8jmWbQ+WmGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjI2MDYwODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWRjY2UzMDMyMDIwYzc5ZjM3ZmZmZGFmNjZjMWFhZDUxZWI3NzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlL6D7JoBUcpIqzHhD7T9La2nvoX4
iQGxL3WEfWRkK5Bh4AvQkaSJrdc/WrHkZS6lFYpxkFZRU+Cn09E4MypNiR45wPOu
xRMBs0qbV3LrNFtyRmTtpji82XE95x92KLhAHBayiR8NZtIuXaGZLiWubqFMTfAA
VaEhkkFTDTiQ/XkF+9F/w0K4i0qemVSf0MYkTS9ic5WFKJrabgRpzwBjqPfX8LWN
an6RhW++HOIK3cYwVAyxpKJlS8xr2WeUf99JwDjf/O/G38zqGnQNZ7IsryvFtTQl
JTctgAv+dr5yv1VyfMscsdd68U6rqGhJevOwrl17Pzq9O9o6pIrTkOZgxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC7czjAyAgx583//2vZsGq1R63cGMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTHR6T01ESUNESG56Zl9fYTltd2FyVkhyZHdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAComJb570IrOmCBxsDde
0gp4lfx68ta0fTFUd487mZEsfJmopi1e0LVAcTp5+4E1DL5G2KM2sahbCewoW/ol
7TibnuWxXzp127Jy2iJEDPyi6Hw5v3352jrEHwwqIFukH8OzbM4plaF3kT4ohv4/
d9kvvCvyDDgOuXlvotO2kxP21nsyj+d5PxTkSnhth1HmwqGGODNinwASRjGDXY84
6N9Ve7N6EIWD6ZwWkFIwgCu1EMbytS2Ay9RDWBQapoqxndlvfTZ2EtC5d6HyxXIV
Z/NFQJ2mxS2ELziu81qBY+UeclDdo5TnSrbpABLP8ngN8W8OhuMVmU6W8nAZ7yIV
lQM=
-----END CERTIFICATE-----
Generated at Thu May 1 07:21:33 2025 by rpki-client