Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/LzpN24Yvgcdi7USgnRQ4ohiGIVA.roa
File: LzpN24Yvgcdi7USgnRQ4ohiGIVA.roa (raw, json)
Hash identifier: BNvc/WCUG6LWBjTCiUo1mPfCbBfDUE76pb/SLribMvY=
Subject key identifier: 2F:3A:4D:DB:86:2F:81:C7:62:ED:44:A0:9D:14:38:A2:18:86:21:50
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01863BA4E8AB802F045106CC85EB6A96DE18
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/LzpN24Yvgcdi7USgnRQ4ohiGIVA.roa
Signing time: Fri 10 Feb 2023 14:05:08 +0000
ROA not before: Fri 10 Feb 2023 14:05:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:3ba4:406a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3b:a4:e8:ab:80:2f:04:51:06:cc:85:eb:6a:96:de:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 10 14:05:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f3a4ddb862f81c762ed44a09d1438a218862150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3d:5e:19:02:ea:eb:ff:28:2c:6c:3d:c5:49:
03:72:03:3c:78:53:5e:98:32:7f:43:88:ae:8c:7d:
6d:2b:c0:c7:d5:30:10:ff:ed:f9:27:6c:17:d8:2b:
85:99:8f:91:3e:f3:2b:03:d1:e1:0a:ed:40:49:07:
74:be:11:b9:70:99:c8:30:f6:35:8b:df:1e:39:f6:
68:c3:c6:11:c2:68:d0:08:7e:b6:64:5e:28:69:81:
98:f8:62:40:e1:bd:88:2c:20:44:62:9e:c9:99:cb:
25:d4:2f:2d:6f:fd:bb:2d:25:d8:b5:f0:c8:34:88:
fa:ef:9a:ef:a1:bd:8d:f1:fa:55:0c:6a:ac:1f:36:
21:17:4d:e7:b3:c9:30:b2:7d:dd:63:9e:d9:c3:1c:
1f:68:7d:95:d9:c4:fc:c7:eb:9b:fa:a6:00:f6:b4:
41:11:2c:51:1a:8b:03:e8:47:f4:f6:e3:f8:f2:b0:
f1:03:6c:9d:da:90:b8:f5:fe:d5:91:78:6e:38:d1:
da:a1:04:53:17:6f:60:c5:57:47:3e:cd:09:4b:cd:
af:12:06:0a:8a:14:e8:8c:2d:f3:86:19:3f:60:3d:
67:b3:92:46:3e:d9:bd:65:a3:a5:df:43:ed:ab:59:
bb:9b:b4:2f:10:67:0b:76:cc:56:dc:12:8f:57:c8:
a8:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:3A:4D:DB:86:2F:81:C7:62:ED:44:A0:9D:14:38:A2:18:86:21:50
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/LzpN24Yvgcdi7USgnRQ4ohiGIVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a4:fb:8f:6c:21:3f:78:d7:b0:c5:f1:b1:b2:69:51:b2:87:46:
9c:ed:f8:43:b6:34:b9:04:6b:fc:3c:f2:1d:ae:7c:06:05:f3:
4f:71:82:bf:59:5a:2f:76:02:c6:f3:3f:cc:96:fd:24:9b:1c:
3e:d7:ca:ac:3b:63:1a:86:6e:92:88:9a:bd:4b:27:4e:90:c7:
72:b5:0c:cd:03:7c:be:c9:b7:e2:a7:2b:64:2f:3a:4e:75:34:
fb:f3:8c:bc:0b:37:c7:a4:55:00:66:80:3c:02:74:c4:69:5c:
b1:1d:83:ac:61:5f:04:2a:f7:69:4d:1c:cd:37:b9:09:3a:7b:
29:63:c9:79:d5:13:24:18:b8:6f:7d:ac:ae:ae:fc:4a:c0:2f:
67:47:e3:cb:48:21:16:f5:1e:76:4c:43:f0:be:b5:a3:58:87:
18:af:ca:4e:8a:0a:9a:64:1e:36:38:d4:4c:83:0d:9e:f1:5c:
d7:cf:f6:47:90:1d:9c:8f:a9:11:cc:e2:86:31:85:fd:7e:48:
b7:5a:d6:9d:fc:d5:a5:b6:69:59:14:cc:fe:2e:9a:33:38:f8:
49:68:09:d5:9b:22:79:06:17:67:50:a7:60:1b:60:f7:60:a8:
af:22:7c:15:f5:e4:0d:39:d5:82:d8:70:44:4e:5b:8e:94:49:
2e:83:3f:e9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYY7pOirgC8EUQbMhetqlt4YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjEwMTQwNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjNhNGRkYjg2MmY4MWM3NjJlZDQ0YTA5ZDE0MzhhMjE4ODYyMTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiT1eGQLq6/8oLGw9xUkDcgM8eFNe
mDJ/Q4iujH1tK8DH1TAQ/+35J2wX2CuFmY+RPvMrA9HhCu1ASQd0vhG5cJnIMPY1
i98eOfZow8YRwmjQCH62ZF4oaYGY+GJA4b2ILCBEYp7Jmcsl1C8tb/27LSXYtfDI
NIj675rvob2N8fpVDGqsHzYhF03ns8kwsn3dY57ZwxwfaH2V2cT8x+ub+qYA9rRB
ESxRGosD6Ef09uP48rDxA2yd2pC49f7VkXhuONHaoQRTF29gxVdHPs0JS82vEgYK
ihTojC3zhhk/YD1ns5JGPtm9ZaOl30Ptq1m7m7QvEGcLdsxW3BKPV8iotwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC86TduGL4HHYu1EoJ0UOKIYhiFQMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvTHpwTjI0WXZnY2RpN1VTZ25SUTRvaGlHSVZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKT7j2whP3jXsMXxsbJp
UbKHRpzt+EO2NLkEa/w88h2ufAYF809xgr9ZWi92AsbzP8yW/SSbHD7Xyqw7YxqG
bpKImr1LJ06Qx3K1DM0DfL7Jt+KnK2QvOk51NPvzjLwLN8ekVQBmgDwCdMRpXLEd
g6xhXwQq92lNHM03uQk6eyljyXnVEyQYuG99rK6u/ErAL2dH48tIIRb1HnZMQ/C+
taNYhxivyk6KCppkHjY41EyDDZ7xXNfP9keQHZyPqRHM4oYxhf1+SLda1p381aW2
aVkUzP4umjM4+EloCdWbInkGF2dQp2AbYPdgqK8ifBX15A051YLYcEROW46USS6D
P+k=
-----END CERTIFICATE-----
Generated at Thu May 1 18:12:23 2025 by rpki-client