Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/h_lnssESWbRQ6-yoXkMd4H3ZJKE.roa
File: h_lnssESWbRQ6-yoXkMd4H3ZJKE.roa (raw, json)
Hash identifier: IhKWifG1JpE7CJ0u03G6j+E2Woi/iBujJq+MyeiFI1k=
Subject key identifier: 87:F9:67:B2:C1:12:59:B4:50:EB:EC:A8:5E:43:1D:E0:7D:D9:24:A1
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01899BFC3E7A39279865BDF4EAF32761E968
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/h_lnssESWbRQ6-yoXkMd4H3ZJKE.roa
Signing time: Fri 28 Jul 2023 10:12:26 +0000
ROA not before: Fri 28 Jul 2023 10:12:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:9b:fc:3e:7a:39:27:98:65:bd:f4:ea:f3:27:61:e9:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 28 10:12:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=87f967b2c11259b450ebeca85e431de07dd924a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:37:aa:c4:c6:d1:7e:df:95:a3:62:c9:9b:c0:
7c:7a:37:06:c5:9d:f5:b2:81:e7:e9:b7:7a:a2:04:
80:e0:1e:56:75:04:ea:0f:e9:51:ec:9b:5a:c1:c3:
4b:3f:b2:b0:e8:69:82:44:00:12:3c:a0:be:a8:e5:
c4:27:e8:cf:22:30:60:30:2a:54:02:ec:bd:06:fe:
d1:b3:1c:69:2c:f5:32:51:9a:2a:75:d3:2f:74:b6:
d0:00:9c:94:54:05:27:c0:c6:fa:a8:9a:4b:c9:ec:
ec:a7:d7:e5:7e:27:b5:b6:27:9c:0c:86:0d:99:84:
c7:db:f4:3a:51:c4:a2:c1:af:88:84:3b:25:78:3d:
f8:1b:6f:40:16:b6:ab:be:9b:a1:c6:a1:ee:b4:9b:
a1:f3:ca:61:84:4b:04:99:65:65:ae:b6:bc:ad:b5:
40:f1:e5:5e:ce:88:53:37:f6:16:e3:70:77:9f:94:
39:84:08:6e:bd:41:ad:63:4e:a8:7b:f3:8a:59:c5:
fb:8b:fe:6d:9b:be:f2:b9:86:6b:53:d5:38:d2:7e:
11:b9:ab:48:71:5f:6c:25:56:57:8c:dd:1e:27:b9:
70:f5:90:6c:51:96:94:b9:90:0c:6b:0a:e3:b3:99:
8f:29:86:9a:53:d4:f6:77:bc:5d:52:41:e1:18:8b:
b2:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F9:67:B2:C1:12:59:B4:50:EB:EC:A8:5E:43:1D:E0:7D:D9:24:A1
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/h_lnssESWbRQ6-yoXkMd4H3ZJKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:5b:be:93:56:e3:2d:01:95:2a:f1:e4:c2:70:f0:d2:30:75:
70:7f:c7:3b:63:57:40:38:b5:ec:c5:9a:01:e3:af:8a:39:cc:
85:6c:0f:c9:cb:2e:64:27:bb:2a:20:5e:c9:fd:b8:97:bb:2a:
e5:84:ca:10:8c:74:1b:17:66:6a:6d:9d:31:ba:85:c7:3b:0e:
ec:3f:24:55:50:8c:88:87:37:88:35:04:0d:50:32:4f:71:84:
62:71:f6:7a:29:cd:ea:0a:21:e0:16:7f:3b:9c:c9:42:54:ea:
db:48:b2:52:b8:ba:62:ee:0c:9b:f8:d4:97:70:b3:ea:ad:8a:
72:b3:d0:63:e0:b3:81:ce:c7:43:bf:6a:76:c5:85:31:2c:6e:
20:55:ac:6e:2b:22:1e:41:4b:01:18:52:32:9a:28:d2:c7:8d:
49:92:42:d4:68:36:18:96:e3:0f:c6:4b:f0:a1:07:74:dc:14:
a4:9a:fe:d4:04:5a:db:12:e4:44:3a:06:4e:f7:a4:ba:27:47:
42:76:09:43:d8:87:ea:21:21:6e:bf:c6:3e:5e:3a:27:69:cd:
2e:18:93:3b:66:26:46:2e:98:d9:07:25:a9:c1:35:04:e7:50:
da:eb:e6:e7:68:e1:e6:6f:d6:78:b1:e2:af:0b:ce:fd:f8:b4:
c6:1d:1c:43
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmb/D56OSeYZb306vMnYeloMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzI4MTAxMjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2Y5NjdiMmMxMTI1OWI0NTBlYmVjYTg1ZTQzMWRlMDdkZDkyNGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjeqxMbRft+Vo2LJm8B8ejcGxZ31
soHn6bd6ogSA4B5WdQTqD+lR7JtawcNLP7Kw6GmCRAASPKC+qOXEJ+jPIjBgMCpU
Auy9Bv7RsxxpLPUyUZoqddMvdLbQAJyUVAUnwMb6qJpLyezsp9flfie1tiecDIYN
mYTH2/Q6UcSiwa+IhDsleD34G29AFrarvpuhxqHutJuh88phhEsEmWVlrra8rbVA
8eVezohTN/YW43B3n5Q5hAhuvUGtY06oe/OKWcX7i/5tm77yuYZrU9U40n4RuatI
cV9sJVZXjN0eJ7lw9ZBsUZaUuZAMawrjs5mPKYaaU9T2d7xdUkHhGIuyhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIf5Z7LBElm0UOvsqF5DHeB92SShMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvaF9sbnNzRVNXYlJRNi15b1hrTWQ0SDNaSktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGBbvpNW4y0BlSrx5MJw
8NIwdXB/xztjV0A4tezFmgHjr4o5zIVsD8nLLmQnuyogXsn9uJe7KuWEyhCMdBsX
ZmptnTG6hcc7Duw/JFVQjIiHN4g1BA1QMk9xhGJx9nopzeoKIeAWfzucyUJU6ttI
slK4umLuDJv41Jdws+qtinKz0GPgs4HOx0O/anbFhTEsbiBVrG4rIh5BSwEYUjKa
KNLHjUmSQtRoNhiW4w/GS/ChB3TcFKSa/tQEWtsS5EQ6Bk73pLonR0J2CUPYh+oh
IW6/xj5eOidpzS4YkztmJkYumNkHJanBNQTnUNrr5udo4eZv1nix4q8Lzv34tMYd
HEM=
-----END CERTIFICATE-----
Generated at Thu May 1 11:08:33 2025 by rpki-client