Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/l4TD58akZdVt-zmgluLE4FWc2MI.roa
File: l4TD58akZdVt-zmgluLE4FWc2MI.roa (raw, json)
Hash identifier: TMlkI23BnqF8mHee1Hs2ufGjXHcrFqx6pbUwcd0M0bU=
Subject key identifier: 97:84:C3:E7:C6:A4:65:D5:6D:FB:39:A0:96:E2:C4:E0:55:9C:D8:C2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01868CCA5267516850F24875B0A320413879
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/l4TD58akZdVt-zmgluLE4FWc2MI.roa
Signing time: Sun 26 Feb 2023 08:15:14 +0000
ROA not before: Sun 26 Feb 2023 08:15:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:8c:ca:52:67:51:68:50:f2:48:75:b0:a3:20:41:38:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 26 08:15:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9784c3e7c6a465d56dfb39a096e2c4e0559cd8c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fa:0f:3d:7c:45:d8:47:c0:9b:fa:01:47:64:
bd:8b:e6:46:29:8e:cb:0c:d9:31:e2:11:b1:d5:fe:
45:bf:e3:cf:13:a4:ca:12:4c:b4:97:74:df:40:81:
68:30:60:ee:45:7a:47:aa:60:d8:56:3e:d8:15:39:
84:24:ea:68:05:0e:16:12:ca:af:3d:e3:de:a3:99:
c0:e1:9d:8d:76:70:55:b2:2f:6b:3b:d0:0d:f8:9c:
6d:92:7e:a6:21:e7:6a:67:3d:22:11:bc:0f:75:d7:
e0:74:e9:cd:85:78:f8:93:17:3f:18:21:a5:6a:12:
16:3f:07:24:9a:df:aa:b6:6a:2b:a2:2f:bc:9e:48:
a7:d7:48:c1:21:b7:30:80:cb:80:98:dd:00:d3:ce:
1f:ff:ce:10:ec:9c:b7:79:82:95:16:bb:3b:ec:a1:
1b:03:80:6d:8a:7e:c2:07:ae:d8:74:19:76:3e:b1:
77:f0:5f:9b:0d:da:94:10:a5:d8:ea:98:17:86:d9:
66:72:a8:5f:28:6c:8e:55:86:f6:d7:47:5c:51:9d:
fd:a5:45:61:1b:6e:fa:5e:b0:8e:c5:e1:c7:15:23:
d4:93:d6:38:ad:24:78:d5:c6:53:fc:21:7d:ec:18:
29:0c:6f:54:89:e5:dd:1b:fc:b9:84:f2:84:6c:96:
4b:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:84:C3:E7:C6:A4:65:D5:6D:FB:39:A0:96:E2:C4:E0:55:9C:D8:C2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/l4TD58akZdVt-zmgluLE4FWc2MI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3e:68:de:ff:51:af:09:19:08:00:0f:61:22:bd:ea:05:47:0f:
4d:a9:50:f0:8c:34:88:d7:87:69:25:6e:48:11:49:03:b6:e1:
28:69:37:dd:d0:41:9a:06:1f:1d:77:4f:37:36:95:a3:a0:f0:
5e:27:d8:34:f2:97:88:96:cb:e7:f2:e7:be:7a:77:8e:86:47:
cd:e4:28:08:e5:5f:75:7d:92:46:66:f5:83:e4:c1:1b:95:db:
cb:47:e1:3d:f1:5c:a2:96:d5:fe:98:5f:21:62:eb:1a:50:de:
4a:48:61:90:fc:f2:11:88:92:a6:82:80:7b:99:f8:ae:ca:44:
ba:22:4b:a5:74:37:64:c5:64:5d:a6:1a:81:04:f8:30:fa:70:
7d:98:1f:10:66:88:be:ae:99:95:be:92:a3:4d:00:cf:8d:84:
2b:a6:96:a9:a7:ba:1a:c5:cd:92:8b:85:81:0f:b6:13:d2:ad:
3b:26:61:c5:7b:7c:b9:27:8a:61:1d:8d:e8:b1:9e:3b:12:25:
6c:be:5d:ca:e1:66:4e:b9:56:f8:dd:3c:58:7f:a4:db:97:ff:
7b:c6:a2:56:58:7f:50:45:42:13:f2:7c:9c:f8:e6:86:37:cf:
c5:9a:6b:ff:fa:61:54:0c:79:10:8e:09:8b:87:49:3e:cf:1a:
56:4b:4f:22
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaMylJnUWhQ8kh1sKMgQTh5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI2MDgxNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Nzg0YzNlN2M2YTQ2NWQ1NmRmYjM5YTA5NmUyYzRlMDU1OWNkOGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/oPPXxF2EfAm/oBR2S9i+ZGKY7L
DNkx4hGx1f5Fv+PPE6TKEky0l3TfQIFoMGDuRXpHqmDYVj7YFTmEJOpoBQ4WEsqv
PePeo5nA4Z2NdnBVsi9rO9AN+Jxtkn6mIedqZz0iEbwPddfgdOnNhXj4kxc/GCGl
ahIWPwckmt+qtmoroi+8nkin10jBIbcwgMuAmN0A084f/84Q7Jy3eYKVFrs77KEb
A4Btin7CB67YdBl2PrF38F+bDdqUEKXY6pgXhtlmcqhfKGyOVYb210dcUZ39pUVh
G276XrCOxeHHFSPUk9Y4rSR41cZT/CF97BgpDG9UieXdG/y5hPKEbJZLHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJeEw+fGpGXVbfs5oJbixOBVnNjCMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbDRURDU4YWtaZFZ0LXptZ2x1TEU0RldjMk1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD5o3v9RrwkZCAAPYSK9
6gVHD02pUPCMNIjXh2klbkgRSQO24ShpN93QQZoGHx13Tzc2laOg8F4n2DTyl4iW
y+fy5756d46GR83kKAjlX3V9kkZm9YPkwRuV28tH4T3xXKKW1f6YXyFi6xpQ3kpI
YZD88hGIkqaCgHuZ+K7KRLoiS6V0N2TFZF2mGoEE+DD6cH2YHxBmiL6umZW+kqNN
AM+NhCumlqmnuhrFzZKLhYEPthPSrTsmYcV7fLknimEdjeixnjsSJWy+XcrhZk65
VvjdPFh/pNuX/3vGolZYf1BFQhPyfJz45oY3z8Waa//6YVQMeRCOCYuHST7PGlZL
TyI=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:57:50 2025 by rpki-client