Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lFtO4FW50dXp-MALASmzI-B-bs8.roa
File: lFtO4FW50dXp-MALASmzI-B-bs8.roa (raw, json)
Hash identifier: 0HxSJV9JzextpCXTFjTjwOONMeNnmvM0z1AXSBRfKBs=
Subject key identifier: 94:5B:4E:E0:55:B9:D1:D5:E9:F8:C0:0B:01:29:B3:23:E0:7E:6E:CF
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189FBB3730806249E8E162AD29D7CF7E0DA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lFtO4FW50dXp-MALASmzI-B-bs8.roa
Signing time: Wed 16 Aug 2023 00:16:28 +0000
ROA not before: Wed 16 Aug 2023 00:16:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fb:b3:73:08:06:24:9e:8e:16:2a:d2:9d:7c:f7:e0:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 16 00:16:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=945b4ee055b9d1d5e9f8c00b0129b323e07e6ecf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:3c:7c:24:26:e0:e5:f3:1c:df:3c:f6:dd:92:
dd:03:23:f9:3c:2b:55:80:74:87:2f:86:c4:05:69:
1e:fc:18:36:fd:28:7d:93:75:ff:ba:94:ce:09:39:
05:4d:53:8e:91:19:1c:3f:a6:6d:0b:70:93:e7:87:
41:18:a3:cd:e2:c3:d2:9d:bf:b3:54:56:74:74:b8:
85:62:d1:7c:17:75:36:b0:20:05:e8:d1:b9:8a:78:
aa:d0:a6:b1:1a:97:a4:8b:ca:f3:23:32:c4:2f:3b:
b4:ff:76:9f:9a:51:67:34:5a:47:21:cb:91:26:e6:
f0:2b:70:a7:30:84:5a:24:b9:86:51:37:f0:9a:a2:
d1:59:cb:ac:07:a7:29:f8:63:8c:68:0f:c4:f4:5e:
57:40:28:9f:f6:79:c4:63:b7:ef:48:f2:66:5f:8f:
af:a0:34:77:56:47:86:0b:a6:52:73:6f:d5:05:b0:
a1:ab:31:1b:5b:cc:e9:3c:1e:5a:6c:e3:6f:fe:52:
17:39:3c:12:02:bb:1b:7b:db:fa:03:4e:56:bd:a1:
b1:4e:ce:3c:90:6e:09:78:b2:5b:ba:ce:e1:00:03:
27:27:c4:63:77:20:72:e5:72:2e:fc:70:ef:32:d3:
ad:cc:cb:4e:fe:c6:c7:a6:ac:d9:23:bb:d3:3e:c5:
20:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:5B:4E:E0:55:B9:D1:D5:E9:F8:C0:0B:01:29:B3:23:E0:7E:6E:CF
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lFtO4FW50dXp-MALASmzI-B-bs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
87:b9:76:98:be:58:5e:ef:3f:d0:d9:67:cb:03:08:30:a2:f7:
22:18:43:be:e6:09:a3:17:26:97:2b:af:18:94:d8:00:a2:8d:
95:2b:ed:7e:24:2c:ca:63:52:70:ea:df:41:2b:06:e0:2c:a4:
c4:3f:bd:c4:64:65:f1:a7:55:01:62:1d:9c:90:bb:b5:e8:23:
1a:71:2c:cb:5c:cb:75:28:36:c7:81:ff:01:fb:3d:f8:bb:8a:
d0:b2:58:47:34:4c:20:f1:83:ff:a9:9e:fc:80:9a:df:9b:ac:
91:ed:44:4e:90:a7:80:ba:a4:5b:5c:68:37:d9:6c:ed:88:e8:
72:f9:d4:73:e8:69:43:a7:d1:e6:4d:ea:af:71:bc:49:16:f4:
9e:50:57:37:05:5d:f4:44:7c:1e:b0:cf:11:02:6f:16:2b:33:
a2:c9:3e:a0:78:77:ca:db:49:fa:c8:dd:05:d3:ba:56:1d:5a:
9a:21:18:3f:2b:95:1d:1e:ea:1e:46:35:f9:9e:ba:bd:6f:b4:
50:67:e8:c6:d2:4d:4b:b8:f5:1d:08:bb:60:59:15:28:46:05:
08:17:24:cf:62:02:ab:b1:01:b8:e0:a3:d2:7c:0b:2e:c8:fc:
98:9f:66:8e:bd:29:53:fb:9d:15:76:29:b8:5d:6d:92:dd:d9:
e3:4b:f5:cf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYn7s3MIBiSejhYq0p189+DaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE2MDAxNjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDViNGVlMDU1YjlkMWQ1ZTlmOGMwMGIwMTI5YjMyM2UwN2U2ZWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDx8JCbg5fMc3zz23ZLdAyP5PCtV
gHSHL4bEBWke/Bg2/Sh9k3X/upTOCTkFTVOOkRkcP6ZtC3CT54dBGKPN4sPSnb+z
VFZ0dLiFYtF8F3U2sCAF6NG5iniq0KaxGpeki8rzIzLELzu0/3afmlFnNFpHIcuR
JubwK3CnMIRaJLmGUTfwmqLRWcusB6cp+GOMaA/E9F5XQCif9nnEY7fvSPJmX4+v
oDR3VkeGC6ZSc2/VBbChqzEbW8zpPB5abONv/lIXOTwSArsbe9v6A05WvaGxTs48
kG4JeLJbus7hAAMnJ8RjdyBy5XIu/HDvMtOtzMtO/sbHpqzZI7vTPsUgOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJRbTuBVudHV6fjACwEpsyPgfm7PMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbEZ0TzRGVzUwZFhwLU1BTEFTbXpJLUItYnM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIe5dpi+WF7vP9DZZ8sD
CDCi9yIYQ77mCaMXJpcrrxiU2ACijZUr7X4kLMpjUnDq30ErBuAspMQ/vcRkZfGn
VQFiHZyQu7XoIxpxLMtcy3UoNseB/wH7Pfi7itCyWEc0TCDxg/+pnvyAmt+brJHt
RE6Qp4C6pFtcaDfZbO2I6HL51HPoaUOn0eZN6q9xvEkW9J5QVzcFXfREfB6wzxEC
bxYrM6LJPqB4d8rbSfrI3QXTulYdWpohGD8rlR0e6h5GNfmeur1vtFBn6MbSTUu4
9R0Iu2BZFShGBQgXJM9iAquxAbjgo9J8Cy7I/JifZo69KVP7nRV2KbhdbZLd2eNL
9c8=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:42:07 2025 by rpki-client