Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lKnAaE3nIeOO_pqsjp-SuZFsGyU.roa
File: lKnAaE3nIeOO_pqsjp-SuZFsGyU.roa (raw, json)
Hash identifier: QjK/lMP1F2kbCy4NdgRDMBYST/0LbvbHP3ft9186FlQ=
Subject key identifier: 94:A9:C0:68:4D:E7:21:E3:8E:FE:9A:AC:8E:9F:92:B9:91:6C:1B:25
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01887E2975787DA462BECEF2A9BA343416C8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lKnAaE3nIeOO_pqsjp-SuZFsGyU.roa
Signing time: Fri 02 Jun 2023 22:10:26 +0000
ROA not before: Fri 02 Jun 2023 22:10:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7e:29:75:78:7d:a4:62:be:ce:f2:a9:ba:34:34:16:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 2 22:10:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94a9c0684de721e38efe9aac8e9f92b9916c1b25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c8:27:e0:10:2a:fa:5b:b7:33:d1:2d:bd:68:
06:ea:65:76:12:a8:07:3e:94:8a:28:b3:65:5a:77:
2e:2c:2b:91:34:25:59:7c:e1:8b:d6:c7:97:53:0a:
6f:f7:03:87:d5:a4:70:67:01:e4:ef:6c:24:54:0b:
04:87:07:ed:22:88:15:22:ba:40:83:47:0b:4f:18:
f4:6f:d2:23:45:f5:f6:78:42:62:5e:27:5e:22:94:
80:eb:46:69:3f:f7:b9:97:5d:f3:b9:d9:2f:cc:13:
61:64:35:a2:a2:7e:ff:58:14:8c:bc:95:fe:9f:d2:
90:52:52:d9:ba:e5:49:9c:1f:41:84:00:0f:b8:40:
34:00:2a:c4:f5:71:2b:83:e4:fa:9c:df:2b:d5:10:
13:a9:24:75:99:d9:2e:6f:3a:59:3e:72:f1:4f:67:
00:0a:0b:86:d4:d9:91:ce:a2:2d:b5:e4:94:42:6a:
cd:e2:51:2c:ea:1d:2b:eb:7f:5d:58:4b:cf:f9:62:
e1:64:74:74:9e:fb:25:52:dd:eb:7d:f8:1b:40:1b:
4f:a4:14:a0:df:73:45:da:96:90:0c:7c:53:94:16:
a7:d6:51:34:17:ec:ef:80:a0:55:22:5c:c3:e4:cc:
1f:19:36:3f:26:28:f3:6d:b0:b5:47:74:6f:48:56:
72:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:A9:C0:68:4D:E7:21:E3:8E:FE:9A:AC:8E:9F:92:B9:91:6C:1B:25
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lKnAaE3nIeOO_pqsjp-SuZFsGyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1f:6f:98:ae:ac:f3:95:a5:fe:b2:b9:bb:a8:f8:2d:ee:ba:f4:
a0:13:d2:bf:80:56:78:8e:da:a5:9b:0f:81:85:9e:47:de:54:
ce:3b:69:7f:db:3d:23:ff:e9:39:82:6c:74:13:17:dc:8c:c6:
dd:1e:7f:d6:31:e4:39:bc:17:7c:67:0b:9f:c8:cd:0f:a1:72:
d9:8d:8e:a5:0a:cb:6f:19:26:73:d3:e3:d8:b3:b3:53:a3:04:
77:75:4a:11:d9:0a:cd:ab:7a:90:bf:55:d2:6b:3a:ab:c6:51:
1f:eb:b4:f3:33:1d:0d:07:55:d9:a9:aa:4c:11:9c:ec:8e:29:
94:77:e2:b8:03:19:7f:b2:27:60:1f:1e:e6:bd:73:b9:f0:46:
46:af:72:e3:52:60:f6:c8:de:0d:17:d6:97:93:ae:23:fc:3f:
ec:14:94:79:ba:3f:4a:7d:2e:13:25:72:45:be:d8:51:f4:09:
70:b3:15:f4:4b:a9:f2:e6:d1:01:da:97:39:55:5a:e5:ce:7a:
e8:87:04:0c:50:5b:d6:3b:86:25:0f:e9:a6:a5:db:d6:c7:37:
63:9e:cf:a5:6b:fb:e3:db:a1:01:2c:0e:b0:b0:d8:22:08:e2:
c3:4d:46:35:02:fe:bd:67:bf:ae:20:a9:8c:20:ed:3b:8c:cf:
3e:90:68:44
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYh+KXV4faRivs7yqbo0NBbIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjAyMjIxMDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGE5YzA2ODRkZTcyMWUzOGVmZTlhYWM4ZTlmOTJiOTkxNmMxYjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcgn4BAq+lu3M9EtvWgG6mV2EqgH
PpSKKLNlWncuLCuRNCVZfOGL1seXUwpv9wOH1aRwZwHk72wkVAsEhwftIogVIrpA
g0cLTxj0b9IjRfX2eEJiXideIpSA60ZpP/e5l13zudkvzBNhZDWion7/WBSMvJX+
n9KQUlLZuuVJnB9BhAAPuEA0ACrE9XErg+T6nN8r1RATqSR1mdkubzpZPnLxT2cA
CguG1NmRzqItteSUQmrN4lEs6h0r639dWEvP+WLhZHR0nvslUt3rffgbQBtPpBSg
33NF2paQDHxTlBan1lE0F+zvgKBVIlzD5MwfGTY/JijzbbC1R3RvSFZyOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJSpwGhN5yHjjv6arI6fkrmRbBslMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbEtuQWFFM25JZU9PX3Bxc2pwLVN1WkZzR3lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB9vmK6s85Wl/rK5u6j4
Le669KAT0r+AVniO2qWbD4GFnkfeVM47aX/bPSP/6TmCbHQTF9yMxt0ef9Yx5Dm8
F3xnC5/IzQ+hctmNjqUKy28ZJnPT49izs1OjBHd1ShHZCs2repC/VdJrOqvGUR/r
tPMzHQ0HVdmpqkwRnOyOKZR34rgDGX+yJ2AfHua9c7nwRkavcuNSYPbI3g0X1peT
riP8P+wUlHm6P0p9LhMlckW+2FH0CXCzFfRLqfLm0QHalzlVWuXOeuiHBAxQW9Y7
hiUP6aal29bHN2Oez6Vr++PboQEsDrCw2CII4sNNRjUC/r1nv64gqYwg7TuMzz6Q
aEQ=
-----END CERTIFICATE-----
Generated at Thu May 1 11:16:47 2025 by rpki-client