Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lRYGsVzhFKjuoa0HWpWKR9Lndnw.roa
File: lRYGsVzhFKjuoa0HWpWKR9Lndnw.roa (raw, json)
Hash identifier: eVrvCMFNmivTlzx3WZZk79KAmqC0/kkE/ibce4KpecI=
Subject key identifier: 95:16:06:B1:5C:E1:14:A8:EE:A1:AD:07:5A:95:8A:47:D2:E7:76:7C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184D7A8B56030A30CC7FCE361E43D112E40
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lRYGsVzhFKjuoa0HWpWKR9Lndnw.roa
Signing time: Sat 03 Dec 2022 11:04:28 +0000
ROA not before: Sat 03 Dec 2022 11:04:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:184:d7a8:832f/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d7:a8:b5:60:30:a3:0c:c7:fc:e3:61:e4:3d:11:2e:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 3 11:04:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=951606b15ce114a8eea1ad075a958a47d2e7767c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:fa:d5:65:08:00:15:6b:f4:b5:3b:04:eb:42:
ee:9e:a6:eb:f9:d9:ab:00:18:3f:ca:cf:42:5c:33:
bf:b7:56:50:8c:c0:9f:73:56:88:b1:6b:2e:f0:cf:
5f:95:d7:d3:27:e2:49:6e:ce:18:f3:24:6d:37:40:
2e:33:8e:71:71:9d:ae:a8:9a:36:a1:6e:b0:1c:5f:
ab:3b:f2:43:33:49:e0:ed:b5:ff:6f:24:60:31:69:
da:92:a4:e3:e9:33:77:57:38:f0:6c:e9:a4:dc:9d:
f9:d2:89:ab:9a:38:98:d3:c9:8a:7c:79:56:01:79:
df:57:a5:b1:2e:6d:cb:9a:9b:dc:d1:3b:6e:f8:24:
5a:d3:2d:07:1e:b0:de:c5:74:03:d9:ec:62:7e:b8:
56:f7:0b:56:66:a6:2f:0f:52:2b:e6:63:4c:7b:3d:
82:fb:49:14:a7:b3:9f:96:05:28:6a:7d:53:17:e6:
7a:40:58:19:18:c7:3a:08:ed:a8:d2:a9:73:11:fe:
fa:62:a2:e4:c1:85:af:c9:ca:cc:46:b1:46:81:3f:
27:d2:8b:14:bd:dd:d0:b7:5e:ce:77:28:ca:31:75:
d5:43:58:cb:42:73:40:12:38:5c:e5:23:76:83:f1:
e4:d4:32:b7:7b:e7:c6:34:8d:c7:ca:16:f8:03:05:
ee:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:16:06:B1:5C:E1:14:A8:EE:A1:AD:07:5A:95:8A:47:D2:E7:76:7C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lRYGsVzhFKjuoa0HWpWKR9Lndnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
20:6f:a3:0a:27:7e:26:1b:ec:a5:f3:b6:74:4f:75:82:08:ce:
82:1c:cc:5b:7c:47:15:f4:b7:c9:33:20:07:00:04:48:c4:15:
4f:20:d6:09:1e:c8:9b:31:cd:8d:ff:3f:46:87:2e:24:eb:35:
37:b7:d4:69:62:4f:8c:38:f7:e3:d5:90:3f:43:5b:d9:5d:ff:
51:17:74:9b:e6:43:27:62:a6:50:f5:27:8b:10:cb:3f:0c:9e:
64:3a:d1:b1:39:8b:13:8a:f6:a7:1c:db:0e:b4:88:af:e9:f4:
f8:76:f7:7f:c1:f5:99:18:c2:8e:f3:d2:82:30:9f:ca:7c:ad:
15:bd:a1:46:a4:44:c0:33:7b:74:be:10:58:e4:ba:5a:d3:99:
1c:06:21:ab:ec:77:e3:2e:b5:7f:5b:af:70:b5:2b:8f:fe:8e:
9d:1a:9b:ea:3f:d6:33:56:1a:34:12:40:c9:56:23:24:ff:ce:
1c:1f:bc:7d:94:0c:6b:ef:06:ef:eb:93:05:51:c3:24:e4:66:
95:3e:91:ba:0f:65:bd:81:79:4b:4e:52:87:85:6f:54:66:df:
1a:46:0d:a9:2a:a9:c6:1c:59:36:82:89:7f:d2:d4:58:d7:1e:
45:5f:06:a9:a2:c6:b3:97:7c:ee:2c:12:5c:d1:1f:b0:bf:09:
df:f4:05:19
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTXqLVgMKMMx/zjYeQ9ES5AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjAzMTEwNDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTE2MDZiMTVjZTExNGE4ZWVhMWFkMDc1YTk1OGE0N2QyZTc3NjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvrVZQgAFWv0tTsE60Lunqbr+dmr
ABg/ys9CXDO/t1ZQjMCfc1aIsWsu8M9fldfTJ+JJbs4Y8yRtN0AuM45xcZ2uqJo2
oW6wHF+rO/JDM0ng7bX/byRgMWnakqTj6TN3VzjwbOmk3J350omrmjiY08mKfHlW
AXnfV6WxLm3Lmpvc0Ttu+CRa0y0HHrDexXQD2exifrhW9wtWZqYvD1Ir5mNMez2C
+0kUp7OflgUoan1TF+Z6QFgZGMc6CO2o0qlzEf76YqLkwYWvycrMRrFGgT8n0osU
vd3Qt17OdyjKMXXVQ1jLQnNAEjhc5SN2g/Hk1DK3e+fGNI3Hyhb4AwXuoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJUWBrFc4RSo7qGtB1qVikfS53Z8MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbFJZR3NWemhGS2p1b2EwSFdwV0tSOUxuZG53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACBvowonfiYb7KXztnRP
dYIIzoIczFt8RxX0t8kzIAcABEjEFU8g1gkeyJsxzY3/P0aHLiTrNTe31GliT4w4
9+PVkD9DW9ld/1EXdJvmQydiplD1J4sQyz8MnmQ60bE5ixOK9qcc2w60iK/p9Ph2
93/B9ZkYwo7z0oIwn8p8rRW9oUakRMAze3S+EFjkulrTmRwGIavsd+MutX9br3C1
K4/+jp0am+o/1jNWGjQSQMlWIyT/zhwfvH2UDGvvBu/rkwVRwyTkZpU+kboPZb2B
eUtOUoeFb1Rm3xpGDakqqcYcWTaCiX/S1FjXHkVfBqmixrOXfO4sElzRH7C/Cd/0
BRk=
-----END CERTIFICATE-----
Generated at Thu May 1 11:17:49 2025 by rpki-client