Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lTPz1zVg_r2qG6tSj-7NqFAuH94.roa
File: lTPz1zVg_r2qG6tSj-7NqFAuH94.roa (raw, json)
Hash identifier: gTwZNvXzuvhh5Mrbs9mo9VwHiuHX98OIfZwUMaYCSls=
Subject key identifier: 95:33:F3:D7:35:60:FE:BD:AA:1B:AB:52:8F:EE:CD:A8:50:2E:1F:DE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 68739D31
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lTPz1zVg_r2qG6tSj-7NqFAuH94.roa
Signing time: Sun 06 Feb 2022 14:08:14 +0000
ROA not before: Sun 06 Feb 2022 14:08:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17e:a0dd:2f5b/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1752407345 (0x68739d31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 6 14:08:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9533f3d73560febdaa1bab528feecda8502e1fde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b0:3f:15:c6:b7:b6:da:93:43:b4:bc:36:b7:
a2:30:a5:59:81:c5:1e:41:7b:c5:93:9a:86:a8:c4:
ff:fd:b3:dd:87:a5:46:19:07:c6:13:d2:fe:e4:87:
89:ae:f5:20:7d:5d:77:74:0b:de:24:8c:0f:aa:34:
bc:af:f2:d7:41:31:f6:8a:06:12:bf:31:eb:9c:fe:
d5:6d:32:17:d4:8d:58:94:45:23:5a:38:88:11:3b:
a1:6f:63:3f:d9:4f:29:d1:0b:09:32:34:85:9f:1b:
fb:72:d1:1e:4c:34:07:0a:38:11:df:23:b4:c4:ff:
ff:6f:e0:da:b0:8b:41:f6:2e:29:01:34:62:d3:8e:
cb:9f:9e:5b:2e:57:62:25:bc:5e:35:e1:0b:9f:e1:
2c:6d:de:a9:76:f8:05:9c:33:2b:0d:a7:fd:d1:d6:
1b:0e:1c:bd:03:e9:92:8f:30:6e:a7:06:4c:31:ed:
23:f6:0e:7f:25:15:ad:4a:97:4a:bf:62:ec:0c:f3:
ad:44:45:56:5a:38:91:19:31:8a:f6:35:2a:ba:fe:
1c:0f:7f:6d:6c:65:5c:a3:c3:63:31:67:47:9b:ee:
32:54:4c:d8:53:74:9a:75:6f:39:89:7a:24:f6:74:
02:39:43:e1:04:2b:59:eb:d3:8a:84:1e:28:48:0f:
3d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:33:F3:D7:35:60:FE:BD:AA:1B:AB:52:8F:EE:CD:A8:50:2E:1F:DE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lTPz1zVg_r2qG6tSj-7NqFAuH94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:2b:87:0d:ac:58:a4:c5:b6:32:b1:15:5f:13:bb:30:b2:a3:
79:02:4f:35:f4:50:b2:14:b3:db:1c:41:a9:d2:96:3c:aa:f8:
f6:f2:cc:8e:aa:93:ca:ef:1f:07:87:71:28:d4:f3:61:ff:96:
32:c6:41:9e:f8:dc:48:ac:a8:10:45:df:c8:67:21:86:ae:dd:
6d:d2:c0:1d:49:25:23:25:97:59:22:04:8a:65:30:0d:26:d7:
15:d8:21:46:fa:7e:df:c1:4d:49:1b:2c:80:ac:29:16:e0:e7:
20:29:56:80:f7:e3:11:ed:7b:30:b9:e9:ff:4d:01:30:eb:e6:
27:7d:52:f3:83:87:eb:aa:0f:92:9c:34:ca:a7:84:e2:fa:64:
80:96:33:32:1a:13:73:0f:83:e0:25:02:f2:fb:57:b7:82:44:
65:2c:25:96:20:55:17:05:ee:f4:f3:bc:e1:b5:a3:63:3f:15:
ce:1b:ee:e7:91:1b:e9:0c:9f:6a:b8:03:d1:f1:48:f3:99:f8:
8e:40:d5:0c:42:c2:04:6a:67:5a:d5:45:c3:34:2b:7e:a8:e9:
2e:91:2e:95:05:36:bf:bc:b5:13:99:26:c9:51:01:11:38:46:
27:ee:f1:31:43:b1:5a:1e:61:f6:ff:02:71:cc:e0:97:9d:e1:
a3:be:b1:4c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEaHOdMTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDIw
NjE0MDgxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTUzM2YzZDczNTYw
ZmViZGFhMWJhYjUyOGZlZWNkYTg1MDJlMWZkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANWwPxXGt7bak0O0vDa3ojClWYHFHkF7xZOahqjE//2z3Yel
RhkHxhPS/uSHia71IH1dd3QL3iSMD6o0vK/y10Ex9ooGEr8x65z+1W0yF9SNWJRF
I1o4iBE7oW9jP9lPKdELCTI0hZ8b+3LRHkw0Bwo4Ed8jtMT//2/g2rCLQfYuKQE0
YtOOy5+eWy5XYiW8XjXhC5/hLG3eqXb4BZwzKw2n/dHWGw4cvQPpko8wbqcGTDHt
I/YOfyUVrUqXSr9i7AzzrURFVlo4kRkxivY1Krr+HA9/bWxlXKPDYzFnR5vuMlRM
2FN0mnVvOYl6JPZ0AjlD4QQrWevTioQeKEgPPcECAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSVM/PXNWD+vaobq1KP7s2oUC4f3jAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L2xUUHoxelZnX3IycUc2dFNqLTdOcUZBdUg5NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQANK4cNrFikxbYysRVfE7swsqN5Ak819FCyFLPb
HEGp0pY8qvj28syOqpPK7x8Hh3Eo1PNh/5YyxkGe+NxIrKgQRd/IZyGGrt1t0sAd
SSUjJZdZIgSKZTANJtcV2CFG+n7fwU1JGyyArCkW4OcgKVaA9+MR7Xswuen/TQEw
6+YnfVLzg4frqg+SnDTKp4Ti+mSAljMyGhNzD4PgJQLy+1e3gkRlLCWWIFUXBe70
87zhtaNjPxXOG+7nkRvpDJ9quAPR8UjzmfiOQNUMQsIEamda1UXDNCt+qOkukS6V
BTa/vLUTmSbJUQEROEYn7vExQ7FaHmH2/wJxzOCXneGjvrFM
-----END CERTIFICATE-----
Generated at Wed Apr 30 19:48:51 2025 by rpki-client