Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lWlahnI_MJ7F_GfMyt4uyVLy_HY.roa
File: lWlahnI_MJ7F_GfMyt4uyVLy_HY.roa (raw, json)
Hash identifier: SfYQWPUHXD3rdTFIRWxlSSquXt+tPHTdlZCpvm3GQ00=
Subject key identifier: 95:69:5A:86:72:3F:30:9E:C5:FC:67:CC:CA:DE:2E:C9:52:F2:FC:76
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185D40073B8195E02615C1FEE7CB0014586
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lWlahnI_MJ7F_GfMyt4uyVLy_HY.roa
Signing time: Sat 21 Jan 2023 11:04:37 +0000
ROA not before: Sat 21 Jan 2023 11:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:d400:5fec/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:d4:00:73:b8:19:5e:02:61:5c:1f:ee:7c:b0:01:45:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 21 11:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95695a86723f309ec5fc67cccade2ec952f2fc76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ed:06:be:2a:ff:49:7a:ea:e1:e4:b6:ca:75:
f7:df:94:a0:81:ba:d4:6c:1e:51:63:1a:ab:5f:b8:
e2:d7:b0:58:26:a5:77:82:02:16:c4:ce:33:53:d5:
c2:e1:e5:c8:24:d4:f7:5a:b8:01:15:71:3a:5f:e6:
38:62:76:82:6e:95:49:f6:2d:6d:88:4e:a0:eb:3e:
02:90:f2:98:6e:0f:0a:01:9e:0f:fd:be:ab:08:06:
6d:6d:fa:4c:02:d1:c0:1e:de:2e:9e:ff:f6:5e:ed:
06:2a:bc:f2:6d:3c:a5:68:da:f3:48:6b:97:43:f1:
57:85:10:06:d3:0f:97:9f:55:b9:8d:89:37:78:32:
ab:98:51:11:32:e9:c0:60:91:0f:fd:ad:66:15:7a:
8d:53:11:91:94:8d:ff:cd:91:77:79:9c:29:ba:2e:
a5:7b:08:fe:70:99:1d:d9:6e:27:1e:5c:a9:66:c9:
bf:3d:58:4c:bd:35:04:59:e8:f3:04:3d:aa:75:ea:
a3:57:11:55:10:0a:6d:28:50:2a:0c:8b:fb:ae:59:
8d:c4:ee:90:6e:6f:fc:05:cd:8d:02:73:de:ee:ad:
e4:30:96:e2:dc:1e:94:6b:c8:42:f3:60:b9:cd:f1:
c3:2b:ac:6c:4c:da:dd:0a:10:61:e5:61:e5:83:45:
33:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:69:5A:86:72:3F:30:9E:C5:FC:67:CC:CA:DE:2E:C9:52:F2:FC:76
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lWlahnI_MJ7F_GfMyt4uyVLy_HY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
56:0a:16:e5:2f:2f:ff:1d:b4:9d:5c:74:b3:35:e0:d9:fd:aa:
59:92:61:fe:b1:73:dd:0e:e5:e6:5c:94:85:6d:a7:e0:27:70:
cb:84:60:80:e6:52:b0:5d:d6:c6:d6:42:64:6b:39:63:d6:37:
ed:c4:df:63:19:af:a6:d5:24:3f:db:7c:56:8e:ec:fe:24:2b:
19:e9:a0:00:7d:a4:9d:62:3d:b7:1d:88:68:f7:3f:f2:7d:7c:
5d:3b:be:5a:cf:6c:ca:5c:4f:fc:e2:4d:37:52:92:db:d3:d3:
c2:c0:9a:88:f3:cd:cf:b3:bd:18:8e:92:65:da:5c:5f:05:c4:
99:fb:63:c5:32:00:e7:0d:e7:d7:68:f6:72:44:5b:b4:43:a3:
f6:0b:d4:a8:00:45:78:98:69:3a:8a:e5:31:c8:a4:95:84:ee:
b9:75:7e:dd:87:4d:0f:f0:c3:e2:15:6d:b8:4f:fe:4e:c9:31:
a2:54:05:c2:e6:00:a4:0d:90:d7:d7:49:4b:6a:e2:f4:15:5c:
34:38:a9:80:e3:d5:c9:f6:8d:3a:7c:e9:cb:ea:78:3e:f8:1f:
8d:d1:e3:74:f2:97:91:70:72:86:43:b4:3b:65:5f:67:f7:82:
65:6d:b5:a8:a8:93:05:cc:9c:d7:7d:4a:70:93:fc:07:f4:f5:
c7:b3:da:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXUAHO4GV4CYVwf7nywAUWGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTIxMTEwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTY5NWE4NjcyM2YzMDllYzVmYzY3Y2NjYWRlMmVjOTUyZjJmYzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyO0Gvir/SXrq4eS2ynX335SggbrU
bB5RYxqrX7ji17BYJqV3ggIWxM4zU9XC4eXIJNT3WrgBFXE6X+Y4YnaCbpVJ9i1t
iE6g6z4CkPKYbg8KAZ4P/b6rCAZtbfpMAtHAHt4unv/2Xu0GKrzybTylaNrzSGuX
Q/FXhRAG0w+Xn1W5jYk3eDKrmFERMunAYJEP/a1mFXqNUxGRlI3/zZF3eZwpui6l
ewj+cJkd2W4nHlypZsm/PVhMvTUEWejzBD2qdeqjVxFVEAptKFAqDIv7rlmNxO6Q
bm/8Bc2NAnPe7q3kMJbi3B6Ua8hC82C5zfHDK6xsTNrdChBh5WHlg0UzoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJVpWoZyPzCexfxnzMreLslS8vx2MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbFdsYWhuSV9NSjdGX0dmTXl0NHV5Vkx5X0hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFYKFuUvL/8dtJ1cdLM1
4Nn9qlmSYf6xc90O5eZclIVtp+AncMuEYIDmUrBd1sbWQmRrOWPWN+3E32MZr6bV
JD/bfFaO7P4kKxnpoAB9pJ1iPbcdiGj3P/J9fF07vlrPbMpcT/ziTTdSktvT08LA
mojzzc+zvRiOkmXaXF8FxJn7Y8UyAOcN59do9nJEW7RDo/YL1KgARXiYaTqK5THI
pJWE7rl1ft2HTQ/ww+IVbbhP/k7JMaJUBcLmAKQNkNfXSUtq4vQVXDQ4qYDj1cn2
jTp86cvqeD74H43R43Tyl5FwcoZDtDtlX2f3gmVttaiokwXMnNd9SnCT/Af09cez
2j8=
-----END CERTIFICATE-----
Generated at Mon May 5 04:55:00 2025 by rpki-client