Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lbloB1ld38FD93e6KI6yn2kDvT0.roa
File: lbloB1ld38FD93e6KI6yn2kDvT0.roa (raw, json)
Hash identifier: 1gFwAIQd2YUzW+Y1DTPG6WJfnq9DyqBkdqPIVyqbd4Q=
Subject key identifier: 95:B9:68:07:59:5D:DF:C1:43:F7:77:BA:28:8E:B2:9F:69:03:BD:3D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01851EEAAFCC4F262F85808F4BAB1AB98FCD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lbloB1ld38FD93e6KI6yn2kDvT0.roa
Signing time: Sat 17 Dec 2022 07:09:34 +0000
ROA not before: Sat 17 Dec 2022 07:09:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1e:ea:af:cc:4f:26:2f:85:80:8f:4b:ab:1a:b9:8f:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 17 07:09:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=95b96807595ddfc143f777ba288eb29f6903bd3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e4:ee:80:ec:f9:fd:30:2e:97:a2:9d:12:e1:
24:e2:f4:c6:85:46:82:e4:41:a0:06:d7:0f:73:3d:
e8:c3:b6:af:ae:ee:fe:31:4c:6e:92:7a:90:55:23:
7e:62:dd:30:de:8e:3c:09:15:c4:7b:2d:e3:ee:82:
cb:17:26:89:bd:d5:0d:86:29:95:32:ba:9e:42:04:
a5:7c:80:f2:db:fd:45:84:ee:0c:00:01:13:34:e3:
bb:4a:af:14:68:ab:1d:ec:00:a0:6e:b0:9a:38:bb:
8f:65:0f:de:64:81:5c:d9:c0:46:20:f9:ea:bb:f9:
a7:24:a8:6c:aa:47:61:8f:d2:4d:8d:4a:e1:0b:8c:
e4:bc:c3:48:9d:9e:64:f6:bb:ad:43:12:72:92:03:
75:6c:31:49:ec:03:f0:a3:39:8f:f2:21:72:3b:67:
54:3c:87:53:d2:5e:71:09:2c:2d:ed:f0:bd:f5:eb:
57:fb:f7:bc:4c:11:32:d3:74:0b:32:6c:33:bc:d2:
8f:7d:a5:e8:15:10:30:34:8d:c6:9c:ed:56:1b:5a:
65:23:b9:56:8e:00:7c:23:66:40:4b:86:ed:2b:50:
df:55:11:e0:20:d4:ce:08:a1:b2:47:d0:ca:37:68:
1d:26:0b:76:2e:b0:48:46:61:e6:38:7a:bc:1a:6b:
82:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B9:68:07:59:5D:DF:C1:43:F7:77:BA:28:8E:B2:9F:69:03:BD:3D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lbloB1ld38FD93e6KI6yn2kDvT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b0:1c:ba:7e:e0:6d:71:3a:bd:53:d2:cd:d0:8c:34:9c:dd:03:
e0:48:e7:e8:30:85:8b:47:94:14:7b:f3:37:82:ff:66:61:8b:
39:79:59:22:fa:3c:92:71:ca:94:e1:87:4b:58:a1:04:54:5e:
7d:8d:4f:c9:0d:c7:3f:24:ed:1b:54:1d:38:02:d1:2d:ef:11:
0f:5f:c1:20:69:7b:6c:ff:44:77:db:6c:b8:66:da:23:e3:98:
80:46:e5:52:82:38:02:27:9d:4a:f0:8b:aa:e6:a5:1e:69:ca:
f4:f6:eb:96:f8:20:ba:9d:3c:00:ef:18:71:a6:5b:76:29:5b:
92:46:95:aa:c6:6d:1f:aa:db:21:89:fc:f3:85:15:58:c7:4f:
a3:de:75:e9:26:6a:f2:ae:8c:7d:cf:f9:cb:d6:39:31:43:3b:
4a:e8:45:f5:cd:e0:03:97:47:b9:85:77:35:9b:68:2d:b2:f3:
15:de:84:dc:5f:24:a6:42:79:1e:a5:c5:3d:a7:18:c6:a9:82:
48:a9:8b:0f:3b:2a:c4:58:32:4d:f2:64:d3:ee:1a:99:66:8b:
58:4c:7d:19:d1:f2:d2:bf:22:8d:98:20:5b:5c:98:3c:c2:e0:
71:95:43:2a:84:4f:6a:e4:c2:08:1a:ea:01:46:3b:66:2e:0e:
89:42:bf:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUe6q/MTyYvhYCPS6sauY/NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE3MDcwOTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWI5NjgwNzU5NWRkZmMxNDNmNzc3YmEyODhlYjI5ZjY5MDNiZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+TugOz5/TAul6KdEuEk4vTGhUaC
5EGgBtcPcz3ow7avru7+MUxuknqQVSN+Yt0w3o48CRXEey3j7oLLFyaJvdUNhimV
MrqeQgSlfIDy2/1FhO4MAAETNOO7Sq8UaKsd7ACgbrCaOLuPZQ/eZIFc2cBGIPnq
u/mnJKhsqkdhj9JNjUrhC4zkvMNInZ5k9rutQxJykgN1bDFJ7APwozmP8iFyO2dU
PIdT0l5xCSwt7fC99etX+/e8TBEy03QLMmwzvNKPfaXoFRAwNI3GnO1WG1plI7lW
jgB8I2ZAS4btK1DfVRHgINTOCKGyR9DKN2gdJgt2LrBIRmHmOHq8GmuCJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJW5aAdZXd/BQ/d3uiiOsp9pA709MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbGJsb0IxbGQzOEZEOTNlNktJNnluMmtEdlQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALAcun7gbXE6vVPSzdCM
NJzdA+BI5+gwhYtHlBR78zeC/2Zhizl5WSL6PJJxypThh0tYoQRUXn2NT8kNxz8k
7RtUHTgC0S3vEQ9fwSBpe2z/RHfbbLhm2iPjmIBG5VKCOAInnUrwi6rmpR5pyvT2
65b4ILqdPADvGHGmW3YpW5JGlarGbR+q2yGJ/POFFVjHT6PedekmavKujH3P+cvW
OTFDO0roRfXN4AOXR7mFdzWbaC2y8xXehNxfJKZCeR6lxT2nGMapgkipiw87KsRY
Mk3yZNPuGplmi1hMfRnR8tK/Io2YIFtcmDzC4HGVQyqET2rkwgga6gFGO2YuDolC
v0Y=
-----END CERTIFICATE-----
Generated at Thu May 1 01:21:50 2025 by rpki-client