Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ldCg3_EetQXIap9g-7i8tFoRk7c.roa
File: ldCg3_EetQXIap9g-7i8tFoRk7c.roa (raw, json)
Hash identifier: b6NWoleJs3u7/E3Cbykuv1DhnXBVy7G9EaDgFleKljU=
Subject key identifier: 95:D0:A0:DF:F1:1E:B5:05:C8:6A:9F:60:FB:B8:BC:B4:5A:11:93:B7
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186D2F05CEE1E64337D173C95D39606B3DD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ldCg3_EetQXIap9g-7i8tFoRk7c.roa
Signing time: Sat 11 Mar 2023 23:10:13 +0000
ROA not before: Sat 11 Mar 2023 23:10:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d2:f0:5c:ee:1e:64:33:7d:17:3c:95:d3:96:06:b3:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 11 23:10:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95d0a0dff11eb505c86a9f60fbb8bcb45a1193b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:aa:3c:1f:d4:62:bd:bd:75:a3:49:cb:73:ab:
54:35:07:4e:97:c7:0f:9e:81:d3:c8:4e:d2:02:9b:
2a:6f:76:a4:d2:89:29:ff:a5:27:58:cb:4a:19:ab:
9a:8a:7a:09:b6:68:de:00:a2:9a:6b:f8:4f:05:00:
a4:b2:40:03:fd:8e:2a:8f:5d:2b:03:86:38:19:82:
e6:4f:3d:b0:a1:43:e6:02:5c:23:2c:27:a5:7d:0e:
84:89:e3:c8:85:0e:79:62:c7:a1:52:e3:72:ef:70:
8e:14:df:cd:d3:05:3b:5d:91:9b:5c:ca:fc:2b:aa:
83:c5:16:17:28:b4:94:6d:73:2b:64:29:e1:0d:7e:
ad:be:33:95:3e:b9:4f:b8:5e:2a:dc:80:c5:90:e5:
63:df:71:ca:33:e1:2d:c7:ac:88:e5:0d:b0:68:db:
d9:f8:41:f0:8d:5b:c8:60:c2:85:0c:d1:a1:a0:d3:
0f:e7:05:4c:71:9c:6c:c5:36:08:ec:be:12:dc:1f:
2a:82:48:51:09:8b:00:49:9f:bb:dd:4f:f6:db:b3:
55:1d:98:3f:83:2e:eb:ac:e2:72:7a:bb:3a:66:c0:
48:48:1a:5b:2b:2b:94:e0:ec:7c:54:98:46:5f:b4:
26:63:95:67:1f:f7:22:43:7f:48:31:ae:08:d1:62:
16:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:D0:A0:DF:F1:1E:B5:05:C8:6A:9F:60:FB:B8:BC:B4:5A:11:93:B7
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ldCg3_EetQXIap9g-7i8tFoRk7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7c:3f:10:4e:61:11:4e:61:2a:4d:35:f8:62:21:a7:e8:99:45:
12:d7:85:f7:d5:90:7d:8c:77:3a:2e:b3:e8:76:1a:b8:81:e9:
43:e0:2d:2f:41:ea:79:91:0b:58:74:9b:57:d6:ac:f3:12:b7:
06:80:8a:2e:57:d5:b3:20:f3:0f:cd:15:a2:e7:38:70:fe:ac:
aa:c8:a8:42:eb:36:db:1f:be:77:f2:db:d7:75:60:73:7d:b0:
b5:5a:ed:7d:1d:ef:b9:0b:4e:fc:88:ac:84:b3:9f:74:91:14:
8f:9f:e0:03:38:fa:0f:e2:7b:84:a9:3a:56:eb:b8:a0:71:80:
71:94:4f:5c:1c:ea:14:c3:f2:91:9a:31:f3:43:48:a6:78:2c:
23:f8:96:18:47:2f:e4:33:3f:44:b2:65:ab:b2:d4:e7:a7:8f:
3e:58:f8:fa:4b:00:c4:2e:7d:f0:ef:ed:b2:6e:b5:2d:8d:0d:
06:f2:0a:63:5b:4d:6e:63:78:83:36:66:1e:28:14:59:a0:5e:
d5:ad:07:4f:19:0d:54:c3:06:33:63:3f:ba:aa:a9:d7:23:56:
4b:af:c7:5c:11:a6:0a:9a:2f:34:4b:29:fe:52:e8:4e:ef:ae:
aa:69:5a:a4:9c:4a:57:9f:14:53:15:1a:ca:32:23:a3:3c:6b:
a5:f0:e4:d7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbS8FzuHmQzfRc8ldOWBrPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzExMjMxMDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWQwYTBkZmYxMWViNTA1Yzg2YTlmNjBmYmI4YmNiNDVhMTE5M2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyao8H9Rivb11o0nLc6tUNQdOl8cP
noHTyE7SApsqb3ak0okp/6UnWMtKGauainoJtmjeAKKaa/hPBQCkskAD/Y4qj10r
A4Y4GYLmTz2woUPmAlwjLCelfQ6EiePIhQ55YsehUuNy73COFN/N0wU7XZGbXMr8
K6qDxRYXKLSUbXMrZCnhDX6tvjOVPrlPuF4q3IDFkOVj33HKM+Etx6yI5Q2waNvZ
+EHwjVvIYMKFDNGhoNMP5wVMcZxsxTYI7L4S3B8qgkhRCYsASZ+73U/227NVHZg/
gy7rrOJyers6ZsBISBpbKyuU4Ox8VJhGX7QmY5VnH/ciQ39IMa4I0WIWAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJXQoN/xHrUFyGqfYPu4vLRaEZO3MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbGRDZzNfRWV0UVhJYXA5Zy03aTh0Rm9SazdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHw/EE5hEU5hKk01+GIh
p+iZRRLXhffVkH2Mdzous+h2GriB6UPgLS9B6nmRC1h0m1fWrPMStwaAii5X1bMg
8w/NFaLnOHD+rKrIqELrNtsfvnfy29d1YHN9sLVa7X0d77kLTvyIrISzn3SRFI+f
4AM4+g/ie4SpOlbruKBxgHGUT1wc6hTD8pGaMfNDSKZ4LCP4lhhHL+QzP0SyZauy
1Oenjz5Y+PpLAMQuffDv7bJutS2NDQbyCmNbTW5jeIM2Zh4oFFmgXtWtB08ZDVTD
BjNjP7qqqdcjVkuvx1wRpgqaLzRLKf5S6E7vrqppWqScSlefFFMVGsoyI6M8a6Xw
5Nc=
-----END CERTIFICATE-----
Generated at Thu May 1 20:55:48 2025 by rpki-client