Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lgu4E3gDn_pl7DPlhaKKZfPokhc.roa
File: lgu4E3gDn_pl7DPlhaKKZfPokhc.roa (raw, json)
Hash identifier: 6hhLGHvWf3zYvUZACyyHh8aOk5bLgs6uF+/1fN+lDv0=
Subject key identifier: 96:0B:B8:13:78:03:9F:FA:65:EC:33:E5:85:A2:8A:65:F3:E8:92:17
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01841ADD72094961F1F117111CF7A9577F7C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lgu4E3gDn_pl7DPlhaKKZfPokhc.roa
Signing time: Thu 27 Oct 2022 19:13:50 +0000
ROA not before: Thu 27 Oct 2022 19:13:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1a:dd:72:09:49:61:f1:f1:17:11:1c:f7:a9:57:7f:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Oct 27 19:13:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=960bb81378039ffa65ec33e585a28a65f3e89217
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cc:bb:32:76:17:09:4d:fc:a3:13:aa:dd:9d:
be:97:38:ba:b3:c3:27:8c:c3:54:43:2e:f8:bb:cc:
2e:92:7f:08:b7:67:70:53:f9:88:54:63:36:fd:72:
33:c8:b3:5b:74:31:3d:84:4e:b6:54:27:c3:ab:aa:
75:5f:09:6a:9f:c9:80:e9:cc:b3:90:fc:35:ce:73:
fb:42:8a:5f:03:c1:00:1d:c4:4a:97:9d:6d:bd:a5:
22:af:8b:3c:0a:78:1e:87:85:97:0c:9e:8b:9d:85:
1f:8b:3f:4e:d4:6d:2e:db:45:72:17:60:af:8e:14:
41:cd:f2:b9:69:bb:d7:9f:3f:05:8d:66:17:33:dd:
75:58:b5:07:7a:ce:ac:c4:9e:71:54:9e:3a:e8:17:
5c:db:af:45:20:5b:45:21:91:54:29:2a:4c:c1:84:
83:bd:91:fa:7c:34:12:3f:30:09:22:20:3a:78:6e:
ef:91:27:c4:eb:b1:dd:a1:39:82:31:b9:b8:1b:f0:
e9:34:d9:ad:3e:7b:65:34:06:84:c5:d8:5f:58:a1:
1a:b3:23:08:87:69:b4:a2:8f:4f:41:6f:b3:76:8e:
88:b3:6c:5f:0c:41:e0:e3:37:35:bd:ba:af:91:b2:
20:1a:0d:34:e2:53:1a:3d:33:6e:c2:11:d1:3c:1f:
ca:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:0B:B8:13:78:03:9F:FA:65:EC:33:E5:85:A2:8A:65:F3:E8:92:17
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lgu4E3gDn_pl7DPlhaKKZfPokhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
88:f5:cd:7c:2a:c2:43:dd:9b:81:ef:77:7d:59:e9:0d:b7:2d:
0f:a6:f3:54:10:1d:3c:ad:3b:9c:df:03:f5:b9:3b:56:54:e7:
55:4d:03:1e:cb:c3:ba:44:f2:79:6c:1a:50:09:36:84:9b:29:
82:4c:84:e1:0b:79:56:73:85:fa:51:86:59:c2:15:47:59:36:
49:b3:e2:95:fa:57:78:c8:54:10:fe:f5:f1:a3:f5:6b:06:c1:
a0:0d:91:a5:78:d6:33:d7:d6:d8:f7:04:1d:da:f8:15:19:52:
d9:bc:09:6c:a7:24:3c:6e:8e:f9:87:5a:ac:4f:e5:c7:ff:1c:
ea:9d:10:f1:bb:94:78:b4:7e:74:5f:0e:b6:ef:5c:f9:bc:64:
e6:29:f8:55:4c:6f:35:e5:2c:d0:c5:1e:52:5c:be:fd:b5:a4:
71:db:0f:83:d4:7e:87:84:df:0b:54:04:60:9d:c2:af:9a:4e:
3d:31:4c:91:66:60:fa:00:d4:69:f5:f5:b8:63:f1:79:74:29:
11:a0:f0:7e:16:4b:c0:23:8d:47:2d:74:fe:35:0c:85:c9:29:
45:a5:22:97:b6:a6:a3:b8:ad:fb:5d:33:e5:3d:f6:f2:30:a2:
04:9f:b8:6b:35:02:13:45:c6:63:b0:66:98:96:24:8b:a2:1d:
a5:04:ca:35
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYQa3XIJSWHx8RcRHPepV398MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMDI3MTkxMzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjBiYjgxMzc4MDM5ZmZhNjVlYzMzZTU4NWEyOGE2NWYzZTg5MjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsy7MnYXCU38oxOq3Z2+lzi6s8Mn
jMNUQy74u8wukn8It2dwU/mIVGM2/XIzyLNbdDE9hE62VCfDq6p1Xwlqn8mA6cyz
kPw1znP7QopfA8EAHcRKl51tvaUir4s8Cngeh4WXDJ6LnYUfiz9O1G0u20VyF2Cv
jhRBzfK5abvXnz8FjWYXM911WLUHes6sxJ5xVJ466Bdc269FIFtFIZFUKSpMwYSD
vZH6fDQSPzAJIiA6eG7vkSfE67HdoTmCMbm4G/DpNNmtPntlNAaExdhfWKEasyMI
h2m0oo9PQW+zdo6Is2xfDEHg4zc1vbqvkbIgGg004lMaPTNuwhHRPB/KDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJYLuBN4A5/6Zewz5YWiimXz6JIXMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbGd1NEUzZ0RuX3BsN0RQbGhhS0taZlBva2hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIj1zXwqwkPdm4Hvd31Z
6Q23LQ+m81QQHTytO5zfA/W5O1ZU51VNAx7Lw7pE8nlsGlAJNoSbKYJMhOELeVZz
hfpRhlnCFUdZNkmz4pX6V3jIVBD+9fGj9WsGwaANkaV41jPX1tj3BB3a+BUZUtm8
CWynJDxujvmHWqxP5cf/HOqdEPG7lHi0fnRfDrbvXPm8ZOYp+FVMbzXlLNDFHlJc
vv21pHHbD4PUfoeE3wtUBGCdwq+aTj0xTJFmYPoA1Gn19bhj8Xl0KRGg8H4WS8Aj
jUctdP41DIXJKUWlIpe2pqO4rftdM+U99vIwogSfuGs1AhNFxmOwZpiWJIuiHaUE
yjU=
-----END CERTIFICATE-----
Generated at Wed Apr 30 22:01:07 2025 by rpki-client