Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lj74ag_OlkBvlWMH6dR8Cy0kUMA.roa
File: lj74ag_OlkBvlWMH6dR8Cy0kUMA.roa (raw, json)
Hash identifier: 2TOKu3vymln43ndjpaz8TVHdbpOn4iTBrUSLNZtsPR8=
Subject key identifier: 96:3E:F8:6A:0F:CE:96:40:6F:95:63:07:E9:D4:7C:0B:2D:24:50:C0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01862F6E6601E4638D6E5CBB17E62D35FD63
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lj74ag_OlkBvlWMH6dR8Cy0kUMA.roa
Signing time: Wed 08 Feb 2023 05:10:09 +0000
ROA not before: Wed 08 Feb 2023 05:10:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2f:6e:66:01:e4:63:8d:6e:5c:bb:17:e6:2d:35:fd:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 8 05:10:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=963ef86a0fce96406f956307e9d47c0b2d2450c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f4:5a:6b:47:4a:1b:2d:64:0a:c0:2d:04:95:
28:03:68:6f:a0:a2:b4:84:9a:4f:bf:af:c9:0a:f6:
5f:ee:82:01:86:3d:8a:3f:06:22:81:0a:e2:a8:79:
54:41:a9:dd:5b:66:e6:aa:81:6b:4d:77:b9:c0:ad:
bb:fe:bc:e1:37:67:67:ad:c4:07:bf:7d:52:95:2f:
c1:e5:24:a3:3b:7e:a3:fe:7a:28:6b:42:b4:c5:cb:
5d:5d:24:65:5e:b0:b6:87:03:de:4d:4a:e5:b1:6a:
6c:c1:7e:ad:14:a2:18:90:e6:5d:cf:29:19:a2:4a:
54:c7:99:25:b3:ec:48:b7:9b:02:b9:b8:de:c4:c8:
6a:ba:61:91:56:4d:86:cc:f2:e5:d4:51:8e:1c:11:
de:78:a7:2f:49:6f:40:4a:64:90:51:34:29:ea:d6:
12:15:be:b5:01:e0:b9:00:aa:91:d8:65:16:61:de:
5a:5c:0b:35:35:ed:95:6c:74:d2:66:06:0f:ca:e9:
68:c7:cd:e1:84:28:61:d3:f1:77:52:b4:d4:03:87:
cc:17:50:87:43:b9:48:0e:e3:7b:f8:23:62:2f:45:
41:9a:d3:8f:ff:93:50:ec:ee:eb:5c:56:8b:26:45:
72:34:e8:45:5c:b9:b9:61:1e:09:e4:dc:64:6d:ee:
81:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:3E:F8:6A:0F:CE:96:40:6F:95:63:07:E9:D4:7C:0B:2D:24:50:C0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lj74ag_OlkBvlWMH6dR8Cy0kUMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
96:a4:03:95:91:d1:ed:3c:1d:d7:69:ca:06:8d:c3:48:22:a3:
d4:83:c1:44:68:5a:8f:61:43:a6:30:2d:05:3b:20:33:35:81:
f3:43:07:1a:7c:e2:94:06:e4:10:73:e0:4a:46:15:58:6c:73:
b9:a6:01:a9:80:24:81:3a:84:ae:9c:b2:64:d1:0b:81:58:05:
43:22:13:5b:28:21:2e:30:b0:d7:ee:37:ec:d1:03:63:7d:43:
54:67:dc:19:7a:25:af:48:85:3f:51:57:56:35:e0:df:c4:97:
4a:5d:b0:eb:7c:0e:0d:7a:f4:8f:80:3c:14:52:a5:ea:1c:02:
19:0b:87:13:3d:39:0b:db:c0:f6:62:5e:2e:3b:91:05:5c:bd:
dd:8c:60:aa:22:84:21:45:b0:3c:2b:d7:f8:38:a4:90:6d:28:
32:6b:f5:e1:b2:41:45:5a:15:6b:e4:27:87:f3:78:67:7a:6d:
db:c2:8c:20:3c:e4:1a:e7:3d:ce:2b:9c:6a:54:0f:0e:df:93:
16:c8:21:5a:24:54:cc:20:2c:0e:f1:53:3c:da:6c:2b:90:f1:
8d:bd:86:ea:85:b1:c8:43:e8:09:e6:88:19:cc:3d:56:91:19:
1c:4b:f3:41:1a:5f:a4:4c:13:b7:a3:3c:d4:2f:ef:db:46:8c:
92:6d:df:2a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYvbmYB5GONbly7F+YtNf1jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjA4MDUxMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjNlZjg2YTBmY2U5NjQwNmY5NTYzMDdlOWQ0N2MwYjJkMjQ1MGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/Raa0dKGy1kCsAtBJUoA2hvoKK0
hJpPv6/JCvZf7oIBhj2KPwYigQriqHlUQandW2bmqoFrTXe5wK27/rzhN2dnrcQH
v31SlS/B5SSjO36j/nooa0K0xctdXSRlXrC2hwPeTUrlsWpswX6tFKIYkOZdzykZ
okpUx5kls+xIt5sCubjexMhqumGRVk2GzPLl1FGOHBHeeKcvSW9ASmSQUTQp6tYS
Fb61AeC5AKqR2GUWYd5aXAs1Ne2VbHTSZgYPyulox83hhChh0/F3UrTUA4fMF1CH
Q7lIDuN7+CNiL0VBmtOP/5NQ7O7rXFaLJkVyNOhFXLm5YR4J5Nxkbe6BdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJY++GoPzpZAb5VjB+nUfAstJFDAMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbGo3NGFnX09sa0J2bFdNSDZkUjhDeTBrVU1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJakA5WR0e08HddpygaN
w0gio9SDwURoWo9hQ6YwLQU7IDM1gfNDBxp84pQG5BBz4EpGFVhsc7mmAamAJIE6
hK6csmTRC4FYBUMiE1soIS4wsNfuN+zRA2N9Q1Rn3Bl6Ja9IhT9RV1Y14N/El0pd
sOt8Dg169I+APBRSpeocAhkLhxM9OQvbwPZiXi47kQVcvd2MYKoihCFFsDwr1/g4
pJBtKDJr9eGyQUVaFWvkJ4fzeGd6bdvCjCA85BrnPc4rnGpUDw7fkxbIIVokVMwg
LA7xUzzabCuQ8Y29huqFschD6AnmiBnMPVaRGRxL80EaX6RME7ejPNQv79tGjJJt
3yo=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:41:27 2025 by rpki-client