Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ljsJpSxhxmQubC-QKm8PGSxjU-U.roa
File: ljsJpSxhxmQubC-QKm8PGSxjU-U.roa (raw, json)
Hash identifier: jpncCZ9U+LTIGYuQ1nlTpk2M0Xh9bHE5OBYr1uov3EI=
Subject key identifier: 96:3B:09:A5:2C:61:C6:64:2E:6C:2F:90:2A:6F:0F:19:2C:63:53:E5
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0182AF95FF2A29BB437F10B54D436982AF7C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ljsJpSxhxmQubC-QKm8PGSxjU-U.roa
Signing time: Thu 18 Aug 2022 06:13:39 +0000
ROA not before: Thu 18 Aug 2022 06:13:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:af:95:ff:2a:29:bb:43:7f:10:b5:4d:43:69:82:af:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 18 06:13:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=963b09a52c61c6642e6c2f902a6f0f192c6353e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:46:bd:d8:14:32:1b:51:80:f2:05:52:ae:b2:
34:b9:ef:d5:af:cf:65:b9:f6:52:94:fb:26:a3:05:
c7:25:51:e6:d9:19:30:5b:1e:3c:07:72:3e:93:97:
6c:40:d0:b7:95:b0:d3:70:d7:86:8e:83:65:cd:06:
d9:30:30:b6:04:d6:94:ef:d1:11:d6:41:f1:b9:6e:
3f:df:b4:33:69:9f:1f:12:fa:50:3e:69:42:a1:7f:
ac:82:17:e8:b0:4a:cd:c0:31:99:6c:c2:a0:7a:45:
86:79:ac:b5:0f:3f:55:c9:b7:6f:a4:83:af:3a:50:
de:8e:e3:5a:c3:e4:6f:b9:89:4b:60:f2:a1:d1:95:
22:56:6f:6a:d8:72:f9:c3:14:f8:58:2c:d7:e8:be:
8e:3a:0e:b6:58:0b:a9:20:92:7a:aa:eb:29:55:58:
95:e6:68:59:18:3c:62:a0:4e:ff:f8:51:76:ac:d2:
44:dd:40:ea:22:56:00:f6:27:28:5a:f0:ba:2c:c8:
3b:a7:a0:e3:29:ac:86:3e:7f:0c:51:32:3e:bb:84:
b6:46:96:f1:57:b6:28:8f:d7:97:4a:fd:6f:58:69:
48:1b:66:36:f8:0a:f5:85:c4:39:cb:d2:e1:ff:e3:
e3:10:a1:88:bf:96:54:d4:af:5d:3d:44:d4:45:34:
09:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:3B:09:A5:2C:61:C6:64:2E:6C:2F:90:2A:6F:0F:19:2C:63:53:E5
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ljsJpSxhxmQubC-QKm8PGSxjU-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:01:f2:d8:92:fe:c9:ba:5d:b6:a3:76:2c:a7:e4:0b:d9:eb:
8a:5d:05:86:ac:cb:af:f9:95:04:15:68:c6:c4:65:eb:c4:94:
91:26:eb:06:2a:a2:6a:99:6f:9d:66:86:e4:c4:40:4a:35:da:
b7:e1:8e:af:d3:52:a5:85:0b:10:67:e3:22:32:c4:db:17:12:
32:19:c4:a9:cf:76:b2:18:0b:1c:1d:7d:5c:ae:2c:97:dc:a6:
d2:b9:90:fb:db:df:5a:09:9d:83:a3:91:18:03:af:c2:c7:5d:
32:18:4c:28:53:5a:eb:02:20:18:ea:ac:01:a6:aa:4f:04:1b:
77:fc:64:56:2d:a1:2c:36:63:2d:c6:b8:51:cb:2f:d0:10:47:
4a:2f:c9:19:1f:2d:18:fa:b1:53:fc:18:6b:92:2c:c8:87:0a:
d0:a7:e1:f7:e5:0b:e7:fc:6a:d5:d2:10:b2:d5:aa:39:8c:96:
57:83:1a:7b:33:70:07:8e:91:a0:4f:47:99:52:e2:61:8d:42:
ae:fe:42:c4:99:20:41:bc:27:45:93:91:95:5d:83:4a:eb:38:
33:8b:9c:7e:1b:d4:46:44:45:fd:41:b2:68:ec:f1:97:4d:d4:
bb:39:ce:af:08:31:aa:6d:d4:a0:c7:a6:93:24:44:99:ea:41:
8b:9d:98:65
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYKvlf8qKbtDfxC1TUNpgq98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwODE4MDYxMzM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjNiMDlhNTJjNjFjNjY0MmU2YzJmOTAyYTZmMGYxOTJjNjM1M2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuka92BQyG1GA8gVSrrI0ue/Vr89l
ufZSlPsmowXHJVHm2RkwWx48B3I+k5dsQNC3lbDTcNeGjoNlzQbZMDC2BNaU79ER
1kHxuW4/37QzaZ8fEvpQPmlCoX+sghfosErNwDGZbMKgekWGeay1Dz9VybdvpIOv
OlDejuNaw+RvuYlLYPKh0ZUiVm9q2HL5wxT4WCzX6L6OOg62WAupIJJ6quspVViV
5mhZGDxioE7/+FF2rNJE3UDqIlYA9icoWvC6LMg7p6DjKayGPn8MUTI+u4S2Rpbx
V7Yoj9eXSv1vWGlIG2Y2+Ar1hcQ5y9Lh/+PjEKGIv5ZU1K9dPUTURTQJOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJY7CaUsYcZkLmwvkCpvDxksY1PlMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbGpzSnBTeGh4bVF1YkMtUUttOFBHU3hqVS1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB4B8tiS/sm6Xbajdiyn
5AvZ64pdBYasy6/5lQQVaMbEZevElJEm6wYqomqZb51mhuTEQEo12rfhjq/TUqWF
CxBn4yIyxNsXEjIZxKnPdrIYCxwdfVyuLJfcptK5kPvb31oJnYOjkRgDr8LHXTIY
TChTWusCIBjqrAGmqk8EG3f8ZFYtoSw2Yy3GuFHLL9AQR0ovyRkfLRj6sVP8GGuS
LMiHCtCn4fflC+f8atXSELLVqjmMlleDGnszcAeOkaBPR5lS4mGNQq7+QsSZIEG8
J0WTkZVdg0rrODOLnH4b1EZERf1Bsmjs8ZdN1Ls5zq8IMapt1KDHppMkRJnqQYud
mGU=
-----END CERTIFICATE-----
Generated at Thu May 1 21:29:02 2025 by rpki-client