Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/llElTF0Nw01TV3fjtdbcVMO3eLw.roa
File: llElTF0Nw01TV3fjtdbcVMO3eLw.roa (raw, json)
Hash identifier: Xn9g3FOL9smuiSYsn23MCVDR2J90wfbsIXBN/bl+UFk=
Subject key identifier: 96:51:25:4C:5D:0D:C3:4D:53:57:77:E3:B5:D6:DC:54:C3:B7:78:BC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0187AE0516942638E98D92C7448426E41F2F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/llElTF0Nw01TV3fjtdbcVMO3eLw.roa
Signing time: Sun 23 Apr 2023 12:09:41 +0000
ROA not before: Sun 23 Apr 2023 12:09:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ae:05:16:94:26:38:e9:8d:92:c7:44:84:26:e4:1f:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 23 12:09:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9651254c5d0dc34d535777e3b5d6dc54c3b778bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c0:4e:ca:01:50:4f:c0:4f:48:bf:e9:ea:3a:
ed:e4:c5:a9:20:6c:ea:66:da:47:36:cd:c0:4b:92:
46:07:0f:11:f6:c7:ef:9e:7d:ba:78:3f:3b:d4:80:
db:a7:a3:8e:fa:62:79:b0:ad:c3:c7:1d:0e:89:ea:
ef:bc:10:19:e1:3c:82:51:ef:96:a8:59:01:c6:3b:
92:aa:ae:a0:8f:59:b9:ec:08:68:03:14:7d:cc:5a:
bf:29:17:ec:4c:cc:16:e5:20:e2:df:11:e9:f8:4a:
cd:7f:3e:cb:af:0e:58:d8:e8:8f:12:62:39:6a:4f:
0e:f4:32:34:b5:21:55:d2:36:e2:ca:00:5a:fd:cb:
40:eb:8e:16:db:50:48:03:aa:c2:cb:78:8c:89:0f:
aa:37:79:b6:20:a3:db:77:ab:6f:dd:bc:be:3e:ba:
a0:02:ba:86:97:68:0c:22:23:3c:c6:17:f6:a6:75:
1c:7c:70:9f:82:8e:12:56:2e:b1:06:cb:10:8f:90:
11:12:f9:b8:4e:da:c2:a6:6e:8b:64:36:74:c2:7a:
ee:56:90:41:b1:fe:49:4e:b6:08:7d:21:9f:99:fc:
ca:6d:4e:bb:74:f4:31:16:8f:dc:53:ce:8d:51:98:
f4:6c:3b:5c:fc:33:e2:57:e0:54:38:e6:31:18:c4:
69:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:51:25:4C:5D:0D:C3:4D:53:57:77:E3:B5:D6:DC:54:C3:B7:78:BC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/llElTF0Nw01TV3fjtdbcVMO3eLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
00:32:b4:81:eb:68:d6:1b:3f:4d:12:f3:83:6e:35:08:9a:a1:
78:58:bf:19:98:40:32:65:d8:9c:1e:5a:d9:fb:bc:a6:2b:da:
f3:19:0d:8b:51:d9:ed:a2:b1:96:a1:98:ca:20:a7:e2:32:49:
f5:71:af:d1:b7:af:ad:07:ad:a6:ce:ca:4a:8f:74:07:dc:7d:
af:0e:5e:00:2d:b7:7e:cf:de:f9:e1:23:fc:f0:b9:59:19:72:
d0:c9:ab:ac:63:3f:a1:46:3f:77:77:9c:9c:95:8d:1c:0a:66:
c9:19:06:42:b3:52:b4:7d:f6:bd:9b:69:50:4a:da:62:ac:bf:
6e:69:5b:3f:20:30:65:a8:27:11:82:3a:56:3e:45:83:65:bd:
53:00:79:9a:47:9c:e6:f3:f2:d3:ae:2d:a5:0f:33:47:35:2c:
6d:20:06:7b:b1:d4:4c:6e:c9:04:ee:63:a5:b6:e4:bf:63:17:
82:d9:b3:7f:02:81:34:dd:4d:84:d1:5c:b3:66:75:eb:d2:36:
18:37:f5:5e:f0:96:a0:ac:42:49:ff:82:2d:7d:0a:a7:08:12:
db:60:5e:f3:62:e3:63:48:50:a8:ff:c7:c2:37:70:80:67:c1:
fb:8b:71:0d:75:74:b0:f3:e7:b2:02:13:ff:44:3c:d1:f0:37:
4e:0a:31:81
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYeuBRaUJjjpjZLHRIQm5B8vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNDIzMTIwOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjUxMjU0YzVkMGRjMzRkNTM1Nzc3ZTNiNWQ2ZGM1NGMzYjc3OGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcBOygFQT8BPSL/p6jrt5MWpIGzq
ZtpHNs3AS5JGBw8R9sfvnn26eD871IDbp6OO+mJ5sK3Dxx0OiervvBAZ4TyCUe+W
qFkBxjuSqq6gj1m57AhoAxR9zFq/KRfsTMwW5SDi3xHp+ErNfz7Lrw5Y2OiPEmI5
ak8O9DI0tSFV0jbiygBa/ctA644W21BIA6rCy3iMiQ+qN3m2IKPbd6tv3by+Prqg
ArqGl2gMIiM8xhf2pnUcfHCfgo4SVi6xBssQj5AREvm4TtrCpm6LZDZ0wnruVpBB
sf5JTrYIfSGfmfzKbU67dPQxFo/cU86NUZj0bDtc/DPiV+BUOOYxGMRp0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJZRJUxdDcNNU1d347XW3FTDt3i8MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbGxFbFRGME53MDFUVjNmanRkYmNWTU8zZUx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAAytIHraNYbP00S84Nu
NQiaoXhYvxmYQDJl2JweWtn7vKYr2vMZDYtR2e2isZahmMogp+IySfVxr9G3r60H
rabOykqPdAfcfa8OXgAtt37P3vnhI/zwuVkZctDJq6xjP6FGP3d3nJyVjRwKZskZ
BkKzUrR99r2baVBK2mKsv25pWz8gMGWoJxGCOlY+RYNlvVMAeZpHnObz8tOuLaUP
M0c1LG0gBnux1ExuyQTuY6W25L9jF4LZs38CgTTdTYTRXLNmdevSNhg39V7wlqCs
Qkn/gi19CqcIEttgXvNi42NIUKj/x8I3cIBnwfuLcQ11dLDz57ICE/9EPNHwN04K
MYE=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:46:18 2025 by rpki-client