Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lr-k50FDqlEF3q68bOFuAlmXuRY.roa
File: lr-k50FDqlEF3q68bOFuAlmXuRY.roa (raw, json)
Hash identifier: jpTwOsaVD+kircAh81x8N14tnk9hIwWOIPzwQOqskTI=
Subject key identifier: 96:BF:A4:E7:41:43:AA:51:05:DE:AE:BC:6C:E1:6E:02:59:97:B9:16
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01829906E3C6226F1B295CC06BF10D80190A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lr-k50FDqlEF3q68bOFuAlmXuRY.roa
Signing time: Sat 13 Aug 2022 21:05:41 +0000
ROA not before: Sat 13 Aug 2022 21:05:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:9906:1b05/128 maxlen: 128
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:99:06:e3:c6:22:6f:1b:29:5c:c0:6b:f1:0d:80:19:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 13 21:05:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96bfa4e74143aa5105deaebc6ce16e025997b916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:98:88:7b:ef:2c:ce:74:da:8c:9e:b7:2c:a4:
13:8b:96:1f:d3:5e:c4:52:04:26:6c:f4:08:c3:ab:
50:b6:24:70:3c:47:90:67:d5:0b:f6:cc:f1:a5:63:
d4:97:5c:73:f2:a6:5d:db:51:7e:a5:40:d6:51:81:
a3:25:80:e2:0a:82:b2:15:0b:59:7c:32:5d:4a:02:
13:3e:de:fc:c4:ca:0d:10:a2:16:61:e6:3d:14:0d:
b7:4a:c4:9c:c6:6d:bc:53:42:07:f6:d4:a9:9b:02:
ce:ae:d6:83:71:c8:3d:88:be:b2:ed:a0:84:d1:50:
cf:79:10:ee:8c:64:7f:73:ff:75:c0:a4:66:d9:e3:
8e:66:cb:43:79:f3:7c:01:34:44:15:58:a6:e5:5d:
4e:d1:a9:7b:5d:38:46:13:0b:a0:4b:dc:4d:85:dc:
e1:19:7d:49:74:2b:b0:ce:79:da:31:95:a8:7d:ef:
94:e9:38:ad:d0:01:01:0d:72:ad:f7:c0:1d:c7:67:
4c:c2:2b:e6:95:be:a8:5c:aa:fd:cb:c2:95:f4:4e:
2b:25:f6:81:c1:69:37:d3:f7:f8:3a:be:29:5b:0d:
53:61:a4:06:13:73:a6:f5:a2:40:29:9c:a5:8f:fe:
7f:03:db:9b:ae:06:e8:1e:99:e4:1c:bd:2b:11:c2:
36:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:BF:A4:E7:41:43:AA:51:05:DE:AE:BC:6C:E1:6E:02:59:97:B9:16
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lr-k50FDqlEF3q68bOFuAlmXuRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:f8:64:fa:8d:a0:88:6d:03:c3:86:5f:bc:76:59:73:31:b0:
6b:e4:7d:06:93:ca:d6:41:54:c0:4b:88:de:b1:37:3e:20:d9:
7c:6a:e1:6c:f7:be:66:3f:1f:9e:13:dc:cd:6c:74:51:99:3a:
a7:8f:1f:b2:0f:f5:96:7f:91:30:f9:96:95:42:d2:a9:97:7c:
de:06:fe:a9:3f:bf:a7:e5:1d:e0:ff:ad:62:6e:ad:8c:68:fb:
dd:17:f7:43:2d:8b:ff:1a:ec:c3:da:1b:15:98:cb:3b:1a:d5:
22:a3:d5:d2:70:8e:e3:fe:66:84:08:ef:d1:da:f4:7e:c3:94:
42:44:5e:5b:63:4d:11:7b:82:2c:da:9b:55:4d:8e:1b:9f:82:
f1:af:2f:81:22:8e:42:00:29:1c:4d:f7:df:67:80:25:a5:3f:
c0:18:91:cf:42:bf:39:e3:4a:42:50:09:d8:20:b1:2d:53:a2:
f2:a0:fe:37:35:7c:e1:53:76:40:c3:dd:14:19:18:14:a3:ea:
3c:94:70:2d:46:16:18:86:40:26:b1:79:97:46:46:a5:06:5b:
6a:1f:19:ab:66:e2:57:79:46:00:4d:40:67:9d:09:4b:42:06:
95:5e:68:c2:32:b0:75:40:80:68:68:72:59:9d:dd:08:5a:9d:
cd:8f:ce:65
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYKZBuPGIm8bKVzAa/ENgBkKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwODEzMjEwNTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmJmYTRlNzQxNDNhYTUxMDVkZWFlYmM2Y2UxNmUwMjU5OTdiOTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspiIe+8sznTajJ63LKQTi5Yf017E
UgQmbPQIw6tQtiRwPEeQZ9UL9szxpWPUl1xz8qZd21F+pUDWUYGjJYDiCoKyFQtZ
fDJdSgITPt78xMoNEKIWYeY9FA23SsScxm28U0IH9tSpmwLOrtaDccg9iL6y7aCE
0VDPeRDujGR/c/91wKRm2eOOZstDefN8ATREFVim5V1O0al7XThGEwugS9xNhdzh
GX1JdCuwznnaMZWofe+U6Tit0AEBDXKt98Adx2dMwivmlb6oXKr9y8KV9E4rJfaB
wWk30/f4Or4pWw1TYaQGE3Om9aJAKZylj/5/A9ubrgboHpnkHL0rEcI21wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJa/pOdBQ6pRBd6uvGzhbgJZl7kWMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbHItazUwRkRxbEVGM3E2OGJPRnVBbG1YdVJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGH4ZPqNoIhtA8OGX7x2
WXMxsGvkfQaTytZBVMBLiN6xNz4g2Xxq4Wz3vmY/H54T3M1sdFGZOqePH7IP9ZZ/
kTD5lpVC0qmXfN4G/qk/v6flHeD/rWJurYxo+90X90Mti/8a7MPaGxWYyzsa1SKj
1dJwjuP+ZoQI79Ha9H7DlEJEXltjTRF7gizam1VNjhufgvGvL4EijkIAKRxN999n
gCWlP8AYkc9CvznjSkJQCdggsS1TovKg/jc1fOFTdkDD3RQZGBSj6jyUcC1GFhiG
QCaxeZdGRqUGW2ofGatm4ld5RgBNQGedCUtCBpVeaMIysHVAgGhoclmd3Qhanc2P
zmU=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:25:51 2025 by rpki-client