Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lsZsqfVRPvEC_Wk2rkZ-e38qXGQ.roa
File: lsZsqfVRPvEC_Wk2rkZ-e38qXGQ.roa (raw, json)
Hash identifier: Y48a2xj6t7/DHN9+tUUBLjlEsBBTA4ufWHvtP8pIBGY=
Subject key identifier: 96:C6:6C:A9:F5:51:3E:F1:02:FD:69:36:AE:46:7E:7B:7F:2A:5C:64
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184D6D27B55B887CCDBDE485C129642917D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lsZsqfVRPvEC_Wk2rkZ-e38qXGQ.roa
Signing time: Sat 03 Dec 2022 07:10:29 +0000
ROA not before: Sat 03 Dec 2022 07:10:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d6:d2:7b:55:b8:87:cc:db:de:48:5c:12:96:42:91:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 3 07:10:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96c66ca9f5513ef102fd6936ae467e7b7f2a5c64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4b:c6:4c:80:35:1a:dd:72:3d:0c:6e:7d:bc:
6e:0b:89:cf:1d:ea:f7:9e:47:70:c6:17:d4:44:a1:
1b:68:f2:00:eb:6a:2c:c2:f2:8f:c9:0c:4e:d2:4b:
c2:9c:94:4b:31:92:ea:8b:29:6a:e4:2a:6d:fe:79:
a2:51:a0:71:7c:00:e0:9d:d1:06:42:c4:53:c6:f7:
ed:01:f7:e7:86:20:88:fb:75:1d:eb:e7:4a:56:9d:
00:5c:45:b0:50:2f:6d:94:fb:3c:4f:68:39:b1:aa:
dc:15:22:f3:49:61:2e:cc:53:87:39:97:8e:78:f5:
e9:54:3c:c3:41:25:aa:e1:d3:cc:d4:32:c2:e3:f1:
f4:8b:4f:18:03:83:0a:31:ef:ce:db:aa:ce:ae:14:
29:a7:d9:c5:ff:34:73:a9:ba:1e:60:c1:47:de:f8:
9a:72:23:4b:bf:32:0b:89:cf:58:9d:ed:bd:35:a1:
c4:7f:94:e2:f5:cc:1f:59:90:a0:36:91:a9:40:b8:
2b:58:ea:26:2c:f6:d1:10:fb:b4:16:dc:65:4c:db:
25:22:e5:16:67:9b:92:dc:0a:6f:2b:f7:66:7f:73:
34:8a:d8:9b:88:d6:36:be:e3:91:9c:95:7f:43:74:
4e:82:81:9b:fe:22:58:c1:ce:a3:c4:82:0b:82:c7:
78:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:C6:6C:A9:F5:51:3E:F1:02:FD:69:36:AE:46:7E:7B:7F:2A:5C:64
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lsZsqfVRPvEC_Wk2rkZ-e38qXGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
29:5a:64:fb:23:32:ef:7d:d3:e5:1d:86:7c:28:3b:b0:fc:48:
cc:77:c9:8d:bf:4d:46:fe:46:dc:72:a3:79:03:6d:18:94:53:
d0:3a:bc:63:e7:12:c8:d6:55:f6:16:f7:49:c7:aa:5a:3f:66:
59:bd:dc:8b:8b:ca:13:79:bb:28:2f:6c:9b:79:ce:09:70:86:
7c:60:e6:c2:7a:f6:95:a3:39:5e:9b:31:06:62:1e:12:60:a4:
9c:03:cd:7e:18:fc:e2:36:05:94:bc:4d:a2:2c:f9:b1:e6:eb:
97:26:66:05:78:da:b4:1d:1e:17:ca:0d:b0:b0:72:82:88:de:
1a:7d:b3:8a:9c:4e:10:a0:28:62:2a:63:81:95:c9:77:0b:d4:
7f:f6:ac:92:1c:d5:7f:41:12:80:24:8a:2d:ae:cc:7e:8f:9b:
29:aa:83:24:42:97:f2:47:ad:92:9f:63:1e:79:d1:1c:1e:7c:
5c:44:42:a3:4a:9b:e3:be:89:bf:81:2c:b0:88:89:f7:fa:9c:
1c:ef:28:08:5b:9e:f8:70:69:4b:56:45:57:60:b5:85:bd:a0:
b8:92:f4:ae:3d:12:e7:87:72:05:82:ca:b0:00:22:ef:d4:35:
ae:a9:65:64:01:06:c7:35:f4:8d:4a:44:1e:07:8a:ac:39:5b:
12:ba:b0:7c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTW0ntVuIfM295IXBKWQpF9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjAzMDcxMDI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmM2NmNhOWY1NTEzZWYxMDJmZDY5MzZhZTQ2N2U3YjdmMmE1YzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0vGTIA1Gt1yPQxufbxuC4nPHer3
nkdwxhfURKEbaPIA62oswvKPyQxO0kvCnJRLMZLqiylq5Cpt/nmiUaBxfADgndEG
QsRTxvftAffnhiCI+3Ud6+dKVp0AXEWwUC9tlPs8T2g5sarcFSLzSWEuzFOHOZeO
ePXpVDzDQSWq4dPM1DLC4/H0i08YA4MKMe/O26rOrhQpp9nF/zRzqboeYMFH3via
ciNLvzILic9Yne29NaHEf5Ti9cwfWZCgNpGpQLgrWOomLPbREPu0FtxlTNslIuUW
Z5uS3ApvK/dmf3M0itibiNY2vuORnJV/Q3ROgoGb/iJYwc6jxIILgsd4jQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJbGbKn1UT7xAv1pNq5Gfnt/KlxkMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbHNac3FmVlJQdkVDX1drMnJrWi1lMzhxWEdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAClaZPsjMu990+Udhnwo
O7D8SMx3yY2/TUb+Rtxyo3kDbRiUU9A6vGPnEsjWVfYW90nHqlo/Zlm93IuLyhN5
uygvbJt5zglwhnxg5sJ69pWjOV6bMQZiHhJgpJwDzX4Y/OI2BZS8TaIs+bHm65cm
ZgV42rQdHhfKDbCwcoKI3hp9s4qcThCgKGIqY4GVyXcL1H/2rJIc1X9BEoAkii2u
zH6PmymqgyRCl/JHrZKfYx550RwefFxEQqNKm+O+ib+BLLCIiff6nBzvKAhbnvhw
aUtWRVdgtYW9oLiS9K49EueHcgWCyrAAIu/UNa6pZWQBBsc19I1KRB4Hiqw5WxK6
sHw=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:05:24 2025 by rpki-client