Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ltIapVfUF9JSDD5CyapY5Jyhrjk.roa
File: ltIapVfUF9JSDD5CyapY5Jyhrjk.roa (raw, json)
Hash identifier: woqcTixaUdsIOuseH7AduL0ftjO2u0FQSAh1UqjBMS0=
Subject key identifier: 96:D2:1A:A5:57:D4:17:D2:52:0C:3E:42:C9:AA:58:E4:9C:A1:AE:39
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01851BE510F7587A43A842570320AF43A370
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ltIapVfUF9JSDD5CyapY5Jyhrjk.roa
Signing time: Fri 16 Dec 2022 17:04:34 +0000
ROA not before: Fri 16 Dec 2022 17:04:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:185:1be4:bfec/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1b:e5:10:f7:58:7a:43:a8:42:57:03:20:af:43:a3:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 16 17:04:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96d21aa557d417d2520c3e42c9aa58e49ca1ae39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:22:1b:b3:34:15:c9:54:e5:e2:ca:02:dc:a1:
24:3b:44:64:95:91:c6:c3:32:c3:0e:52:7e:6a:7a:
01:ed:58:06:03:d1:e6:49:17:7c:d5:d3:a2:8d:aa:
99:3c:95:58:31:8f:a9:86:85:c2:b0:c4:cc:0c:5d:
84:88:45:2c:35:42:23:8f:56:eb:1c:14:06:22:9d:
01:f4:04:a7:9b:54:9a:37:cf:38:77:87:0e:ec:0a:
85:29:92:39:8c:a9:84:c9:aa:c0:82:9a:88:e7:1d:
e7:9d:b0:71:e5:c6:14:49:2c:9a:a3:f1:e2:47:4f:
a0:3f:8b:6b:dd:e7:06:3d:e9:05:56:26:05:e4:2b:
32:78:5c:52:f5:00:b4:3a:a4:ad:99:fc:a2:79:d0:
c5:4c:3b:0b:37:68:05:59:3d:1f:02:92:85:bc:c4:
04:f4:4a:36:dd:71:74:b0:a3:ad:c3:31:1a:52:51:
36:53:12:9e:a8:21:6b:8d:42:8e:99:12:58:ed:aa:
54:2d:cb:1d:f6:8d:d3:65:d5:93:0a:b5:03:57:23:
6d:24:63:da:09:ac:19:14:45:22:28:b3:37:70:59:
14:8c:b9:0a:52:e4:36:5d:ad:f2:79:99:41:b0:58:
1b:9c:f8:f7:9c:7b:6d:d2:5a:5f:f1:e5:33:59:ea:
13:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:D2:1A:A5:57:D4:17:D2:52:0C:3E:42:C9:AA:58:E4:9C:A1:AE:39
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/ltIapVfUF9JSDD5CyapY5Jyhrjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
97:d9:2f:84:4b:d3:56:eb:1d:db:d3:76:a7:66:27:24:22:ae:
c1:62:1f:4a:ed:43:ef:6f:f7:01:46:f5:19:3d:63:08:c1:76:
d3:78:4a:6f:e0:af:6f:b5:33:27:fd:e7:88:8b:cd:59:2e:41:
62:90:92:21:85:59:9c:80:7a:5f:d5:33:2a:1b:20:bc:1e:b0:
7c:76:64:51:68:5b:69:0b:bf:e2:f1:cd:69:ad:9c:0d:e9:fe:
eb:e5:4b:c6:e1:db:f9:e2:98:be:63:5c:72:42:2a:e6:3f:bb:
8c:d8:b0:2d:9e:a8:58:a3:5e:88:64:19:e9:c6:cc:31:b4:8e:
b1:cc:ad:1e:a0:39:e6:b8:0b:d7:b3:0a:31:e3:f3:c4:84:75:
0f:a9:ac:fe:3f:6f:0f:1c:21:d2:e0:f2:5c:fc:34:bf:a9:9d:
66:ec:28:84:9a:2d:44:1b:9c:26:01:f3:23:90:b8:f9:76:c0:
de:2f:b7:37:35:e1:01:a8:cb:98:5a:a7:f8:51:e1:89:28:64:
3c:cb:5c:d5:27:c3:a4:a8:72:e6:b4:34:57:59:22:56:02:84:
5e:bc:a9:79:74:20:78:24:14:49:20:c9:64:69:1d:29:06:91:
e1:49:60:20:bd:f3:f2:0b:e7:74:64:19:45:18:4d:75:01:57:
60:7f:03:05
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUb5RD3WHpDqEJXAyCvQ6NwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjE2MTcwNDM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmQyMWFhNTU3ZDQxN2QyNTIwYzNlNDJjOWFhNThlNDljYTFhZTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyIbszQVyVTl4soC3KEkO0RklZHG
wzLDDlJ+anoB7VgGA9HmSRd81dOijaqZPJVYMY+phoXCsMTMDF2EiEUsNUIjj1br
HBQGIp0B9ASnm1SaN884d4cO7AqFKZI5jKmEyarAgpqI5x3nnbBx5cYUSSyao/Hi
R0+gP4tr3ecGPekFViYF5CsyeFxS9QC0OqStmfyiedDFTDsLN2gFWT0fApKFvMQE
9Eo23XF0sKOtwzEaUlE2UxKeqCFrjUKOmRJY7apULcsd9o3TZdWTCrUDVyNtJGPa
CawZFEUiKLM3cFkUjLkKUuQ2Xa3yeZlBsFgbnPj3nHtt0lpf8eUzWeoTjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJbSGqVX1BfSUgw+QsmqWOScoa45MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbHRJYXBWZlVGOUpTREQ1Q3lhcFk1SnlocmprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJfZL4RL01brHdvTdqdm
JyQirsFiH0rtQ+9v9wFG9Rk9YwjBdtN4Sm/gr2+1Myf954iLzVkuQWKQkiGFWZyA
el/VMyobILwesHx2ZFFoW2kLv+LxzWmtnA3p/uvlS8bh2/nimL5jXHJCKuY/u4zY
sC2eqFijXohkGenGzDG0jrHMrR6gOea4C9ezCjHj88SEdQ+prP4/bw8cIdLg8lz8
NL+pnWbsKISaLUQbnCYB8yOQuPl2wN4vtzc14QGoy5hap/hR4YkoZDzLXNUnw6So
cua0NFdZIlYChF68qXl0IHgkFEkgyWRpHSkGkeFJYCC98/IL53RkGUUYTXUBV2B/
AwU=
-----END CERTIFICATE-----
Generated at Fri May 2 15:39:23 2025 by rpki-client