Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lwsboR-TB-MVkEIt4ethu5QZYZE.roa
File: lwsboR-TB-MVkEIt4ethu5QZYZE.roa (raw, json)
Hash identifier: stIbHUCor5bcS73AnXdC+1xgRqTHfrpzHFui1Wyz+Xg=
Subject key identifier: 97:0B:1B:A1:1F:93:07:E3:15:90:42:2D:E1:EB:61:BB:94:19:61:91
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189A7C22737068CAC4632BC749C2E568166
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lwsboR-TB-MVkEIt4ethu5QZYZE.roa
Signing time: Sun 30 Jul 2023 17:04:26 +0000
ROA not before: Sun 30 Jul 2023 17:04:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:189:a7c1:ec4f/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a7:c2:27:37:06:8c:ac:46:32:bc:74:9c:2e:56:81:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 30 17:04:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=970b1ba11f9307e31590422de1eb61bb94196191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:07:76:a7:ab:f7:e1:9f:24:0a:16:04:c6:5b:
dd:f6:77:0d:88:45:c2:5c:39:fb:f6:c8:5a:69:f8:
52:41:fd:82:15:8d:94:f9:b1:b5:fd:26:fa:d7:b6:
c1:72:c2:b6:de:04:da:55:93:0e:35:d1:b6:29:e8:
18:5a:26:77:2d:5e:b1:79:da:13:b2:d3:ad:68:50:
16:89:0d:10:57:66:84:3f:4b:04:68:a9:6f:0f:e6:
70:9c:da:c6:99:1f:ba:7a:87:6e:e0:1c:1a:88:bb:
99:e7:ac:87:18:49:82:66:8b:6f:cf:99:3d:e6:da:
27:9c:2d:78:9a:51:d3:46:b3:f9:37:96:b4:2d:4f:
be:44:83:b9:1f:14:a1:db:7e:f5:37:d0:35:13:c2:
7a:7a:db:6f:84:b2:50:fe:73:9b:46:06:f0:29:9c:
8f:af:8e:a1:64:1a:13:e6:67:8a:5f:8a:04:5d:81:
9c:e5:e6:23:24:74:9a:61:74:cf:aa:43:97:6d:5b:
49:35:6e:8b:81:92:c0:a7:ec:90:f9:4a:34:a7:93:
ac:ed:fb:7f:64:f9:cd:ff:1b:ce:df:80:32:71:5a:
c5:67:66:2c:48:91:41:3a:94:db:dd:6b:a7:63:b1:
15:23:bb:a0:b1:9d:d4:41:c7:c0:95:0d:cd:62:5d:
fd:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:0B:1B:A1:1F:93:07:E3:15:90:42:2D:E1:EB:61:BB:94:19:61:91
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lwsboR-TB-MVkEIt4ethu5QZYZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
45:c4:fe:c0:fb:09:eb:9a:36:16:b4:ea:3e:db:bc:f8:1c:b8:
e8:bc:41:51:c2:03:51:7f:50:38:ef:27:d8:fd:7b:ad:13:55:
67:3e:1c:a7:64:5d:dc:88:9f:82:aa:74:9d:b6:d3:79:2e:05:
2d:e1:f8:4c:05:9a:23:ad:23:dc:a2:86:36:48:89:06:f8:c1:
78:9c:95:65:ed:82:c9:4a:fd:f4:e8:c9:31:d2:5f:9a:73:1b:
98:6b:2a:1a:5a:57:40:f1:6a:d9:07:a2:46:a9:07:e6:67:dd:
dd:34:8e:19:35:9e:01:53:e3:d6:f0:4e:a3:d8:ab:fd:88:3a:
11:77:5d:45:42:3a:9d:75:64:a4:34:c3:aa:42:93:2c:ca:3b:
a2:45:ab:27:12:0e:2e:06:09:2f:ae:db:ac:c6:1e:86:31:26:
0a:49:d9:10:4e:eb:67:b9:25:97:a7:c6:c9:79:54:f1:05:9b:
6d:fb:8e:fb:31:50:95:25:ad:e3:60:d0:31:99:7a:d2:b9:70:
9d:ce:22:17:09:1a:90:4d:30:e8:b8:4a:95:4d:8b:bd:7a:ac:
7e:fc:e8:00:29:45:45:44:36:5f:66:d7:78:59:45:a3:78:5a:
1a:8e:b7:e7:26:bb:1b:bc:38:f1:f2:67:2e:ce:83:be:fa:d1:
9e:4d:51:a6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmnwic3BoysRjK8dJwuVoFmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzMwMTcwNDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzBiMWJhMTFmOTMwN2UzMTU5MDQyMmRlMWViNjFiYjk0MTk2MTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgd2p6v34Z8kChYExlvd9ncNiEXC
XDn79shaafhSQf2CFY2U+bG1/Sb617bBcsK23gTaVZMONdG2KegYWiZ3LV6xedoT
stOtaFAWiQ0QV2aEP0sEaKlvD+ZwnNrGmR+6eodu4BwaiLuZ56yHGEmCZotvz5k9
5tonnC14mlHTRrP5N5a0LU++RIO5HxSh2371N9A1E8J6ettvhLJQ/nObRgbwKZyP
r46hZBoT5meKX4oEXYGc5eYjJHSaYXTPqkOXbVtJNW6LgZLAp+yQ+Uo0p5Os7ft/
ZPnN/xvO34AycVrFZ2YsSJFBOpTb3WunY7EVI7ugsZ3UQcfAlQ3NYl39NQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJcLG6EfkwfjFZBCLeHrYbuUGWGRMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbHdzYm9SLVRCLU1Wa0VJdDRldGh1NVFaWVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEXE/sD7CeuaNha06j7b
vPgcuOi8QVHCA1F/UDjvJ9j9e60TVWc+HKdkXdyIn4KqdJ2203kuBS3h+EwFmiOt
I9yihjZIiQb4wXiclWXtgslK/fToyTHSX5pzG5hrKhpaV0DxatkHokapB+Zn3d00
jhk1ngFT49bwTqPYq/2IOhF3XUVCOp11ZKQ0w6pCkyzKO6JFqycSDi4GCS+u26zG
HoYxJgpJ2RBO62e5JZenxsl5VPEFm237jvsxUJUlreNg0DGZetK5cJ3OIhcJGpBN
MOi4SpVNi716rH786AApRUVENl9m13hZRaN4WhqOt+cmuxu8OPHyZy7Og7760Z5N
UaY=
-----END CERTIFICATE-----
Generated at Fri May 2 06:46:33 2025 by rpki-client