Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/LzBJZwnaKkkABbyo-2Y-4eJy3GY.roa
File: LzBJZwnaKkkABbyo-2Y-4eJy3GY.roa (raw, json)
Hash identifier: 6qq7hyrv8lZN1i2qdzZmUwIHvEjEQlTWIbewGBxCC1s=
Subject key identifier: 2F:30:49:67:09:DA:2A:49:00:05:BC:A8:FB:66:3E:E1:E2:72:DC:66
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D29933C9AA53EA4536942FEB2258CAAC7
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/LzBJZwnaKkkABbyo-2Y-4eJy3GY.roa
Signing time: Sun 21 Jan 2024 01:12:11 +0000
ROA not before: Sun 21 Jan 2024 01:12:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:29:93:3c:9a:a5:3e:a4:53:69:42:fe:b2:25:8c:aa:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 21 01:12:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f30496709da2a490005bca8fb663ee1e272dc66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e4:b1:d0:56:83:43:b4:05:fd:c7:16:df:c1:
bd:e3:51:7c:50:8f:e6:0c:dd:5d:28:dc:64:19:51:
55:6c:db:7a:8d:db:76:94:e4:ac:28:6d:56:f2:63:
72:22:f8:35:8f:30:48:e1:28:18:b4:cb:24:a2:d6:
9a:25:27:30:fd:2f:01:64:1a:20:94:9d:65:12:0a:
b1:b2:c6:2d:0c:7e:a7:7e:81:0b:3a:d7:b7:b5:3c:
ef:c6:9d:9e:00:65:93:b7:50:70:ca:6b:17:f9:98:
bf:88:0e:11:21:51:72:46:bd:15:d9:1c:09:75:95:
7b:af:6a:e4:29:28:b6:b0:23:bc:c9:63:c0:fd:9d:
14:45:91:63:e0:6d:88:af:59:e5:99:0b:44:b4:d7:
ac:dd:15:c0:47:73:6f:c4:cb:55:03:ee:67:1b:e3:
37:72:e3:dc:2b:57:c5:02:60:5d:b5:b9:3a:48:73:
71:a9:01:02:90:5b:4e:21:ad:20:87:38:60:87:03:
32:ae:9a:37:58:25:ad:ab:bb:40:2c:31:29:ce:1b:
3e:af:b4:37:1d:4a:4c:57:29:24:cf:fb:76:ef:59:
ab:15:f0:62:0b:8f:71:67:76:2a:fc:63:cc:3f:c2:
55:a0:21:7b:44:a6:8a:7f:32:ad:e1:5a:25:e3:87:
a8:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:30:49:67:09:DA:2A:49:00:05:BC:A8:FB:66:3E:E1:E2:72:DC:66
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/LzBJZwnaKkkABbyo-2Y-4eJy3GY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
41:b7:e9:88:d7:f2:59:d9:e6:f7:84:e7:b4:e1:45:58:30:af:
6e:4f:22:95:94:d8:33:ff:06:fe:08:26:c7:3e:b7:1e:12:34:
00:44:60:31:54:4f:bc:c2:05:84:ed:8a:5a:d3:5b:6c:1b:40:
bf:32:fe:52:2f:9d:b9:c8:f7:36:33:75:ff:8e:2c:6d:7c:c3:
80:cf:bc:d7:07:59:de:af:19:e7:7f:cd:8f:93:f2:0f:5a:0b:
18:a9:3a:40:a0:7c:83:62:d1:dc:11:25:ba:e6:0e:85:b0:59:
69:ce:b5:1d:75:40:4a:76:0d:25:9b:18:84:a4:12:85:ab:da:
e4:db:53:87:95:b2:1a:b7:54:c0:88:16:03:c2:6d:a9:72:08:
8c:8e:c8:35:6a:87:c3:14:28:fa:57:03:04:cf:88:35:c1:88:
6d:90:70:0a:95:75:5b:57:df:1b:f1:9c:65:33:4f:53:10:4d:
0a:06:8b:f5:bd:16:6f:e2:07:99:2a:53:cb:e0:e7:29:97:b3:
d0:26:16:e6:5c:39:b2:62:5b:0f:a7:83:d1:cc:c0:35:af:c5:
97:11:13:7d:5a:0d:9f:dc:2e:78:cc:be:f1:5e:cb:05:4d:ce:
65:98:b6:1c:eb:be:cd:8e:57:b9:92:fd:50:1d:ba:ee:d7:64:
84:87:0a:d8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0pkzyapT6kU2lC/rIljKrHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIxMDExMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjMwNDk2NzA5ZGEyYTQ5MDAwNWJjYThmYjY2M2VlMWUyNzJkYzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuSx0FaDQ7QF/ccW38G941F8UI/m
DN1dKNxkGVFVbNt6jdt2lOSsKG1W8mNyIvg1jzBI4SgYtMskotaaJScw/S8BZBog
lJ1lEgqxssYtDH6nfoELOte3tTzvxp2eAGWTt1BwymsX+Zi/iA4RIVFyRr0V2RwJ
dZV7r2rkKSi2sCO8yWPA/Z0URZFj4G2Ir1nlmQtEtNes3RXAR3NvxMtVA+5nG+M3
cuPcK1fFAmBdtbk6SHNxqQECkFtOIa0ghzhghwMyrpo3WCWtq7tALDEpzhs+r7Q3
HUpMVykkz/t271mrFfBiC49xZ3Yq/GPMP8JVoCF7RKaKfzKt4Vol44eouQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC8wSWcJ2ipJAAW8qPtmPuHictxmMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTHpCSlp3bmFLa2tBQmJ5by0yWS00ZUp5M0dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEG36YjX8lnZ5veE57Th
RVgwr25PIpWU2DP/Bv4IJsc+tx4SNABEYDFUT7zCBYTtilrTW2wbQL8y/lIvnbnI
9zYzdf+OLG18w4DPvNcHWd6vGed/zY+T8g9aCxipOkCgfINi0dwRJbrmDoWwWWnO
tR11QEp2DSWbGISkEoWr2uTbU4eVshq3VMCIFgPCbalyCIyOyDVqh8MUKPpXAwTP
iDXBiG2QcAqVdVtX3xvxnGUzT1MQTQoGi/W9Fm/iB5kqU8vg5ymXs9AmFuZcObJi
Ww+ng9HMwDWvxZcRE31aDZ/cLnjMvvFeywVNzmWYthzrvs2OV7mS/VAduu7XZISH
Ctg=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:40:06 2025 by rpki-client