Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dLzt56mR4CHTeStnckeBXlZVUGs.roa
File: dLzt56mR4CHTeStnckeBXlZVUGs.roa (raw, json)
Hash identifier: Ryc3sM8g+wze6XiAnZ6CU8qZuaysNsC7rRf6IVeQy9Q=
Subject key identifier: 74:BC:ED:E7:A9:91:E0:21:D3:79:2B:67:72:47:81:5E:56:55:50:6B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185DBBE91E8BC63AC827B0DB266EAB4C6E9
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dLzt56mR4CHTeStnckeBXlZVUGs.roa
Signing time: Sun 22 Jan 2023 23:09:37 +0000
ROA not before: Sun 22 Jan 2023 23:09:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:db:be:91:e8:bc:63:ac:82:7b:0d:b2:66:ea:b4:c6:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 22 23:09:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74bcede7a991e021d3792b677247815e5655506b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:06:ae:4c:fe:b0:82:97:98:94:9c:49:9c:25:
e9:2c:5c:21:d7:cc:e5:de:e9:d6:d1:22:28:67:5b:
03:fb:ed:a4:9b:dd:b0:55:fd:78:ce:6a:e8:4e:cb:
e2:97:d5:ec:ac:28:27:53:19:b4:e4:95:84:a5:30:
17:96:79:e1:04:88:1c:d7:03:55:0c:66:54:b5:a0:
fa:a3:37:02:46:5a:63:ba:59:20:3b:2e:04:58:85:
be:27:82:62:f1:93:7d:df:60:9d:62:b3:2c:81:91:
8d:72:04:a1:bc:5b:88:63:cf:d8:f1:1b:8e:d3:82:
7a:46:54:fa:43:37:24:48:d0:7b:81:02:40:57:79:
fc:dd:95:d2:bd:60:74:a3:28:62:20:cc:1a:d3:71:
bc:8c:c3:52:e0:81:4e:0f:25:07:b5:0b:ce:f9:37:
09:93:ed:ac:52:7a:b8:c6:a2:e6:6d:26:82:05:95:
0e:c9:d4:5b:1e:44:da:17:fa:db:5f:76:16:10:b1:
af:86:09:d2:cf:8e:e3:f2:ab:f2:9d:74:d6:7b:c7:
58:a0:79:07:9d:44:bb:dc:99:5a:c5:b0:4d:63:ff:
41:e3:c6:d7:ef:15:33:c7:9a:d0:e9:c1:16:16:39:
1f:df:b3:ff:36:2f:36:20:30:be:fd:4a:1b:f0:4f:
19:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:BC:ED:E7:A9:91:E0:21:D3:79:2B:67:72:47:81:5E:56:55:50:6B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/dLzt56mR4CHTeStnckeBXlZVUGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
50:13:ac:29:a5:9d:3a:e8:4d:2a:77:cf:d1:06:3c:e2:5b:d5:
0e:25:78:4e:fe:8e:be:88:4e:08:1e:a9:e0:6c:f0:8d:7c:c2:
07:49:7e:95:b4:47:1a:87:06:c5:d9:86:b8:c8:3f:09:12:34:
13:a2:6b:dc:22:af:d9:df:66:9a:bb:3f:c4:a6:f1:c6:59:55:
64:1a:fb:c8:01:ec:f7:3d:a9:ca:3c:6f:d6:3e:c6:cc:52:44:
e3:b4:ee:9e:15:ed:00:7b:aa:57:b1:6f:2a:86:73:7f:8f:1e:
94:73:fe:89:dd:4d:5c:38:c7:82:ff:69:30:77:53:08:05:90:
79:f9:7e:0b:ad:0a:d5:1f:ba:a0:f2:85:8d:2f:62:2d:10:c1:
91:80:66:a7:2e:0e:63:48:1e:e4:a7:8c:8a:89:a1:84:fb:10:
85:f7:34:93:c9:dd:89:85:f2:80:cd:56:97:ba:16:61:11:28:
39:5f:bd:78:9d:58:3a:e0:2d:8d:b7:da:c5:a0:76:24:1a:d8:
bb:90:a9:45:71:6a:98:2c:c0:30:ba:a1:9e:b8:b2:6f:51:16:
a9:58:de:9a:39:53:89:eb:15:de:c2:53:55:a3:7b:b9:20:25:
20:b7:de:7b:3e:58:87:bb:cb:3b:b3:16:8d:89:19:43:3f:33:
82:66:40:93
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXbvpHovGOsgnsNsmbqtMbpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTIyMjMwOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGJjZWRlN2E5OTFlMDIxZDM3OTJiNjc3MjQ3ODE1ZTU2NTU1MDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswauTP6wgpeYlJxJnCXpLFwh18zl
3unW0SIoZ1sD++2km92wVf14zmroTsvil9XsrCgnUxm05JWEpTAXlnnhBIgc1wNV
DGZUtaD6ozcCRlpjulkgOy4EWIW+J4Ji8ZN932CdYrMsgZGNcgShvFuIY8/Y8RuO
04J6RlT6QzckSNB7gQJAV3n83ZXSvWB0oyhiIMwa03G8jMNS4IFODyUHtQvO+TcJ
k+2sUnq4xqLmbSaCBZUOydRbHkTaF/rbX3YWELGvhgnSz47j8qvynXTWe8dYoHkH
nUS73JlaxbBNY/9B48bX7xUzx5rQ6cEWFjkf37P/Ni82IDC+/Uob8E8ZTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHS87eepkeAh03krZ3JHgV5WVVBrMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvZEx6dDU2bVI0Q0hUZVN0bmNrZUJYbFpWVUdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFATrCmlnTroTSp3z9EG
POJb1Q4leE7+jr6ITggeqeBs8I18wgdJfpW0RxqHBsXZhrjIPwkSNBOia9wir9nf
Zpq7P8Sm8cZZVWQa+8gB7Pc9qco8b9Y+xsxSROO07p4V7QB7qlexbyqGc3+PHpRz
/ondTVw4x4L/aTB3UwgFkHn5fgutCtUfuqDyhY0vYi0QwZGAZqcuDmNIHuSnjIqJ
oYT7EIX3NJPJ3YmF8oDNVpe6FmERKDlfvXidWDrgLY232sWgdiQa2LuQqUVxapgs
wDC6oZ64sm9RFqlY3po5U4nrFd7CU1Wje7kgJSC33ns+WIe7yzuzFo2JGUM/M4Jm
QJM=
-----END CERTIFICATE-----
Generated at Thu Jun 12 11:12:02 2025 by rpki-client