Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lAg4A11uz1n9OaEVsNWmFttmmD8.roa
File: lAg4A11uz1n9OaEVsNWmFttmmD8.roa (raw, json)
Hash identifier: R/VuVM/tZeEbyIv7bA601ysszIs92GNFCdSnMYF6ESY=
Subject key identifier: 94:08:38:03:5D:6E:CF:59:FD:39:A1:15:B0:D5:A6:16:DB:66:98:3F
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 6A9E2ED5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lAg4A11uz1n9OaEVsNWmFttmmD8.roa
Signing time: Mon 14 Feb 2022 20:10:25 +0000
ROA not before: Mon 14 Feb 2022 20:10:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1788751573 (0x6a9e2ed5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 14 20:10:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=940838035d6ecf59fd39a115b0d5a616db66983f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:69:8d:c0:dc:e7:c8:88:c1:9a:b9:cc:00:11:
74:eb:e9:f0:14:64:3e:54:58:2a:0d:e8:78:0a:76:
c4:f9:13:01:85:e5:02:77:72:74:d7:d2:c6:60:a9:
7b:db:62:12:56:39:03:a0:6a:6e:f6:de:31:74:70:
c7:5d:32:69:c9:ff:45:32:fb:ab:c7:dc:18:20:73:
5b:21:f0:5e:ff:73:0d:3e:0a:7d:f2:43:98:d4:fe:
e0:5b:5b:03:2b:ea:4b:e2:52:93:8c:22:cb:b5:2f:
a7:5c:92:62:1f:2d:ce:d8:37:08:f2:73:a4:1b:20:
81:ee:39:92:18:3b:b9:43:b8:8d:e4:f4:01:b3:af:
da:aa:d4:ec:ba:ed:ac:23:be:62:3b:02:0e:41:dd:
97:37:cd:a6:3c:26:43:53:a8:1b:bb:74:d9:31:71:
6c:d5:62:3e:f1:9f:0b:0e:ad:95:d3:38:a8:82:7d:
13:9b:1e:70:49:8f:98:b8:5e:a5:79:be:7d:1e:f5:
ac:ca:a0:2f:aa:7e:71:fc:dc:40:ca:57:0f:9c:31:
89:41:4e:5f:cb:32:a2:21:6e:66:f2:bb:03:62:63:
7f:4d:87:37:76:19:47:2d:02:e1:7c:65:76:29:40:
82:f6:eb:13:6c:da:99:2f:29:37:35:e0:73:01:88:
cf:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:08:38:03:5D:6E:CF:59:FD:39:A1:15:B0:D5:A6:16:DB:66:98:3F
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lAg4A11uz1n9OaEVsNWmFttmmD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
97:83:37:92:b2:4f:62:8e:eb:ad:33:82:88:e7:22:ce:ed:18:
e1:8f:a8:90:ef:ae:c4:55:07:90:ac:fa:5e:58:9a:bc:ed:31:
bb:29:a0:93:26:7e:44:e3:2b:25:7b:ec:e5:fb:f1:3d:19:9d:
72:93:4b:0e:e5:73:41:7a:db:04:37:fd:8f:13:38:0c:70:18:
63:d5:99:cf:50:98:ee:bc:f2:49:dc:f2:56:81:86:aa:76:cf:
aa:3e:17:d2:d6:cd:12:02:c2:5e:3f:37:e5:c1:51:47:c8:13:
0c:7f:15:8c:a4:21:24:42:a9:b6:b7:fd:92:52:f2:60:c7:37:
bb:42:39:89:4e:6b:85:d0:b6:b7:4c:3e:c9:23:50:d3:60:a0:
b8:7b:ef:28:3d:aa:26:d8:3e:22:0b:9c:fb:de:62:13:b8:c8:
e5:4c:e2:71:4b:55:f4:b6:34:e9:8c:4a:75:f5:0b:03:4e:7b:
dc:22:f1:2c:67:60:88:4d:fc:66:db:c6:8d:61:1d:48:cb:42:
98:4f:ed:b0:64:8a:c2:b9:c0:1a:d7:da:29:bb:01:1f:28:92:
57:31:dd:74:32:d3:62:ec:64:30:50:be:b8:e3:eb:dd:8f:9b:
a1:11:55:e5:d8:e7:f2:6e:9e:8a:56:39:b1:53:e9:d6:9e:72:
8d:a6:c8:53
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEap4u1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDIx
NDIwMTAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQwODM4MDM1ZDZl
Y2Y1OWZkMzlhMTE1YjBkNWE2MTZkYjY2OTgzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKFpjcDc58iIwZq5zAARdOvp8BRkPlRYKg3oeAp2xPkTAYXl
AndydNfSxmCpe9tiElY5A6BqbvbeMXRwx10yacn/RTL7q8fcGCBzWyHwXv9zDT4K
ffJDmNT+4FtbAyvqS+JSk4wiy7Uvp1ySYh8tztg3CPJzpBsgge45khg7uUO4jeT0
AbOv2qrU7LrtrCO+YjsCDkHdlzfNpjwmQ1OoG7t02TFxbNViPvGfCw6tldM4qIJ9
E5secEmPmLhepXm+fR71rMqgL6p+cfzcQMpXD5wxiUFOX8syoiFuZvK7A2Jjf02H
N3YZRy0C4XxldilAgvbrE2zamS8pNzXgcwGIz5sCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSUCDgDXW7PWf05oRWw1aYW22aYPzAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L2xBZzRBMTF1ejFuOU9hRVZzTldtRnR0bW1EOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQCXgzeSsk9ijuutM4KI5yLO7Rjhj6iQ767EVQeQ
rPpeWJq87TG7KaCTJn5E4ysle+zl+/E9GZ1yk0sO5XNBetsEN/2PEzgMcBhj1ZnP
UJjuvPJJ3PJWgYaqds+qPhfS1s0SAsJePzflwVFHyBMMfxWMpCEkQqm2t/2SUvJg
xze7QjmJTmuF0La3TD7JI1DTYKC4e+8oPaom2D4iC5z73mITuMjlTOJxS1X0tjTp
jEp19QsDTnvcIvEsZ2CITfxm28aNYR1Iy0KYT+2wZIrCucAa19opuwEfKJJXMd10
MtNi7GQwUL644+vdj5uhEVXl2Ofybp6KVjmxU+nWnnKNpshT
-----END CERTIFICATE-----
Generated at Wed Jun 11 09:20:42 2025 by rpki-client