Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lHDZ0qLzdTDZKTqY30wvCg1DdtA.roa
File: lHDZ0qLzdTDZKTqY30wvCg1DdtA.roa (raw, json)
Hash identifier: DQ+M6HyNBt264QpxLm66kz/jijl1fjS1ZntRHTu+5N0=
Subject key identifier: 94:70:D9:D2:A2:F3:75:30:D9:29:3A:98:DF:4C:2F:0A:0D:43:76:D0
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 8EEDB6B1
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lHDZ0qLzdTDZKTqY30wvCg1DdtA.roa
Signing time: Wed 22 Jun 2022 10:15:34 +0000
ROA not before: Wed 22 Jun 2022 10:15:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:181:56ba:5b78/128 maxlen: 128
2001:67c:64:ffff:0:181:22f:7a99/128 maxlen: 128
2001:67c:64:ffff:0:181:477e:58d8/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2397943473 (0x8eedb6b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 22 10:15:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9470d9d2a2f37530d9293a98df4c2f0a0d4376d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f9:05:13:99:23:cb:76:4e:55:01:04:05:c9:
4c:00:9c:4c:7d:a9:02:80:1c:f2:ac:32:fc:ec:f5:
48:d9:a5:8d:22:ae:46:df:32:12:3f:1d:6b:f4:e8:
e2:95:8c:b5:50:28:13:7d:61:60:4f:b4:f2:60:7a:
27:1b:eb:5b:3a:73:8b:7f:68:f9:03:36:08:aa:e9:
0a:6d:0e:5e:fd:bb:ef:d1:0c:ab:45:e0:fc:e5:f2:
82:25:e5:5a:9e:8e:6f:f6:1b:d3:04:c5:d1:33:76:
ac:c8:19:22:ac:86:ae:ef:b2:65:a7:85:9f:40:0e:
eb:28:92:ec:92:2d:ab:58:61:48:61:f3:14:8a:9f:
e9:45:58:9d:c8:fb:e4:1d:2c:aa:d1:3e:ce:82:b2:
aa:c7:9d:07:20:88:12:e4:f1:d2:c3:16:db:92:c7:
9f:8d:f4:8b:27:30:60:01:bf:10:b1:05:54:9b:7d:
99:39:49:d9:f5:dd:ed:28:3c:c1:4b:cc:37:7a:fb:
5c:0e:e5:f0:35:1c:23:89:7d:cc:d7:e9:0c:d7:b8:
20:7e:cb:79:dd:16:d9:81:05:6b:4c:ae:80:16:fd:
85:13:2f:98:b9:16:a6:61:2b:78:58:33:8f:a9:d5:
af:e5:f8:80:73:74:a3:93:3f:37:50:e9:b3:28:1b:
b2:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:70:D9:D2:A2:F3:75:30:D9:29:3A:98:DF:4C:2F:0A:0D:43:76:D0
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lHDZ0qLzdTDZKTqY30wvCg1DdtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5a:0e:8c:45:e3:12:e9:75:3d:58:91:da:46:bf:0b:b3:5f:d7:
68:df:42:28:ba:27:71:d2:23:15:d5:d6:01:42:ce:f2:d5:b0:
d9:5f:59:05:84:10:3b:ac:62:22:7d:13:49:2d:a9:c5:15:35:
c9:66:b4:6d:0e:42:76:7e:5e:55:6f:ff:2d:a5:66:1c:ff:a1:
e7:43:f5:55:fc:a5:ce:f8:af:0a:68:11:3d:a6:53:b7:ec:aa:
fd:99:18:45:4a:7a:f4:3c:df:31:12:98:99:ad:7e:34:ff:b7:
9a:56:fd:1c:4b:78:fa:95:99:f1:06:30:69:8a:49:de:86:23:
ff:7b:9f:f0:a3:6d:6c:f9:e0:e5:6c:b8:5b:71:79:75:9b:6f:
52:b7:9f:a4:1e:3c:ec:e0:1a:39:ac:ff:1b:92:07:50:74:16:
96:8f:55:0f:90:4e:c6:52:70:c8:bc:b1:0a:cf:d9:cc:b3:14:
11:30:e3:2d:b1:28:99:12:5b:ac:07:c9:ec:41:85:19:dd:8f:
e1:89:01:05:be:3d:9c:7c:70:16:86:a2:ce:ae:19:ee:d3:50:
98:34:51:e8:ee:b6:69:be:e9:e3:80:68:72:4e:73:36:ae:50:
46:b9:7b:75:3b:75:b1:f8:47:0e:d3:ce:34:df:26:6a:f8:93:
7f:14:52:79
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAI7ttrEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA2
MjIxMDE1MzRaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDk0NzBkOWQyYTJm
Mzc1MzBkOTI5M2E5OGRmNGMyZjBhMGQ0Mzc2ZDAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCi+QUTmSPLdk5VAQQFyUwAnEx9qQKAHPKsMvzs9UjZpY0i
rkbfMhI/HWv06OKVjLVQKBN9YWBPtPJgeicb61s6c4t/aPkDNgiq6QptDl79u+/R
DKtF4Pzl8oIl5Vqejm/2G9MExdEzdqzIGSKshq7vsmWnhZ9ADusokuySLatYYUhh
8xSKn+lFWJ3I++QdLKrRPs6CsqrHnQcgiBLk8dLDFtuSx5+N9IsnMGABvxCxBVSb
fZk5Sdn13e0oPMFLzDd6+1wO5fA1HCOJfczX6QzXuCB+y3ndFtmBBWtMroAW/YUT
L5i5FqZhK3hYM4+p1a/l+IBzdKOTPzdQ6bMoG7LrAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUlHDZ0qLzdTDZKTqY30wvCg1DdtAwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9sSERaMHFMemRURFpLVHFZMzB3dkNnMURkdEEucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAWg6MReMS6XU9WJHaRr8Ls1/XaN9CKLoncdIj
FdXWAULO8tWw2V9ZBYQQO6xiIn0TSS2pxRU1yWa0bQ5Cdn5eVW//LaVmHP+h50P1
VfylzvivCmgRPaZTt+yq/ZkYRUp69DzfMRKYma1+NP+3mlb9HEt4+pWZ8QYwaYpJ
3oYj/3uf8KNtbPng5Wy4W3F5dZtvUrefpB487OAaOaz/G5IHUHQWlo9VD5BOxlJw
yLyxCs/ZzLMUETDjLbEomRJbrAfJ7EGFGd2P4YkBBb49nHxwFoaizq4Z7tNQmDRR
6O62ab7p44Bock5zNq5QRrl7dTt1sfhHDtPONN8maviTfxRSeQ==
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:00:21 2025 by rpki-client