Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lUtd7KaiCImJe43tk-w1ybzEbhE.roa
File: lUtd7KaiCImJe43tk-w1ybzEbhE.roa (raw, json)
Hash identifier: w/Z1RMtkmi8Z1zgJiMXnDcG+i2RU4QuXJAeue8QAq8U=
Subject key identifier: 95:4B:5D:EC:A6:A2:08:89:89:7B:8D:ED:93:EC:35:C9:BC:C4:6E:11
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189E17B415BA27532A4162B4D33AD993275
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lUtd7KaiCImJe43tk-w1ybzEbhE.roa
Signing time: Thu 10 Aug 2023 22:04:58 +0000
ROA not before: Thu 10 Aug 2023 22:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
2001:67c:64:ffff:0:189:e17a:8c12/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e1:7b:41:5b:a2:75:32:a4:16:2b:4d:33:ad:99:32:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 10 22:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=954b5deca6a20889897b8ded93ec35c9bcc46e11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:14:cd:c3:40:2e:ca:db:13:d7:d9:42:57:ee:
18:d9:fc:dd:6a:87:fa:34:7c:62:1f:60:24:66:a9:
b2:f1:a4:83:44:db:28:0c:24:c5:26:31:c7:7b:3d:
46:87:15:f8:25:d2:1a:62:98:32:cc:3a:41:c3:da:
29:f6:5c:f6:b7:3c:5e:d8:c2:8c:97:b6:57:96:d2:
e9:b7:fa:87:37:93:a9:56:b7:ab:0f:bf:0b:27:61:
8e:d3:8a:9b:a7:f0:27:00:f5:47:a6:97:38:e6:be:
80:96:14:b1:c6:f7:68:5e:20:83:af:7c:bd:2a:f4:
a1:40:34:66:75:91:17:5e:93:4d:57:f8:ba:4f:aa:
3b:39:62:94:50:95:ee:6b:c6:d3:f4:32:fc:44:7e:
9f:45:12:ef:46:31:f6:34:87:32:79:51:8c:01:c5:
e8:c4:74:46:d5:4e:cb:c9:3e:a5:c2:96:7f:15:f9:
c8:b0:b4:b2:d2:2f:c2:fc:a1:da:ff:8d:d1:f5:3d:
5c:c5:17:89:ad:5b:19:b0:98:96:f6:0b:7b:bf:8b:
50:18:88:49:d2:15:68:1c:59:4c:97:01:72:2f:ad:
5e:2c:3f:cf:fe:f9:b0:34:04:ae:a0:69:a5:db:2a:
2c:9f:53:fd:e9:62:33:fa:0d:3c:82:c1:4a:0a:77:
13:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:4B:5D:EC:A6:A2:08:89:89:7B:8D:ED:93:EC:35:C9:BC:C4:6E:11
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/lUtd7KaiCImJe43tk-w1ybzEbhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6e:d9:00:75:b6:39:79:22:06:f7:8a:2e:73:29:37:1c:d4:11:
59:ad:7a:73:5f:20:ce:0c:38:73:15:2d:19:7b:31:20:1e:e5:
5f:90:ad:de:58:28:ed:75:2b:c6:9b:fb:87:e0:3e:35:c4:b7:
4b:09:c0:7a:a2:13:e2:fb:8c:30:1b:17:8f:14:bb:14:5d:78:
e2:67:d0:bf:75:a8:7b:b4:c6:f9:ce:66:13:36:bd:d9:6d:c2:
5c:31:e7:a1:0b:3f:c8:d1:73:bf:89:3d:b1:8d:50:9d:2c:b8:
cb:22:ad:c1:d3:17:21:53:fd:e4:6d:02:20:5c:de:00:9a:e8:
3a:ac:12:62:66:55:a9:9f:cd:0d:37:24:38:79:59:94:bc:a1:
df:ae:a8:61:f6:9e:e5:4e:5e:66:d1:17:b7:ef:0f:a1:8c:bf:
cb:33:a8:eb:18:88:78:95:da:b8:fb:d0:f6:1a:81:50:a2:98:
1b:40:40:35:5c:5e:14:f0:9d:5f:70:89:ad:8e:fd:4b:87:71:
18:7c:e4:6c:38:d5:bc:98:59:97:0f:d2:3d:0e:97:ae:cd:ee:
19:d3:78:5c:6f:a3:f1:11:71:e6:bc:c8:90:5e:37:88:ae:e2:
2d:bd:bb:e0:c2:ff:c4:fa:30:2b:27:45:75:f8:8e:56:42:44:
af:ac:c9:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnhe0FbonUypBYrTTOtmTJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODEwMjIwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTRiNWRlY2E2YTIwODg5ODk3YjhkZWQ5M2VjMzVjOWJjYzQ2ZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBTNw0AuytsT19lCV+4Y2fzdaof6
NHxiH2AkZqmy8aSDRNsoDCTFJjHHez1GhxX4JdIaYpgyzDpBw9op9lz2tzxe2MKM
l7ZXltLpt/qHN5OpVrerD78LJ2GO04qbp/AnAPVHppc45r6AlhSxxvdoXiCDr3y9
KvShQDRmdZEXXpNNV/i6T6o7OWKUUJXua8bT9DL8RH6fRRLvRjH2NIcyeVGMAcXo
xHRG1U7LyT6lwpZ/FfnIsLSy0i/C/KHa/43R9T1cxReJrVsZsJiW9gt7v4tQGIhJ
0hVoHFlMlwFyL61eLD/P/vmwNASuoGml2yosn1P96WIz+g08gsFKCncTAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJVLXeymogiJiXuN7ZPsNcm8xG4RMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvbFV0ZDdLYWlDSW1KZTQzdGstdzF5YnpFYmhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG7ZAHW2OXkiBveKLnMp
NxzUEVmtenNfIM4MOHMVLRl7MSAe5V+Qrd5YKO11K8ab+4fgPjXEt0sJwHqiE+L7
jDAbF48UuxRdeOJn0L91qHu0xvnOZhM2vdltwlwx56ELP8jRc7+JPbGNUJ0suMsi
rcHTFyFT/eRtAiBc3gCa6DqsEmJmVamfzQ03JDh5WZS8od+uqGH2nuVOXmbRF7fv
D6GMv8szqOsYiHiV2rj70PYagVCimBtAQDVcXhTwnV9wia2O/UuHcRh85Gw41byY
WZcP0j0Ol67N7hnTeFxvo/ERcea8yJBeN4iu4i29u+DC/8T6MCsnRXX4jlZCRK+s
yQI=
-----END CERTIFICATE-----
Generated at Wed Jun 11 11:51:12 2025 by rpki-client