Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DwTsp1nmA2fg8zkCrk69z3XBP-g.roa
File: DwTsp1nmA2fg8zkCrk69z3XBP-g.roa (raw, json)
Hash identifier: 1bLnoOWKMnTfVr7HZiw0GyITpBA1jGve5te+XUSkObw=
Subject key identifier: 0F:04:EC:A7:59:E6:03:67:E0:F3:39:02:AE:4E:BD:CF:75:C1:3F:E8
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01864D79274DC964773EB2C64383DFBEC1A1
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DwTsp1nmA2fg8zkCrk69z3XBP-g.roa
Signing time: Tue 14 Feb 2023 01:10:30 +0000
ROA not before: Tue 14 Feb 2023 01:10:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4d:79:27:4d:c9:64:77:3e:b2:c6:43:83:df:be:c1:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 14 01:10:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f04eca759e60367e0f33902ae4ebdcf75c13fe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4d:eb:0c:ad:50:d2:36:4f:d0:0c:41:e9:71:
37:05:ae:e2:17:28:43:59:ec:88:a7:95:f2:5b:0f:
f4:ed:58:10:87:71:74:74:28:03:4a:f4:b4:b4:30:
8d:5e:65:e6:e3:9a:a4:cb:e9:0d:96:62:0c:e6:c9:
24:43:e5:73:5d:36:25:d6:30:d6:f2:80:62:8d:93:
b9:5a:8c:6c:b8:46:67:8a:e1:c5:e0:d1:7a:f2:54:
6c:a8:fc:7c:6b:eb:4f:57:b8:32:da:c2:7f:37:f1:
00:c6:f3:a1:52:52:9b:7e:f1:2e:d8:82:30:b5:7b:
40:11:32:97:79:2c:2c:e8:a2:32:c8:6a:94:ae:ec:
95:e6:1d:b8:57:73:a8:6a:5f:58:0d:a8:61:61:5d:
f4:fa:43:4e:4f:69:ea:c2:77:80:45:34:b3:35:5c:
e6:54:8b:94:95:d5:dc:77:22:23:33:b5:06:5a:1a:
68:97:56:16:ae:3f:11:c6:0a:f2:75:ba:16:c9:92:
c4:5a:e8:85:43:4b:7c:53:4e:42:d1:5a:74:eb:a8:
46:69:ed:17:e2:c4:e0:50:92:8b:e3:3a:0e:19:98:
5a:91:b9:fa:12:96:2a:24:0a:fd:23:d4:2b:31:53:
6b:86:77:73:07:4a:1e:9a:4a:d7:a1:c3:27:bb:8b:
be:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:04:EC:A7:59:E6:03:67:E0:F3:39:02:AE:4E:BD:CF:75:C1:3F:E8
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/DwTsp1nmA2fg8zkCrk69z3XBP-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9d:7a:da:ad:65:1a:9a:d6:ce:4a:95:69:f8:92:49:78:40:9d:
6c:e4:0e:4e:1c:61:0c:f0:d6:9d:d4:95:ac:2d:a9:76:81:23:
10:1f:7f:1f:85:22:5a:56:d6:59:50:b4:0a:00:d2:34:8f:3c:
38:9b:5f:9f:a1:22:5c:a9:da:00:9e:74:2e:e9:65:30:45:b3:
e2:c6:e3:3b:18:f9:6e:f0:af:78:fd:ef:ed:25:17:9b:70:1e:
30:cf:a4:0c:42:75:b0:68:b4:7c:1a:aa:7b:97:74:57:6e:9f:
ea:91:6e:bc:16:d3:0c:ac:e7:39:18:44:d7:c6:c8:4c:ae:fc:
12:a8:31:c5:93:3d:c1:02:cd:54:e9:15:0e:d5:b3:4c:24:d6:
b3:8e:14:49:34:dc:13:70:40:64:92:6f:5c:f7:bb:93:c2:63:
80:e8:be:8c:ff:f6:4b:82:06:a0:9d:e9:be:7e:3b:4b:3c:0f:
98:36:6a:20:f8:91:50:4e:b7:1f:77:d8:67:b1:b0:ec:f9:27:
3d:be:34:03:81:53:fb:a9:e1:2c:ab:24:c6:c7:ba:01:6d:3a:
0b:aa:da:8d:fa:6d:fc:46:58:4f:03:ec:be:8b:62:be:bc:39:
2d:3a:c7:3c:7e:cc:f2:4b:95:5c:e8:97:da:6e:1c:28:8e:af:
ba:4f:69:4c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZNeSdNyWR3PrLGQ4PfvsGhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE0MDExMDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjA0ZWNhNzU5ZTYwMzY3ZTBmMzM5MDJhZTRlYmRjZjc1YzEzZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo03rDK1Q0jZP0AxB6XE3Ba7iFyhD
WeyIp5XyWw/07VgQh3F0dCgDSvS0tDCNXmXm45qky+kNlmIM5skkQ+VzXTYl1jDW
8oBijZO5WoxsuEZniuHF4NF68lRsqPx8a+tPV7gy2sJ/N/EAxvOhUlKbfvEu2IIw
tXtAETKXeSws6KIyyGqUruyV5h24V3Ooal9YDahhYV30+kNOT2nqwneARTSzNVzm
VIuUldXcdyIjM7UGWhpol1YWrj8RxgrydboWyZLEWuiFQ0t8U05C0Vp066hGae0X
4sTgUJKL4zoOGZhakbn6EpYqJAr9I9QrMVNrhndzB0oemkrXocMnu4u+IwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA8E7KdZ5gNn4PM5Aq5Ovc91wT/oMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvRHdUc3Axbm1BMmZnOHprQ3JrNjl6M1hCUC1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ162q1lGprWzkqVafiS
SXhAnWzkDk4cYQzw1p3UlawtqXaBIxAffx+FIlpW1llQtAoA0jSPPDibX5+hIlyp
2gCedC7pZTBFs+LG4zsY+W7wr3j97+0lF5twHjDPpAxCdbBotHwaqnuXdFdun+qR
brwW0wys5zkYRNfGyEyu/BKoMcWTPcECzVTpFQ7Vs0wk1rOOFEk03BNwQGSSb1z3
u5PCY4Dovoz/9kuCBqCd6b5+O0s8D5g2aiD4kVBOtx932GexsOz5Jz2+NAOBU/up
4SyrJMbHugFtOguq2o36bfxGWE8D7L6LYr68OS06xzx+zPJLlVzol9puHCiOr7pP
aUw=
-----END CERTIFICATE-----
Generated at Fri May 2 15:15:21 2025 by rpki-client