Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/F93xDyDyF3N5oJ4U1rOqARM_tys.roa
File: F93xDyDyF3N5oJ4U1rOqARM_tys.roa (raw, json)
Hash identifier: jDoSewIOpRRGPGzHHGYC3bd2gjI+nGpOSXosmebqBMk=
Subject key identifier: 17:DD:F1:0F:20:F2:17:73:79:A0:9E:14:D6:B3:AA:01:13:3F:B7:2B
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 70F4592D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/F93xDyDyF3N5oJ4U1rOqARM_tys.roa
Signing time: Wed 09 Mar 2022 05:09:36 +0000
ROA not before: Wed 09 Mar 2022 05:09:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64:ffff:0:17f:20ac:a2bd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1895061805 (0x70f4592d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 9 05:09:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=17ddf10f20f2177379a09e14d6b3aa01133fb72b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f8:88:d8:af:c7:f4:a0:c8:17:cf:ac:de:2b:
d4:44:d0:08:87:b9:68:b9:d8:a3:38:7a:15:cb:28:
e6:f0:07:0a:21:5a:eb:37:4a:fa:c5:35:f8:8e:13:
e6:f8:b8:f9:72:9e:fa:63:c3:91:27:dc:ad:ae:01:
d0:1d:78:ea:b5:2f:0c:39:44:31:a7:95:2e:9b:a8:
d1:86:21:05:83:14:b2:48:39:9e:3b:ea:85:70:0b:
9d:75:af:6b:c3:fb:85:8d:f2:b3:29:6d:2b:51:79:
23:ca:0e:80:7a:5a:82:78:4c:68:7c:b0:8f:f0:84:
30:07:9b:b5:9c:5c:2c:89:32:0f:9d:9b:1d:cb:63:
7f:ff:e4:a4:f9:47:b4:e2:ed:d4:c5:3c:d6:41:f5:
ef:94:f5:37:41:02:3f:fe:93:7f:25:40:ce:12:6f:
34:77:2e:41:76:eb:f2:a4:c2:f7:ea:f2:d4:2d:4b:
13:b7:b6:a5:cf:3d:c3:b2:31:bc:34:98:35:8c:04:
74:fc:60:7a:b6:39:a3:2f:03:b5:eb:49:09:bc:d6:
a0:be:51:b0:c8:82:ba:2e:6e:03:1c:66:7e:a5:74:
f7:07:50:f4:12:81:42:b7:48:a0:13:24:5b:c4:be:
1f:da:f5:de:b8:8a:89:e6:af:c4:45:14:b5:0f:c3:
fe:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:DD:F1:0F:20:F2:17:73:79:A0:9E:14:D6:B3:AA:01:13:3F:B7:2B
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/F93xDyDyF3N5oJ4U1rOqARM_tys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
80:8e:6b:ca:7d:9a:a5:fa:54:79:c5:f4:85:ae:17:3f:56:85:
dd:83:be:52:45:3d:39:1f:f8:77:06:1a:b9:cd:bf:26:1f:b5:
e9:c0:a2:01:d1:fa:ef:fc:0f:2d:70:3b:cd:4a:0c:29:a3:9d:
e3:97:e7:ff:86:46:29:44:23:33:08:12:4d:bc:18:58:02:bd:
4d:ba:88:fe:67:31:67:ba:87:1f:31:7b:5b:22:e4:95:56:86:
8c:f4:c0:f7:34:5c:b9:14:ca:cb:cd:ca:8d:c8:c0:71:10:0e:
a7:ea:a4:e7:68:a1:74:2d:ec:92:f0:10:66:a5:bf:9d:07:03:
a3:8d:51:dd:4b:22:b0:e9:27:96:b2:d4:f1:bb:87:5c:c1:b6:
17:7e:c0:62:a4:17:df:c3:0a:b8:51:86:75:53:62:9c:16:df:
3a:2a:a9:15:97:34:cd:6d:0c:ed:b2:0e:83:67:a1:3e:e4:33:
af:e6:f5:2e:7d:45:72:94:0b:ea:4a:ab:38:cc:2a:64:fb:0d:
c4:5e:db:81:a2:57:2d:76:9e:c3:5c:79:ee:67:0d:44:2c:4b:
c2:00:b3:d7:52:66:f7:e3:3c:f8:91:90:39:a0:d8:6a:fd:ce:
fa:a1:57:76:97:38:49:8a:e8:f4:11:5b:ac:69:82:19:05:4a:
f0:fc:e7:28
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEcPRZLTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDMw
OTA1MDkzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTdkZGYxMGYyMGYy
MTc3Mzc5YTA5ZTE0ZDZiM2FhMDExMzNmYjcyYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL34iNivx/SgyBfPrN4r1ETQCIe5aLnYozh6Fcso5vAHCiFa
6zdK+sU1+I4T5vi4+XKe+mPDkSfcra4B0B146rUvDDlEMaeVLpuo0YYhBYMUskg5
njvqhXALnXWva8P7hY3ysyltK1F5I8oOgHpagnhMaHywj/CEMAebtZxcLIkyD52b
Hctjf//kpPlHtOLt1MU81kH175T1N0ECP/6TfyVAzhJvNHcuQXbr8qTC9+ry1C1L
E7e2pc89w7IxvDSYNYwEdPxgerY5oy8DtetJCbzWoL5RsMiCui5uAxxmfqV09wdQ
9BKBQrdIoBMkW8S+H9r13riKieavxEUUtQ/D/sECAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQX3fEPIPIXc3mgnhTWs6oBEz+3KzAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L0Y5M3hEeUR5RjNONW9KNFUxck9xQVJNX3R5cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQCAjmvKfZql+lR5xfSFrhc/VoXdg75SRT05H/h3
Bhq5zb8mH7XpwKIB0frv/A8tcDvNSgwpo53jl+f/hkYpRCMzCBJNvBhYAr1Nuoj+
ZzFnuocfMXtbIuSVVoaM9MD3NFy5FMrLzcqNyMBxEA6n6qTnaKF0LeyS8BBmpb+d
BwOjjVHdSyKw6SeWstTxu4dcwbYXfsBipBffwwq4UYZ1U2KcFt86KqkVlzTNbQzt
sg6DZ6E+5DOv5vUufUVylAvqSqs4zCpk+w3EXtuBolctdp7DXHnuZw1ELEvCALPX
Umb34zz4kZA5oNhq/c76oVd2lzhJiuj0EVusaYIZBUrw/Oco
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:38:12 2025 by rpki-client