Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TKZ5W7YaFtI9DxHZcmVhkVvSNdg.roa
File: TKZ5W7YaFtI9DxHZcmVhkVvSNdg.roa (raw, json)
Hash identifier: Rzkr3pyMO+4XAbRT/hfrW1U8ynz5KHL9G1XxVH86THI=
Subject key identifier: 4C:A6:79:5B:B6:1A:16:D2:3D:0F:11:D9:72:65:61:91:5B:D2:35:D8
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A14C9D41A4DBB117EBCB7C0963F0591C9
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TKZ5W7YaFtI9DxHZcmVhkVvSNdg.roa
Signing time: Sun 20 Aug 2023 21:11:25 +0000
ROA not before: Sun 20 Aug 2023 21:11:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:14:c9:d4:1a:4d:bb:11:7e:bc:b7:c0:96:3f:05:91:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 20 21:11:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ca6795bb61a16d23d0f11d9726561915bd235d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0d:35:68:0b:54:16:9e:21:55:df:b0:07:5b:
e7:8a:88:f4:2e:94:5b:30:ea:11:58:36:20:84:75:
cf:d0:9f:d8:80:81:2b:8f:d3:1f:3d:91:cc:cf:7a:
a4:70:ba:91:ac:eb:4e:96:86:fc:99:90:f6:50:90:
7b:c5:b9:ce:78:68:2f:8e:77:ce:de:5f:e6:df:cd:
9f:56:77:63:39:44:0b:be:28:6e:b7:35:a5:95:13:
ac:3b:ea:78:28:3e:24:71:d7:29:d3:2c:70:ac:e6:
04:e5:27:1b:ee:80:92:bc:63:18:67:26:e1:7d:b1:
f6:c2:fe:27:a5:d6:f8:d6:40:31:14:b4:61:b8:c1:
83:c3:6b:8b:e7:62:d4:38:75:2a:03:87:bd:25:af:
8b:41:cf:74:a0:02:84:9e:8b:b2:4e:3c:ad:3d:cd:
22:5c:9d:b5:03:46:72:7b:8f:7c:b7:0b:23:6d:5b:
3d:a7:6a:75:ef:4b:04:fb:cd:b4:0a:df:a4:05:9f:
a2:93:89:cf:a4:ec:74:ea:f8:f8:6a:e0:fa:1b:e8:
61:fa:36:02:97:38:93:2e:57:17:11:64:6c:65:38:
19:db:84:53:40:b1:65:ba:be:ee:be:2b:f5:ec:07:
7a:1f:0f:b6:d4:fa:65:4b:70:cd:c3:0a:24:57:a0:
3a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:A6:79:5B:B6:1A:16:D2:3D:0F:11:D9:72:65:61:91:5B:D2:35:D8
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TKZ5W7YaFtI9DxHZcmVhkVvSNdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7d:04:c2:6a:80:e1:97:5a:8b:e4:20:53:89:fc:e7:35:39:3a:
a6:75:1d:a1:45:a5:e6:28:58:e1:2b:dc:7e:26:c3:de:da:63:
5f:34:87:9c:06:28:d4:7d:0f:31:e9:bb:97:92:0a:53:6c:52:
05:e6:22:96:58:86:fd:b5:8c:49:0e:55:ff:8a:ec:05:63:25:
f0:36:89:77:0a:8b:76:48:f9:2f:32:10:57:6d:a1:a9:0f:a0:
2d:a0:b5:d7:b9:a2:60:39:f3:a3:c4:d0:75:78:1f:b8:28:23:
83:7a:7f:2f:01:75:65:d3:c0:9d:4a:6f:0f:26:fb:5a:98:21:
7f:92:52:0b:a5:cc:51:33:82:6b:45:6c:1c:00:87:1e:34:87:
1c:0c:89:e5:1a:47:47:03:d8:c4:5b:8d:2a:50:ea:a6:b9:a2:
da:09:3a:08:8a:15:24:09:0f:9e:bb:29:3d:0a:a6:7d:bb:a1:
6a:a9:37:91:5d:50:c7:b7:da:48:b6:64:d6:ac:90:47:37:c5:
28:0e:dc:a0:16:cd:b3:f9:f2:07:44:ae:b8:f0:0c:e3:9b:ca:
a2:1b:0d:f6:d9:31:6b:c5:92:f6:9c:41:16:32:62:3e:e1:32:
1a:7b:3e:f4:d8:72:ec:2d:23:66:2d:dc:e0:7b:dd:13:6a:9a:
96:00:01:1b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoUydQaTbsRfry3wJY/BZHJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIwMjExMTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2E2Nzk1YmI2MWExNmQyM2QwZjExZDk3MjY1NjE5MTViZDIzNWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArw01aAtUFp4hVd+wB1vnioj0LpRb
MOoRWDYghHXP0J/YgIErj9MfPZHMz3qkcLqRrOtOlob8mZD2UJB7xbnOeGgvjnfO
3l/m382fVndjOUQLvihutzWllROsO+p4KD4kcdcp0yxwrOYE5Scb7oCSvGMYZybh
fbH2wv4npdb41kAxFLRhuMGDw2uL52LUOHUqA4e9Ja+LQc90oAKEnouyTjytPc0i
XJ21A0Zye498twsjbVs9p2p170sE+820Ct+kBZ+ik4nPpOx06vj4auD6G+hh+jYC
lziTLlcXEWRsZTgZ24RTQLFlur7uviv17Ad6Hw+21PplS3DNwwokV6A6UQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEymeVu2GhbSPQ8R2XJlYZFb0jXYMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVEtaNVc3WWFGdEk5RHhIWmNtVmhrVnZTTmRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH0EwmqA4Zdai+QgU4n8
5zU5OqZ1HaFFpeYoWOEr3H4mw97aY180h5wGKNR9DzHpu5eSClNsUgXmIpZYhv21
jEkOVf+K7AVjJfA2iXcKi3ZI+S8yEFdtoakPoC2gtde5omA586PE0HV4H7goI4N6
fy8BdWXTwJ1Kbw8m+1qYIX+SUgulzFEzgmtFbBwAhx40hxwMieUaR0cD2MRbjSpQ
6qa5otoJOgiKFSQJD567KT0Kpn27oWqpN5FdUMe32ki2ZNaskEc3xSgO3KAWzbP5
8gdErrjwDOObyqIbDfbZMWvFkvacQRYyYj7hMhp7PvTYcuwtI2Yt3OB73RNqmpYA
ARs=
-----END CERTIFICATE-----
Generated at Thu May 1 00:40:51 2025 by rpki-client