Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TLgnfxOFSDJ51iJqpf1PRt1k00g.roa
File: TLgnfxOFSDJ51iJqpf1PRt1k00g.roa (raw, json)
Hash identifier: h3mltDZtvL0mD6Tfo/zTkBJk4++gNPFt8ntHAi0wgUw=
Subject key identifier: 4C:B8:27:7F:13:85:48:32:79:D6:22:6A:A5:FD:4F:46:DD:64:D3:48
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018676DE2DD5BDBCF57C9CEE6AA41AEAB0C0
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TLgnfxOFSDJ51iJqpf1PRt1k00g.roa
Signing time: Wed 22 Feb 2023 02:05:17 +0000
ROA not before: Wed 22 Feb 2023 02:05:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:76dd:5ee9/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:76:de:2d:d5:bd:bc:f5:7c:9c:ee:6a:a4:1a:ea:b0:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 22 02:05:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4cb8277f1385483279d6226aa5fd4f46dd64d348
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:36:ee:29:03:90:0d:fc:8a:9f:e7:03:81:9a:
d6:8a:4b:28:2a:f6:38:37:df:d9:78:50:64:48:39:
bd:e5:73:6d:0a:81:ff:b2:7a:04:7b:59:32:85:a0:
17:eb:e4:7f:f4:89:ce:98:04:e1:c5:b3:43:8a:95:
4a:5f:b0:38:28:dc:36:d2:91:7a:83:18:70:77:bb:
a0:83:5e:75:66:84:59:bf:52:30:41:80:a1:7b:2d:
c2:0a:6d:04:d4:39:6a:0d:67:73:57:4f:8a:ee:3e:
97:51:bf:7b:44:d1:04:bf:13:d5:18:18:3d:ed:49:
b5:71:b8:93:37:a4:b2:65:97:f5:eb:09:5f:ad:1b:
35:6e:48:c4:32:8d:04:9d:47:52:86:c6:ac:5e:2a:
79:a2:b1:0c:a7:b5:fd:64:9b:8e:09:59:34:9e:38:
c8:74:38:5d:03:ca:ce:3b:56:ff:ff:2c:5d:35:74:
0d:e2:c5:f0:ab:e1:d8:37:25:12:05:a0:7b:6a:09:
bb:80:a2:81:4c:a6:e8:87:b2:58:3f:89:e1:1f:51:
61:e0:fb:00:14:5b:74:df:82:58:be:44:68:02:20:
53:8e:83:aa:ea:c4:2d:96:db:75:cb:09:2d:62:4e:
c1:ba:04:29:56:85:d8:67:1b:4c:fa:3b:7c:08:68:
6a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:B8:27:7F:13:85:48:32:79:D6:22:6A:A5:FD:4F:46:DD:64:D3:48
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TLgnfxOFSDJ51iJqpf1PRt1k00g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:ea:95:04:79:b8:19:5b:b2:b1:d5:9d:d4:bc:57:ae:3d:95:
f2:21:04:4f:5d:19:7c:34:7d:23:94:f8:b5:fb:bd:2c:a0:f3:
5a:b4:c6:bc:73:81:b8:53:ca:09:d4:a1:a0:a2:d9:63:db:9b:
b3:d1:d6:3a:77:b2:7d:e2:16:5d:f3:d6:19:67:8f:d7:8e:f6:
6e:24:67:76:b6:ec:6c:55:9c:77:1a:82:dc:09:5d:d2:72:69:
b3:06:f1:c9:19:86:6e:78:ae:c9:05:cf:14:d6:e1:db:a2:95:
6c:e1:75:c0:ed:50:11:92:66:37:d6:74:7c:0d:19:b6:d9:1d:
65:cb:cc:5e:0a:26:23:57:57:18:89:61:ba:0c:33:44:2d:1e:
c5:b8:c4:db:11:20:dd:6c:0a:51:c4:29:23:66:4d:2f:49:7e:
35:57:16:f3:3f:f3:eb:99:65:3f:d1:a1:54:5f:7d:1c:a6:14:
4a:84:a0:81:11:6a:b1:3f:d1:f4:12:f3:5a:86:8b:db:ce:f2:
6a:c3:a6:9e:e8:04:bc:63:8e:4a:aa:d0:53:9f:de:31:8c:ad:
8c:61:4b:b2:ef:b1:26:27:12:94:b3:71:be:c8:a1:93:bb:d6:
7a:a5:9f:fa:6e:9c:42:b4:64:03:91:1d:ab:6f:2e:92:20:9c:
eb:b1:4e:2d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZ23i3Vvbz1fJzuaqQa6rDAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjIyMDIwNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2I4Mjc3ZjEzODU0ODMyNzlkNjIyNmFhNWZkNGY0NmRkNjRkMzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDbuKQOQDfyKn+cDgZrWiksoKvY4
N9/ZeFBkSDm95XNtCoH/snoEe1kyhaAX6+R/9InOmAThxbNDipVKX7A4KNw20pF6
gxhwd7ugg151ZoRZv1IwQYChey3CCm0E1DlqDWdzV0+K7j6XUb97RNEEvxPVGBg9
7Um1cbiTN6SyZZf16wlfrRs1bkjEMo0EnUdShsasXip5orEMp7X9ZJuOCVk0njjI
dDhdA8rOO1b//yxdNXQN4sXwq+HYNyUSBaB7agm7gKKBTKboh7JYP4nhH1Fh4PsA
FFt034JYvkRoAiBTjoOq6sQtltt1ywktYk7BugQpVoXYZxtM+jt8CGhqHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEy4J38ThUgyedYiaqX9T0bdZNNIMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVExnbmZ4T0ZTREo1MWlKcXBmMVBSdDFrMDBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI7qlQR5uBlbsrHVndS8
V649lfIhBE9dGXw0fSOU+LX7vSyg81q0xrxzgbhTygnUoaCi2WPbm7PR1jp3sn3i
Fl3z1hlnj9eO9m4kZ3a27GxVnHcagtwJXdJyabMG8ckZhm54rskFzxTW4duilWzh
dcDtUBGSZjfWdHwNGbbZHWXLzF4KJiNXVxiJYboMM0QtHsW4xNsRIN1sClHEKSNm
TS9JfjVXFvM/8+uZZT/RoVRffRymFEqEoIERarE/0fQS81qGi9vO8mrDpp7oBLxj
jkqq0FOf3jGMrYxhS7LvsSYnEpSzcb7IoZO71nqln/punEK0ZAORHatvLpIgnOux
Ti0=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:48:05 2025 by rpki-client