Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TMRw9TLOvCiP-_7hUHYhUl_hNT0.roa
File: TMRw9TLOvCiP-_7hUHYhUl_hNT0.roa (raw, json)
Hash identifier: CrshyAzLSoElxE8bKXW7zybzusuSHmisMezoxVB4bR0=
Subject key identifier: 4C:C4:70:F5:32:CE:BC:28:8F:FB:FE:E1:50:76:21:52:5F:E1:35:3D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01852ECAE5F1776FD29C7E10A7A6BC1CD36C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TMRw9TLOvCiP-_7hUHYhUl_hNT0.roa
Signing time: Tue 20 Dec 2022 09:08:46 +0000
ROA not before: Tue 20 Dec 2022 09:08:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2e:ca:e5:f1:77:6f:d2:9c:7e:10:a7:a6:bc:1c:d3:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 20 09:08:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4cc470f532cebc288ffbfee1507621525fe1353d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:12:99:f4:fb:b3:1c:0d:c7:19:40:db:5a:da:
b6:80:ad:b1:5a:81:c2:01:3f:86:08:03:86:83:f9:
7e:7f:cd:a5:0e:0d:af:4d:8f:4f:5f:5e:3d:06:fe:
05:a7:9c:d5:e5:c4:6c:23:d7:91:f4:17:ae:84:8a:
47:d3:c2:37:13:5f:31:51:ea:26:85:39:cf:7e:74:
73:af:27:70:5f:98:1d:e8:cb:ca:dc:c6:aa:40:8e:
e5:8d:5f:d6:fb:5d:2d:e4:18:20:9f:60:d0:ee:b8:
4a:19:99:23:f7:24:c5:ec:d1:fe:da:28:5a:f3:3f:
4c:05:09:e9:ce:c2:80:fa:da:bd:f2:a6:ff:d0:93:
e2:07:0e:e2:6e:df:a1:dd:27:e7:34:18:bd:39:2b:
6a:fa:37:20:2b:7c:c2:4c:b5:65:f9:c9:80:28:cd:
42:39:0c:4e:49:eb:a4:2e:dd:20:53:89:e9:7d:f2:
70:74:f7:28:54:87:49:7b:da:7a:31:53:d6:ce:96:
9f:f7:d6:50:7f:f7:7c:94:19:5f:d6:ef:63:5b:f4:
e6:c9:e5:9d:87:88:1d:d3:8c:2d:09:9e:52:f8:a7:
fe:5f:4d:d7:26:51:95:72:d9:9c:d1:61:76:59:2a:
fe:4d:54:e9:1b:d0:ca:41:52:bb:fd:dc:ed:e0:12:
25:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:C4:70:F5:32:CE:BC:28:8F:FB:FE:E1:50:76:21:52:5F:E1:35:3D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TMRw9TLOvCiP-_7hUHYhUl_hNT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8f:5d:33:0e:8a:bd:39:e9:96:14:fe:a8:44:0d:c0:1b:f6:00:
ec:00:23:21:c7:04:c2:a0:6b:17:7f:1f:f7:f6:06:e1:5d:f0:
35:12:4f:ee:21:0d:82:36:51:97:b3:4b:67:dd:e2:ba:14:74:
58:51:06:b1:0b:d2:22:bc:f3:04:a0:57:ef:c2:64:ae:3f:d1:
d9:b8:2a:1b:70:e0:b2:07:bb:1b:16:d0:c1:20:df:db:2f:85:
39:fc:b6:0b:a4:8e:c1:66:26:31:63:bb:31:c9:58:9e:4e:87:
25:c9:7e:38:c5:07:64:80:d7:77:cd:90:d1:d7:76:db:fb:47:
56:92:29:cb:d6:ee:be:37:64:54:99:53:9b:81:5d:a1:ec:50:
34:5b:5c:e8:37:d9:f3:20:b2:f9:24:27:fd:d3:be:4b:4c:08:
e6:6b:26:8f:b4:bc:0d:d7:08:c0:f6:c2:b8:cc:f0:0d:0f:11:
61:2d:c8:25:4e:5f:64:4b:05:bd:51:2f:2d:7d:fc:36:01:ff:
35:68:63:71:6d:63:00:94:96:11:13:56:95:80:72:d6:9b:dc:
73:92:ec:8b:76:be:61:f4:43:9d:bc:79:9c:6e:f4:6e:aa:03:
45:fb:6f:4c:f2:e4:1a:f8:d6:95:94:0c:a6:fe:c6:4f:c8:62:
c9:4a:13:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUuyuXxd2/SnH4Qp6a8HNNsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjIwMDkwODQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2M0NzBmNTMyY2ViYzI4OGZmYmZlZTE1MDc2MjE1MjVmZTEzNTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRKZ9PuzHA3HGUDbWtq2gK2xWoHC
AT+GCAOGg/l+f82lDg2vTY9PX149Bv4Fp5zV5cRsI9eR9BeuhIpH08I3E18xUeom
hTnPfnRzrydwX5gd6MvK3MaqQI7ljV/W+10t5Bggn2DQ7rhKGZkj9yTF7NH+2iha
8z9MBQnpzsKA+tq98qb/0JPiBw7ibt+h3SfnNBi9OStq+jcgK3zCTLVl+cmAKM1C
OQxOSeukLt0gU4npffJwdPcoVIdJe9p6MVPWzpaf99ZQf/d8lBlf1u9jW/TmyeWd
h4gd04wtCZ5S+Kf+X03XJlGVctmc0WF2WSr+TVTpG9DKQVK7/dzt4BIlqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEzEcPUyzrwoj/v+4VB2IVJf4TU9MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVE1SdzlUTE92Q2lQLV83aFVIWWhVbF9oTlQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI9dMw6KvTnplhT+qEQN
wBv2AOwAIyHHBMKgaxd/H/f2BuFd8DUST+4hDYI2UZezS2fd4roUdFhRBrEL0iK8
8wSgV+/CZK4/0dm4Khtw4LIHuxsW0MEg39svhTn8tgukjsFmJjFjuzHJWJ5OhyXJ
fjjFB2SA13fNkNHXdtv7R1aSKcvW7r43ZFSZU5uBXaHsUDRbXOg32fMgsvkkJ/3T
vktMCOZrJo+0vA3XCMD2wrjM8A0PEWEtyCVOX2RLBb1RLy19/DYB/zVoY3FtYwCU
lhETVpWActab3HOS7It2vmH0Q528eZxu9G6qA0X7b0zy5Br41pWUDKb+xk/IYslK
E3I=
-----END CERTIFICATE-----
Generated at Thu May 1 12:59:47 2025 by rpki-client