Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TUXIs2-mEEGeqVUI4za2ie149bI.roa
File: TUXIs2-mEEGeqVUI4za2ie149bI.roa (raw, json)
Hash identifier: KhuptDhsXbL8OjH31iQLjFzX8QnIvA5aLrqfmOl3KOw=
Subject key identifier: 4D:45:C8:B3:6F:A6:10:41:9E:A9:55:08:E3:36:B6:89:ED:78:F5:B2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185346325CB54D870A1CDFE5F8D2E50B065
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TUXIs2-mEEGeqVUI4za2ie149bI.roa
Signing time: Wed 21 Dec 2022 11:13:11 +0000
ROA not before: Wed 21 Dec 2022 11:13:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:34:63:25:cb:54:d8:70:a1:cd:fe:5f:8d:2e:50:b0:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 21 11:13:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4d45c8b36fa610419ea95508e336b689ed78f5b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:7b:d9:29:1e:58:c9:3a:44:6c:d5:71:e7:a4:
86:74:69:19:31:9d:03:da:08:de:a2:2d:95:80:b0:
92:dd:e0:53:ca:61:99:77:29:6b:64:39:e2:45:11:
e1:72:64:db:46:11:b7:56:6e:f8:39:08:5e:80:b9:
e8:29:4e:10:84:81:22:c2:f5:95:e8:83:f9:f1:45:
7d:ff:6f:2d:fb:ba:a6:f2:a6:ec:21:e7:fa:bc:87:
70:fe:fa:80:ad:25:89:68:43:34:0d:ef:ce:68:8c:
75:98:4c:78:69:27:64:f4:e2:20:5e:bf:57:ec:d1:
b1:59:fc:d8:d6:d6:e3:65:4a:f9:63:5a:e1:b9:24:
16:cd:16:fa:0b:ef:35:d3:02:98:73:34:c3:8b:29:
8b:4f:d7:a1:14:19:36:b9:19:32:6a:54:ea:75:fe:
5c:bb:2a:c9:58:d1:03:04:e6:4f:47:63:01:37:db:
89:ae:02:ed:82:01:03:1b:f7:62:6c:7e:d8:3c:64:
bc:11:f8:af:e9:c2:ef:a4:66:9b:a6:ae:fb:87:9b:
25:33:ab:49:ba:7a:03:30:87:f3:48:b1:da:2b:ba:
14:fb:c7:8b:f3:01:d9:ca:64:5b:d6:e1:c2:42:9f:
ea:74:fc:8a:7f:57:e8:24:da:02:9e:46:11:5a:fd:
8b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:45:C8:B3:6F:A6:10:41:9E:A9:55:08:E3:36:B6:89:ED:78:F5:B2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TUXIs2-mEEGeqVUI4za2ie149bI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
af:34:a1:b8:f7:06:e0:d6:11:fe:43:65:d1:0e:7c:d0:de:00:
a9:66:06:65:72:2f:6e:ea:71:f2:22:b3:6c:39:19:04:5e:46:
de:b4:a9:b5:ae:51:4b:a4:25:4f:47:41:dc:1b:5d:8d:7c:6f:
f0:e3:8c:e1:45:c9:5e:c5:f0:ea:23:3a:d5:80:dc:ad:08:c8:
f1:5b:bd:05:96:79:0b:bd:05:3f:44:47:21:38:f7:6d:d9:bf:
72:2e:28:86:99:1e:cf:e0:c7:1c:2c:b4:84:ec:ce:5c:05:c4:
ef:7f:57:86:06:96:03:46:93:54:34:07:c8:ff:61:ae:1b:6e:
94:64:6f:74:29:8e:b7:7d:13:7e:e0:2f:09:5e:d0:a8:f0:d9:
cb:4e:36:ff:87:33:df:5e:cc:fb:d5:d3:47:76:da:99:81:3f:
1b:2a:9d:5d:81:d5:20:20:ce:18:b3:b4:84:64:05:ea:4e:45:
2b:71:87:a6:b8:0e:61:b4:5d:27:6a:f9:24:5c:f1:4f:99:ba:
43:61:ff:c6:97:e2:c3:73:78:dc:64:46:3b:97:dc:ec:61:be:
ae:71:a0:92:c2:65:a5:f0:15:2f:4a:51:fd:f0:f2:3e:9b:c0:
23:d9:0f:c1:6c:4a:ec:ac:6d:62:27:02:3e:58:55:a1:a1:b8:
e9:35:21:8b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYU0YyXLVNhwoc3+X40uULBlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjIxMTExMzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDQ1YzhiMzZmYTYxMDQxOWVhOTU1MDhlMzM2YjY4OWVkNzhmNWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8XvZKR5YyTpEbNVx56SGdGkZMZ0D
2gjeoi2VgLCS3eBTymGZdylrZDniRRHhcmTbRhG3Vm74OQhegLnoKU4QhIEiwvWV
6IP58UV9/28t+7qm8qbsIef6vIdw/vqArSWJaEM0De/OaIx1mEx4aSdk9OIgXr9X
7NGxWfzY1tbjZUr5Y1rhuSQWzRb6C+810wKYczTDiymLT9ehFBk2uRkyalTqdf5c
uyrJWNEDBOZPR2MBN9uJrgLtggEDG/dibH7YPGS8Efiv6cLvpGabpq77h5slM6tJ
unoDMIfzSLHaK7oU+8eL8wHZymRb1uHCQp/qdPyKf1foJNoCnkYRWv2LbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE1FyLNvphBBnqlVCOM2tontePWyMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVFVYSXMyLW1FRUdlcVZVSTR6YTJpZTE0OWJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK80obj3BuDWEf5DZdEO
fNDeAKlmBmVyL27qcfIis2w5GQReRt60qbWuUUukJU9HQdwbXY18b/DjjOFFyV7F
8OojOtWA3K0IyPFbvQWWeQu9BT9ERyE4923Zv3IuKIaZHs/gxxwstITszlwFxO9/
V4YGlgNGk1Q0B8j/Ya4bbpRkb3Qpjrd9E37gLwle0Kjw2ctONv+HM99ezPvV00d2
2pmBPxsqnV2B1SAgzhiztIRkBepORStxh6a4DmG0XSdq+SRc8U+ZukNh/8aX4sNz
eNxkRjuX3Oxhvq5xoJLCZaXwFS9KUf3w8j6bwCPZD8FsSuysbWInAj5YVaGhuOk1
IYs=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:45:45 2025 by rpki-client