Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TYiX-2q1PBmAi5YFc489XNLxpXU.roa
File: TYiX-2q1PBmAi5YFc489XNLxpXU.roa (raw, json)
Hash identifier: IzhF3CP3KgF01Bf1lWVnewdLkfk43sG/WbrviuhTBNs=
Subject key identifier: 4D:88:97:FB:6A:B5:3C:19:80:8B:96:05:73:8F:3D:5C:D2:F1:A5:75
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01856A04DC99273D0E7433D6D0305F630DC3
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TYiX-2q1PBmAi5YFc489XNLxpXU.roa
Signing time: Sat 31 Dec 2022 21:09:41 +0000
ROA not before: Sat 31 Dec 2022 21:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6a:04:dc:99:27:3d:0e:74:33:d6:d0:30:5f:63:0d:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 31 21:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4d8897fb6ab53c19808b9605738f3d5cd2f1a575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5e:c7:64:94:d1:d9:b5:dc:38:af:1d:4b:c3:
05:cd:22:75:55:40:3f:ed:71:14:cc:80:64:20:8e:
2c:62:c1:f1:7b:a2:d8:c0:c6:7e:2f:f3:73:00:b1:
4b:35:0c:ce:92:5f:6f:35:d2:dd:67:18:b2:77:f2:
70:c8:2f:fd:8b:ae:76:24:b4:a0:c0:94:76:bf:be:
3b:d3:19:f6:d8:30:7b:9c:51:c1:e7:fa:dd:3d:17:
3b:22:0e:fb:b6:ba:8c:06:a3:8e:34:ca:e0:8b:a1:
6e:d6:9b:45:c1:f3:77:71:56:6d:91:07:7a:a2:27:
2b:74:12:11:b9:a9:79:e8:cf:b1:8e:50:cb:d1:48:
71:4f:4f:2f:3f:a3:f8:e5:47:47:ca:84:a8:01:79:
70:91:6b:0f:9b:e7:f2:d1:71:07:40:8e:2f:f5:c6:
75:21:ce:e1:2b:67:27:b8:f8:72:99:0f:08:f3:85:
d9:ef:84:4b:50:4b:1f:20:5f:58:10:12:3f:e3:79:
a7:e8:b0:6f:89:11:b6:5d:26:9f:38:3c:69:69:db:
0c:de:4a:05:31:9a:71:1d:ba:78:a8:83:c1:16:15:
34:9f:31:d3:3a:56:3f:32:b5:f6:a0:10:82:ff:87:
42:ac:8a:73:3d:13:48:c1:84:cb:11:e7:4f:ea:9f:
3c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:88:97:FB:6A:B5:3C:19:80:8B:96:05:73:8F:3D:5C:D2:F1:A5:75
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TYiX-2q1PBmAi5YFc489XNLxpXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
31:a5:b6:fd:a1:40:d8:3a:ab:47:ea:13:d7:6c:7a:f0:04:ab:
ef:45:2f:f9:4f:ae:24:14:b4:fb:63:92:c3:2b:c7:d6:40:e3:
05:04:cb:a9:be:d9:e7:91:c4:4a:be:e2:4a:1e:c0:f4:f4:ce:
67:0b:c8:e9:73:44:e3:fc:6d:38:4a:e2:59:be:e0:08:83:4a:
83:fd:b1:12:41:03:b0:c0:a2:57:9c:87:10:6e:ba:fb:bd:a5:
02:7b:23:ee:b1:bb:82:f4:44:1b:56:6c:67:ee:21:df:a1:53:
89:f2:4b:01:f9:4b:02:bd:22:99:c8:5c:09:1c:18:9d:4c:b4:
b0:01:e2:18:b4:df:b2:19:71:68:4e:86:35:29:3f:fa:9a:db:
9b:b5:b3:19:91:86:40:a3:10:d2:8d:a2:f2:f6:89:5e:45:68:
df:6d:df:86:2c:2f:a9:9f:ac:6f:f2:f5:24:ad:c4:55:ac:51:
50:58:39:c1:f7:4b:e8:0a:a0:c8:a3:2e:46:7a:fe:b7:20:eb:
84:5f:b1:b2:33:4e:10:a8:ac:e2:3f:d5:ce:5e:d5:87:f1:d8:
08:29:bc:15:df:f2:b1:58:ce:b8:3d:85:d9:c0:c9:c4:5b:03:
a8:bf:45:2e:30:8c:33:bf:88:47:c4:ee:b7:32:b4:ea:45:0c:
a5:fb:e6:ee
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVqBNyZJz0OdDPW0DBfYw3DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjMxMjEwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDg4OTdmYjZhYjUzYzE5ODA4Yjk2MDU3MzhmM2Q1Y2QyZjFhNTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp17HZJTR2bXcOK8dS8MFzSJ1VUA/
7XEUzIBkII4sYsHxe6LYwMZ+L/NzALFLNQzOkl9vNdLdZxiyd/JwyC/9i652JLSg
wJR2v7470xn22DB7nFHB5/rdPRc7Ig77trqMBqOONMrgi6Fu1ptFwfN3cVZtkQd6
oicrdBIRual56M+xjlDL0UhxT08vP6P45UdHyoSoAXlwkWsPm+fy0XEHQI4v9cZ1
Ic7hK2cnuPhymQ8I84XZ74RLUEsfIF9YEBI/43mn6LBviRG2XSafODxpadsM3koF
MZpxHbp4qIPBFhU0nzHTOlY/MrX2oBCC/4dCrIpzPRNIwYTLEedP6p88lwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE2Il/tqtTwZgIuWBXOPPVzS8aV1MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVFlpWC0ycTFQQm1BaTVZRmM0ODlYTkx4cFhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADGltv2hQNg6q0fqE9ds
evAEq+9FL/lPriQUtPtjksMrx9ZA4wUEy6m+2eeRxEq+4koewPT0zmcLyOlzROP8
bThK4lm+4AiDSoP9sRJBA7DAolechxBuuvu9pQJ7I+6xu4L0RBtWbGfuId+hU4ny
SwH5SwK9IpnIXAkcGJ1MtLAB4hi037IZcWhOhjUpP/qa25u1sxmRhkCjENKNovL2
iV5FaN9t34YsL6mfrG/y9SStxFWsUVBYOcH3S+gKoMijLkZ6/rcg64RfsbIzThCo
rOI/1c5e1Yfx2AgpvBXf8rFYzrg9hdnAycRbA6i/RS4wjDO/iEfE7rcytOpFDKX7
5u4=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:41:27 2025 by rpki-client