Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TfPNfdk6WT7YUr_oObRD9GxteCg.roa
File: TfPNfdk6WT7YUr_oObRD9GxteCg.roa (raw, json)
Hash identifier: U5U0oZg+fT6yzCwUsZOHeP9CCn8TqNgsqz1WLFcSoRc=
Subject key identifier: 4D:F3:CD:7D:D9:3A:59:3E:D8:52:BF:E8:39:B4:43:F4:6C:6D:78:28
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0182D9A472D1909CEECDA523F0B7B5DD1F14
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TfPNfdk6WT7YUr_oObRD9GxteCg.roa
Signing time: Fri 26 Aug 2022 10:13:29 +0000
ROA not before: Fri 26 Aug 2022 10:13:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d9:a4:72:d1:90:9c:ee:cd:a5:23:f0:b7:b5:dd:1f:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 26 10:13:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4df3cd7dd93a593ed852bfe839b443f46c6d7828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:05:56:8a:63:a9:be:2e:62:09:e9:52:10:cd:
ec:a2:d1:d3:47:45:ae:6f:de:b2:46:4c:de:f9:f1:
29:95:fd:83:c4:2c:84:53:65:4f:23:9b:cf:ef:08:
1e:27:fa:71:5f:f5:ff:1b:d3:f4:75:b4:4e:44:32:
6b:ff:b3:12:58:47:5e:0f:77:8e:bd:8f:39:f0:a8:
b0:47:ff:99:c4:cb:a5:b0:4a:75:01:4a:d0:ef:9e:
5e:4a:13:89:5c:af:d9:e9:f1:a5:62:3c:87:6e:0d:
55:59:79:b7:ec:48:b1:a9:90:b9:72:ea:c2:c1:69:
e7:ee:ac:77:6c:80:c4:33:49:05:c2:2a:df:40:dd:
b9:e9:54:d2:ed:a5:b8:03:e9:6f:57:3d:c6:12:0f:
af:38:40:2b:4b:b9:37:54:b6:44:b8:8d:08:2a:53:
c0:53:5b:58:0c:b9:e2:c1:a3:37:f9:cd:cf:d1:c0:
cb:03:e4:98:e1:e1:b4:99:cf:17:6a:1e:24:0e:ad:
83:71:92:39:5b:46:e2:91:2b:d5:b8:62:54:63:c7:
8a:e3:8c:30:5c:a8:d0:d3:d1:0e:e5:f7:26:a5:72:
fc:5d:d4:0d:c6:15:15:2b:c3:fb:53:34:8d:ec:39:
88:28:dc:88:0c:c7:74:35:50:d7:4d:cc:d9:b5:63:
6d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:F3:CD:7D:D9:3A:59:3E:D8:52:BF:E8:39:B4:43:F4:6C:6D:78:28
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TfPNfdk6WT7YUr_oObRD9GxteCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
93:16:3e:8c:9d:e3:33:b9:88:5f:fb:a0:fc:cb:cf:8a:e5:07:
e9:4f:0d:2c:ca:7d:84:52:60:08:a9:4c:1d:f7:f9:af:02:84:
4c:fd:87:44:3b:e2:78:00:83:ca:a8:f6:22:21:95:00:e8:d4:
a6:42:cc:7e:10:9b:16:f2:21:0d:5e:d0:70:13:71:65:e4:3e:
f4:73:f7:e5:88:f1:65:6b:a6:c5:ab:72:7a:fd:8f:5a:11:6b:
5d:1c:e2:10:f1:59:96:ba:65:0d:e0:cb:e3:f5:fc:3b:c4:52:
ea:ee:94:e8:63:bd:60:a2:d2:d2:8e:59:39:8c:4c:a3:02:df:
8e:42:0c:a1:27:0f:32:0a:a9:12:0e:32:6f:83:90:a4:13:e8:
43:2d:eb:5e:fc:ee:9a:08:68:4f:bc:1a:31:4f:49:90:7f:cc:
1c:17:f4:59:75:dd:97:62:a2:62:55:16:8e:5f:8e:d0:ec:7c:
99:40:8d:85:df:bf:7b:f8:ce:8d:73:fc:da:39:be:9b:1f:27:
ca:19:a0:79:07:da:f4:07:dc:59:30:01:22:1e:a7:8d:da:e7:
2a:87:71:fe:60:4a:5b:21:53:d2:b9:6b:13:12:ee:65:74:11:
c3:2c:32:9b:7f:80:18:32:dd:c1:98:1e:1f:23:dd:b7:ea:e2:
5a:70:90:ed
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYLZpHLRkJzuzaUj8Le13R8UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwODI2MTAxMzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGYzY2Q3ZGQ5M2E1OTNlZDg1MmJmZTgzOWI0NDNmNDZjNmQ3ODI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwVWimOpvi5iCelSEM3sotHTR0Wu
b96yRkze+fEplf2DxCyEU2VPI5vP7wgeJ/pxX/X/G9P0dbRORDJr/7MSWEdeD3eO
vY858KiwR/+ZxMulsEp1AUrQ755eShOJXK/Z6fGlYjyHbg1VWXm37EixqZC5curC
wWnn7qx3bIDEM0kFwirfQN256VTS7aW4A+lvVz3GEg+vOEArS7k3VLZEuI0IKlPA
U1tYDLniwaM3+c3P0cDLA+SY4eG0mc8Xah4kDq2DcZI5W0bikSvVuGJUY8eK44ww
XKjQ09EO5fcmpXL8XdQNxhUVK8P7UzSN7DmIKNyIDMd0NVDXTczZtWNtZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE3zzX3ZOlk+2FK/6Dm0Q/RsbXgoMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVGZQTmZkazZXVDdZVXJfb09iUkQ5R3h0ZUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJMWPoyd4zO5iF/7oPzL
z4rlB+lPDSzKfYRSYAipTB33+a8ChEz9h0Q74ngAg8qo9iIhlQDo1KZCzH4Qmxby
IQ1e0HATcWXkPvRz9+WI8WVrpsWrcnr9j1oRa10c4hDxWZa6ZQ3gy+P1/DvEUuru
lOhjvWCi0tKOWTmMTKMC345CDKEnDzIKqRIOMm+DkKQT6EMt61787poIaE+8GjFP
SZB/zBwX9Fl13ZdiomJVFo5fjtDsfJlAjYXfv3v4zo1z/No5vpsfJ8oZoHkH2vQH
3FkwASIep43a5yqHcf5gSlshU9K5axMS7mV0EcMsMpt/gBgy3cGYHh8j3bfq4lpw
kO0=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:42:39 2025 by rpki-client