Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TjHNxM_VI0bZ1loEr5e1jzzZcZQ.roa
File: TjHNxM_VI0bZ1loEr5e1jzzZcZQ.roa (raw, json)
Hash identifier: KW3N4OO2M44OBaIEqsyuo1MW2/nlXkcKQwY1OmdvfYE=
Subject key identifier: 4E:31:CD:C4:CF:D5:23:46:D9:D6:5A:04:AF:97:B5:8F:3C:D9:71:94
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186C0E5AA536604B828653368094F538E13
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TjHNxM_VI0bZ1loEr5e1jzzZcZQ.roa
Signing time: Wed 08 Mar 2023 11:05:22 +0000
ROA not before: Wed 08 Mar 2023 11:05:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:c0e4:ace1/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c0:e5:aa:53:66:04:b8:28:65:33:68:09:4f:53:8e:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 8 11:05:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e31cdc4cfd52346d9d65a04af97b58f3cd97194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:77:62:28:da:aa:46:9a:29:bb:47:e1:b7:af:
d6:1a:29:34:75:b4:36:66:c7:10:1f:de:a4:e6:70:
77:24:de:ed:ae:f4:ba:f5:75:fd:6b:90:3d:6a:1b:
af:ab:51:f2:a0:16:6a:11:cf:a6:a1:1d:d5:5d:5f:
1e:f1:7e:86:44:af:2e:2c:d2:0e:61:0b:a0:b6:52:
86:e2:33:97:97:4a:62:6b:1e:a2:e8:4b:fc:bd:a4:
ef:c8:8e:f7:74:a3:cd:39:8a:b2:e9:cb:86:5b:9d:
9c:05:9e:5e:bb:8b:47:eb:da:cf:df:78:cf:4a:64:
4d:67:c2:eb:43:e9:48:44:50:87:7a:c5:f3:4e:30:
a3:0b:b8:58:53:95:19:2d:b1:5a:f5:53:12:29:f4:
b9:a9:5a:8b:d8:25:95:fc:b2:12:90:a3:40:8b:cb:
d0:50:10:25:d4:f3:dc:29:98:41:b4:21:c9:e1:4f:
82:88:17:f5:32:a2:43:cd:2d:23:db:f8:36:22:68:
df:d4:91:a8:1b:32:42:53:79:1f:60:68:a5:07:1b:
9b:2a:b6:48:33:5d:9a:c7:73:8e:7a:4f:e9:b4:f1:
86:5e:62:35:3f:e3:a0:9b:dd:2e:a6:21:85:9b:b3:
f3:24:d1:a0:a0:22:0b:d5:b7:10:de:74:07:a5:f2:
b9:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:31:CD:C4:CF:D5:23:46:D9:D6:5A:04:AF:97:B5:8F:3C:D9:71:94
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TjHNxM_VI0bZ1loEr5e1jzzZcZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:32:24:dd:a1:64:ac:1a:68:90:cb:27:b1:52:86:7b:aa:dd:
40:f9:d5:ee:f8:76:09:23:60:41:f3:a3:16:a1:5f:78:1b:b6:
e7:b6:1c:09:b7:20:99:39:bd:d3:9f:e6:3b:a4:9a:07:54:11:
7d:ac:07:bb:b9:fd:6b:a8:d0:94:bf:8c:ee:53:49:b2:d9:f1:
af:bd:0f:72:e4:bc:f9:1b:ac:88:7c:dd:82:4c:b6:44:c9:5d:
15:09:70:d5:29:b6:69:b3:af:20:b2:f0:2b:b8:b9:8f:31:50:
b0:b4:15:f8:c9:40:3e:8f:26:0b:12:0e:eb:f8:33:44:34:e7:
93:26:af:71:c8:54:09:0d:cc:e0:16:3f:24:af:72:5d:4e:38:
c0:b0:ce:6d:f5:03:2a:6a:93:ec:b7:b2:2b:30:71:a6:d3:f3:
5e:cd:52:c4:87:2b:8f:7c:54:a7:b5:de:b3:5e:f5:79:79:56:
3c:67:67:44:4e:2d:3b:82:89:bd:cd:d5:d7:a5:ef:92:27:b5:
49:4b:4d:79:0a:a5:2d:b7:7c:bd:d7:d9:59:7f:91:1e:ed:cb:
13:04:1a:8e:92:2e:95:a9:e1:87:11:67:3c:f4:34:0e:17:f7:
4d:ad:2b:94:35:9e:7c:5a:b5:8d:72:09:d2:05:0f:30:dc:5d:
2a:4f:93:11
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYbA5apTZgS4KGUzaAlPU44TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA4MTEwNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTMxY2RjNGNmZDUyMzQ2ZDlkNjVhMDRhZjk3YjU4ZjNjZDk3MTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXdiKNqqRpopu0fht6/WGik0dbQ2
ZscQH96k5nB3JN7trvS69XX9a5A9ahuvq1HyoBZqEc+moR3VXV8e8X6GRK8uLNIO
YQugtlKG4jOXl0piax6i6Ev8vaTvyI73dKPNOYqy6cuGW52cBZ5eu4tH69rP33jP
SmRNZ8LrQ+lIRFCHesXzTjCjC7hYU5UZLbFa9VMSKfS5qVqL2CWV/LISkKNAi8vQ
UBAl1PPcKZhBtCHJ4U+CiBf1MqJDzS0j2/g2Imjf1JGoGzJCU3kfYGilBxubKrZI
M12ax3OOek/ptPGGXmI1P+Ogm90upiGFm7PzJNGgoCIL1bcQ3nQHpfK54QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE4xzcTP1SNG2dZaBK+XtY882XGUMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVGpITnhNX1ZJMGJaMWxvRXI1ZTFqenpaY1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEQyJN2hZKwaaJDLJ7FS
hnuq3UD51e74dgkjYEHzoxahX3gbtue2HAm3IJk5vdOf5jukmgdUEX2sB7u5/Wuo
0JS/jO5TSbLZ8a+9D3LkvPkbrIh83YJMtkTJXRUJcNUptmmzryCy8Cu4uY8xULC0
FfjJQD6PJgsSDuv4M0Q055Mmr3HIVAkNzOAWPySvcl1OOMCwzm31Aypqk+y3sisw
cabT817NUsSHK498VKe13rNe9Xl5VjxnZ0ROLTuCib3N1del75IntUlLTXkKpS23
fL3X2Vl/kR7tyxMEGo6SLpWp4YcRZzz0NA4X902tK5Q1nnxatY1yCdIFDzDcXSpP
kxE=
-----END CERTIFICATE-----
Generated at Fri May 2 01:15:41 2025 by rpki-client