Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Tn9zcV9uXuaL_BsTXeSlbt7mdmA.roa
File: Tn9zcV9uXuaL_BsTXeSlbt7mdmA.roa (raw, json)
Hash identifier: TAJOYC3PmCxIyR529pvSpzc51Wkm0yBjulykSqCsdtA=
Subject key identifier: 4E:7F:73:71:5F:6E:5E:E6:8B:FC:1B:13:5D:E4:A5:6E:DE:E6:76:60
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01862D4AEA424BC4F3253E46EF894A56DF28
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Tn9zcV9uXuaL_BsTXeSlbt7mdmA.roa
Signing time: Tue 07 Feb 2023 19:12:09 +0000
ROA not before: Tue 07 Feb 2023 19:12:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:2d:4a:ea:42:4b:c4:f3:25:3e:46:ef:89:4a:56:df:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 7 19:12:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4e7f73715f6e5ee68bfc1b135de4a56edee67660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b5:af:42:34:0c:85:21:81:4f:63:fc:af:eb:
84:88:bd:4e:40:28:0b:9d:9a:71:ab:aa:14:d9:05:
88:56:85:5f:ca:79:52:a5:1a:04:e7:fb:66:d2:ce:
80:5f:32:2a:72:3d:3b:28:77:25:ec:9e:26:62:54:
dd:10:91:c1:e5:b9:52:2f:00:ce:82:75:b2:03:ab:
e3:b1:2d:9b:15:52:c8:f7:ed:67:96:25:86:5e:62:
36:b3:56:3d:af:3e:19:17:fe:0b:fe:e2:ad:9c:a3:
32:84:13:09:ae:49:79:7d:f0:ab:32:46:fd:44:6a:
46:1c:48:db:c6:1d:11:ac:1f:e9:64:1a:4f:ba:80:
6a:3d:34:07:48:30:8a:a3:14:5f:dd:be:80:16:79:
32:03:f2:8c:0d:34:00:0a:f3:9d:31:3d:42:5b:35:
d1:1c:4c:14:21:84:05:97:b9:29:cb:2e:f2:90:e3:
4f:68:34:9d:41:36:29:26:38:71:40:54:b1:eb:4e:
b1:ed:2c:4d:a0:4c:b5:33:9e:4e:c2:3b:ac:4d:d0:
9b:59:22:58:06:e9:3d:20:bb:d5:b4:08:80:e7:7c:
8c:5a:75:2e:ae:96:e3:c7:d1:d8:c6:b7:42:f1:7a:
01:1b:78:7a:fa:51:5f:33:94:f8:3e:0e:b1:4a:e2:
28:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:7F:73:71:5F:6E:5E:E6:8B:FC:1B:13:5D:E4:A5:6E:DE:E6:76:60
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Tn9zcV9uXuaL_BsTXeSlbt7mdmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a6:05:38:9b:87:ac:8c:dd:66:32:8b:5e:76:3a:8d:70:79:6c:
04:80:80:18:ef:b7:e3:e6:3c:df:1e:b7:00:e0:e2:d1:55:e7:
43:dc:44:3c:a7:08:0d:46:c2:1f:71:67:18:55:b7:41:fe:a3:
12:8b:34:4f:9d:98:e5:bd:c9:18:7b:91:ed:71:51:e2:66:89:
ba:52:18:f9:f2:8e:f9:b4:e6:c3:b4:bd:06:31:30:11:52:60:
8c:0c:0f:b0:5a:8c:17:7e:b2:50:d1:65:3a:f6:3d:d0:67:37:
fc:5d:26:6b:94:96:41:b8:fd:84:02:98:14:25:a4:a5:7b:f6:
3a:3b:6e:1d:57:a1:ac:7f:4f:86:01:c4:b1:9e:5b:e7:c0:85:
da:b0:66:9d:d2:d8:9c:39:5b:23:21:7e:b6:00:35:22:c1:9c:
e0:be:34:a9:be:8d:00:00:1a:32:29:87:2b:0b:37:cb:44:b6:
44:9b:aa:4f:ae:11:78:6a:6f:3e:65:02:e2:c5:98:94:99:d6:
95:f7:28:aa:c3:ec:67:97:a4:f3:27:10:0a:55:be:c1:13:64:
d0:ed:9a:66:15:5b:4a:d8:14:32:31:96:a4:10:9a:fd:d9:fe:
9f:12:82:f6:f6:bc:36:bd:ff:ed:3e:9a:b2:18:6d:6e:0c:75:
4e:b6:d4:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYtSupCS8TzJT5G74lKVt8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjA3MTkxMjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTdmNzM3MTVmNmU1ZWU2OGJmYzFiMTM1ZGU0YTU2ZWRlZTY3NjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7WvQjQMhSGBT2P8r+uEiL1OQCgL
nZpxq6oU2QWIVoVfynlSpRoE5/tm0s6AXzIqcj07KHcl7J4mYlTdEJHB5blSLwDO
gnWyA6vjsS2bFVLI9+1nliWGXmI2s1Y9rz4ZF/4L/uKtnKMyhBMJrkl5ffCrMkb9
RGpGHEjbxh0RrB/pZBpPuoBqPTQHSDCKoxRf3b6AFnkyA/KMDTQACvOdMT1CWzXR
HEwUIYQFl7kpyy7ykONPaDSdQTYpJjhxQFSx606x7SxNoEy1M55OwjusTdCbWSJY
Buk9ILvVtAiA53yMWnUurpbjx9HYxrdC8XoBG3h6+lFfM5T4Pg6xSuIosQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE5/c3Ffbl7mi/wbE13kpW7e5nZgMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVG45emNWOXVYdWFMX0JzVFhlU2xidDdtZG1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKYFOJuHrIzdZjKLXnY6
jXB5bASAgBjvt+PmPN8etwDg4tFV50PcRDynCA1Gwh9xZxhVt0H+oxKLNE+dmOW9
yRh7ke1xUeJmibpSGPnyjvm05sO0vQYxMBFSYIwMD7BajBd+slDRZTr2PdBnN/xd
JmuUlkG4/YQCmBQlpKV79jo7bh1Xoax/T4YBxLGeW+fAhdqwZp3S2Jw5WyMhfrYA
NSLBnOC+NKm+jQAAGjIphysLN8tEtkSbqk+uEXhqbz5lAuLFmJSZ1pX3KKrD7GeX
pPMnEApVvsETZNDtmmYVW0rYFDIxlqQQmv3Z/p8Sgvb2vDa9/+0+mrIYbW4MdU62
1GI=
-----END CERTIFICATE-----
Generated at Thu May 1 05:47:43 2025 by rpki-client