Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TwxLuIv9vf9RwLw21-PZ9tDLV6w.roa
File: TwxLuIv9vf9RwLw21-PZ9tDLV6w.roa (raw, json)
Hash identifier: KexU+TfCmY1DJDuRypfaGvI2cm3VJNJSPbI63rME7AY=
Subject key identifier: 4F:0C:4B:B8:8B:FD:BD:FF:51:C0:BC:36:D7:E3:D9:F6:D0:CB:57:AC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186FBEF4474A4DDE822915421B4D8C5D5A2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TwxLuIv9vf9RwLw21-PZ9tDLV6w.roa
Signing time: Sun 19 Mar 2023 22:13:27 +0000
ROA not before: Sun 19 Mar 2023 22:13:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:fb:ef:44:74:a4:dd:e8:22:91:54:21:b4:d8:c5:d5:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 19 22:13:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4f0c4bb88bfdbdff51c0bc36d7e3d9f6d0cb57ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:45:ff:4e:49:a7:39:9e:08:96:9e:03:52:b4:
e9:25:a5:04:0f:99:8b:ce:58:eb:74:95:55:74:db:
b0:7c:71:3b:e2:8b:92:e4:78:bd:36:f5:f6:84:01:
62:37:24:34:e8:fb:5a:b2:54:3c:e6:29:2f:6b:30:
6b:e3:ac:84:5e:c2:a6:8e:ba:c1:e2:40:3c:2f:4b:
36:08:01:d7:1f:32:91:67:f4:16:8e:cd:44:af:e5:
d9:b8:ce:10:32:9b:d8:17:96:e4:92:a5:eb:d3:75:
fd:9a:63:52:c7:31:5d:d6:69:d0:93:93:e9:6f:25:
cb:5c:ab:76:d4:b1:45:a7:d2:90:3c:04:f0:97:50:
c9:1d:1d:fb:70:91:d7:52:1c:e6:35:e5:47:75:d5:
35:cd:b5:38:f3:13:26:3f:65:17:80:f7:f2:06:fa:
bd:64:2e:45:89:c9:8a:b0:fb:ba:79:58:5e:cc:10:
36:de:0f:ed:49:7d:ae:07:73:a0:c3:b0:1b:70:8a:
68:af:93:e5:6b:16:90:b5:d7:2b:41:a9:5d:85:6e:
68:7f:66:02:47:e8:13:e8:ad:64:f7:6e:3e:39:ca:
80:dc:23:bc:17:d6:e6:43:89:3d:39:66:56:f3:eb:
57:d3:d1:2a:9e:e8:2e:95:53:7c:c3:21:a1:f7:28:
bc:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:0C:4B:B8:8B:FD:BD:FF:51:C0:BC:36:D7:E3:D9:F6:D0:CB:57:AC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TwxLuIv9vf9RwLw21-PZ9tDLV6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
53:d9:9c:92:f1:7c:4e:aa:36:20:cd:45:ba:bc:25:f6:d8:98:
9a:4f:a9:d2:41:65:e7:0e:15:99:46:4d:ad:1d:8d:75:5d:97:
2a:81:6f:fe:37:85:75:bb:13:af:66:ed:74:1f:06:bf:41:61:
66:60:02:96:b3:58:37:b0:da:c9:1a:73:32:d1:b9:a9:d6:1c:
51:8c:6b:31:23:41:da:ba:fb:46:3d:76:8e:9f:e6:40:c8:8b:
06:a4:4b:f0:d1:d4:76:ed:9a:dd:50:29:4a:9f:11:34:bf:d5:
ab:6c:69:7b:a4:53:c2:e0:c2:e7:52:fa:ee:6d:bb:9b:14:e1:
65:57:00:c3:f5:5b:2a:b4:8a:4c:ad:1c:3e:40:96:95:fb:a5:
39:94:89:7a:c7:7c:de:92:db:a7:3c:08:5d:4c:e4:11:fa:66:
a6:40:ce:39:24:d5:df:4a:90:cd:c3:40:71:fe:5e:f0:f1:b1:
f0:bc:20:1a:b4:19:04:45:83:e6:8a:96:c2:eb:87:dc:3e:4e:
95:8a:4e:d1:94:5b:c9:91:44:12:27:0e:08:7b:34:36:68:da:
b5:5d:0c:48:27:18:d3:c5:df:65:33:55:be:13:d5:0d:e5:27:
bc:92:52:f5:3e:eb:79:94:3a:0d:fb:3e:05:f4:97:ce:e3:a8:
13:43:4c:17
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYb770R0pN3oIpFUIbTYxdWiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzE5MjIxMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjBjNGJiODhiZmRiZGZmNTFjMGJjMzZkN2UzZDlmNmQwY2I1N2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUX/TkmnOZ4Ilp4DUrTpJaUED5mL
zljrdJVVdNuwfHE74ouS5Hi9NvX2hAFiNyQ06PtaslQ85ikvazBr46yEXsKmjrrB
4kA8L0s2CAHXHzKRZ/QWjs1Er+XZuM4QMpvYF5bkkqXr03X9mmNSxzFd1mnQk5Pp
byXLXKt21LFFp9KQPATwl1DJHR37cJHXUhzmNeVHddU1zbU48xMmP2UXgPfyBvq9
ZC5FicmKsPu6eVhezBA23g/tSX2uB3Ogw7AbcIpor5PlaxaQtdcrQaldhW5of2YC
R+gT6K1k924+OcqA3CO8F9bmQ4k9OWZW8+tX09EqnugulVN8wyGh9yi8EwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE8MS7iL/b3/UcC8Ntfj2fbQy1esMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVHd4THVJdjl2ZjlSd0x3MjEtUFo5dERMVjZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFPZnJLxfE6qNiDNRbq8
JfbYmJpPqdJBZecOFZlGTa0djXVdlyqBb/43hXW7E69m7XQfBr9BYWZgApazWDew
2skaczLRuanWHFGMazEjQdq6+0Y9do6f5kDIiwakS/DR1Hbtmt1QKUqfETS/1ats
aXukU8LgwudS+u5tu5sU4WVXAMP1Wyq0ikytHD5AlpX7pTmUiXrHfN6S26c8CF1M
5BH6ZqZAzjkk1d9KkM3DQHH+XvDxsfC8IBq0GQRFg+aKlsLrh9w+TpWKTtGUW8mR
RBInDgh7NDZo2rVdDEgnGNPF32UzVb4T1Q3lJ7ySUvU+63mUOg37PgX0l87jqBND
TBc=
-----END CERTIFICATE-----
Generated at Fri May 2 16:46:26 2025 by rpki-client