Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TzQwi5_IIaHCx1_QOHrV_kjjLO0.roa
File: TzQwi5_IIaHCx1_QOHrV_kjjLO0.roa (raw, json)
Hash identifier: asHVpw3cZ/Z6ptYp19jD01hIFahFoPOJQ93h2mCTa+M=
Subject key identifier: 4F:34:30:8B:9F:C8:21:A1:C2:C7:5F:D0:38:7A:D5:FE:48:E3:2C:ED
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0184D81692F5B84FA1F9DC3EE128B129669A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TzQwi5_IIaHCx1_QOHrV_kjjLO0.roa
Signing time: Sat 03 Dec 2022 13:04:28 +0000
ROA not before: Sat 03 Dec 2022 13:04:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:184:d816:26b4/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d8:16:92:f5:b8:4f:a1:f9:dc:3e:e1:28:b1:29:66:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 3 13:04:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4f34308b9fc821a1c2c75fd0387ad5fe48e32ced
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b2:c6:fa:05:e0:13:db:26:55:4d:e8:43:72:
8f:ba:4c:de:c2:e9:0b:57:33:c5:98:50:23:5a:ec:
5c:fb:e6:fe:2d:2f:55:7a:35:3c:03:b6:e0:44:a9:
d6:a6:21:6c:bb:61:3c:3c:ec:34:c1:bf:65:37:f7:
a1:ac:b5:43:67:9b:76:11:8b:be:8e:39:3e:42:18:
27:23:c4:1d:35:4b:0c:e0:1f:03:f8:29:f3:36:5b:
fa:61:ec:60:38:2b:55:07:16:fd:d0:cd:9d:3f:ea:
3a:ed:54:4a:62:27:f9:9f:01:3e:4e:6e:45:1e:c8:
85:7e:c8:c5:65:9f:e1:43:01:f0:3a:75:f4:31:1a:
c5:9c:46:e4:50:d0:62:8f:54:49:5d:5d:57:80:36:
17:3e:73:9b:22:34:b7:47:79:5f:2b:70:fb:40:f4:
70:25:df:22:a7:f8:f4:6e:8f:3a:d2:5f:d8:3c:49:
bb:4f:51:63:47:14:e4:8f:77:73:84:77:78:48:0e:
dd:cd:9a:ca:09:79:94:d9:f5:b4:e6:25:78:28:96:
99:e3:03:60:ee:f0:cd:20:45:e3:c8:6d:d4:35:93:
c4:18:31:99:71:80:dd:b2:1a:9e:fa:4d:53:8b:05:
c3:ac:49:96:ae:0a:8c:aa:1f:b1:9b:09:5f:9a:65:
d6:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:34:30:8B:9F:C8:21:A1:C2:C7:5F:D0:38:7A:D5:FE:48:E3:2C:ED
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TzQwi5_IIaHCx1_QOHrV_kjjLO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:d4:74:de:ac:75:52:ad:58:c8:0e:e5:ec:fc:f9:17:46:f9:
9d:29:68:d1:c0:67:57:c7:58:0e:ca:07:57:03:c8:e3:b5:5a:
37:1b:bf:d1:1d:02:1f:e7:37:d9:86:a1:42:3c:b0:47:d8:56:
9e:b2:96:ff:61:69:fd:66:da:94:ab:52:6a:48:92:99:aa:38:
4e:22:cc:b1:1c:96:34:bb:d8:d3:9a:68:b1:b1:e9:04:b7:7c:
c2:6f:e4:a0:be:3f:ac:16:ff:92:4f:80:16:5a:a0:6d:05:08:
2b:2d:65:90:57:39:c0:98:08:fe:a0:3d:b1:7f:02:b0:f7:7d:
43:61:ec:9e:cb:84:08:3c:b7:c0:47:63:4c:e9:cc:b0:b3:bb:
f0:8e:f5:d9:5f:71:b0:9a:5d:7e:21:61:59:5c:a2:a7:93:5d:
60:a3:99:8f:d2:85:8e:57:eb:23:e9:76:1d:a5:a8:a4:1e:04:
93:7a:57:2f:b4:6d:5d:fa:f2:70:a6:0b:cb:23:66:e3:aa:b4:
bf:6f:f7:d1:1a:2b:22:6a:db:89:f3:69:ab:84:65:25:6b:90:
84:6e:fe:ab:01:c2:a7:b2:51:73:79:6b:ff:5e:14:fc:04:02:
1f:b2:56:96:2b:53:9c:87:80:b7:86:7f:d6:06:54:9d:7d:fc:
a0:ae:43:29
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYTYFpL1uE+h+dw+4SixKWaaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjAzMTMwNDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjM0MzA4YjlmYzgyMWExYzJjNzVmZDAzODdhZDVmZTQ4ZTMyY2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbLG+gXgE9smVU3oQ3KPukzewukL
VzPFmFAjWuxc++b+LS9VejU8A7bgRKnWpiFsu2E8POw0wb9lN/ehrLVDZ5t2EYu+
jjk+QhgnI8QdNUsM4B8D+CnzNlv6YexgOCtVBxb90M2dP+o67VRKYif5nwE+Tm5F
HsiFfsjFZZ/hQwHwOnX0MRrFnEbkUNBij1RJXV1XgDYXPnObIjS3R3lfK3D7QPRw
Jd8ip/j0bo860l/YPEm7T1FjRxTkj3dzhHd4SA7dzZrKCXmU2fW05iV4KJaZ4wNg
7vDNIEXjyG3UNZPEGDGZcYDdshqe+k1TiwXDrEmWrgqMqh+xmwlfmmXWWwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE80MIufyCGhwsdf0Dh61f5I4yztMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVHpRd2k1X0lJYUhDeDFfUU9IclZfa2pqTE8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAETUdN6sdVKtWMgO5ez8
+RdG+Z0paNHAZ1fHWA7KB1cDyOO1Wjcbv9EdAh/nN9mGoUI8sEfYVp6ylv9haf1m
2pSrUmpIkpmqOE4izLEcljS72NOaaLGx6QS3fMJv5KC+P6wW/5JPgBZaoG0FCCst
ZZBXOcCYCP6gPbF/ArD3fUNh7J7LhAg8t8BHY0zpzLCzu/CO9dlfcbCaXX4hYVlc
oqeTXWCjmY/ShY5X6yPpdh2lqKQeBJN6Vy+0bV368nCmC8sjZuOqtL9v99EaKyJq
24nzaauEZSVrkIRu/qsBwqeyUXN5a/9eFPwEAh+yVpYrU5yHgLeGf9YGVJ19/KCu
Qyk=
-----END CERTIFICATE-----
Generated at Thu May 1 01:15:10 2025 by rpki-client