Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tFJZfJdeGZPuOFRpZJ24IOQ3bWI.roa
File: tFJZfJdeGZPuOFRpZJ24IOQ3bWI.roa (raw, json)
Hash identifier: K2ts76sBtzBP513nVyhlvilyV25zva+vnpXtAj+FQmE=
Subject key identifier: B4:52:59:7C:97:5E:19:93:EE:38:54:69:64:9D:B8:20:E4:37:6D:62
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 68485C48
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tFJZfJdeGZPuOFRpZJ24IOQ3bWI.roa
Signing time: Sun 06 Feb 2022 01:17:37 +0000
ROA not before: Sun 06 Feb 2022 01:17:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17e:a0dd:2f5b/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1749572680 (0x68485c48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 6 01:17:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b452597c975e1993ee385469649db820e4376d62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:eb:bd:0a:1d:26:fa:4f:5f:3a:84:7e:db:07:
0c:21:62:16:fb:61:cb:58:b1:bb:fc:e2:46:51:bc:
fd:99:13:63:95:e4:9d:cd:92:2d:0a:61:32:ba:09:
3d:90:d2:1d:bd:34:11:01:51:4d:45:9f:71:54:5f:
89:3d:e1:ec:cc:c4:8d:aa:84:d8:5b:b1:6c:9c:d3:
c3:28:7a:56:61:8e:7c:dc:e7:88:cd:cd:71:e7:78:
a3:94:90:4c:be:5f:84:d7:4a:30:aa:ee:ec:6a:7f:
a2:0a:65:7d:bc:5b:6b:57:d8:02:97:67:20:ae:f0:
4a:8a:64:13:3d:f2:46:8a:5b:a4:4a:6c:8e:b0:0c:
15:f2:6c:85:6f:27:d5:77:09:0f:5b:cd:49:13:23:
ac:df:a2:d3:18:84:12:f7:0d:ba:a2:ea:9e:f6:db:
ab:95:5a:57:e4:0f:b3:89:8d:c5:8b:7d:a7:e3:04:
1f:b7:55:f6:5a:5a:5a:53:28:9a:bf:61:9d:72:de:
0d:bb:cb:4c:a0:4c:12:9a:be:c2:91:18:cb:80:a7:
de:19:75:77:8a:0b:77:6f:2a:ed:89:30:ba:bd:2f:
99:59:7c:d0:e6:6f:46:75:1c:5d:ee:29:84:9f:43:
7d:41:df:77:b1:47:d4:70:a1:1d:00:d4:a0:0d:1f:
94:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:52:59:7C:97:5E:19:93:EE:38:54:69:64:9D:B8:20:E4:37:6D:62
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tFJZfJdeGZPuOFRpZJ24IOQ3bWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:8f:81:fc:61:b2:ca:fa:fd:2b:57:24:65:85:fd:ef:fe:42:
e6:d8:e8:24:56:fb:b7:55:72:32:d0:72:66:7d:4b:c4:43:65:
16:51:74:52:48:29:4d:5e:80:c9:e4:c9:2f:35:a0:13:62:3b:
e6:7b:92:24:e5:70:c0:62:03:98:62:81:2e:9d:f1:ed:e4:96:
22:f4:80:67:25:ad:e0:c0:61:81:f6:b3:66:1e:10:d5:84:92:
44:f7:ec:f6:90:63:99:f7:9c:2a:27:26:85:f1:ed:22:d6:30:
22:d0:c0:66:a4:58:b7:85:6c:f6:24:8b:28:f6:95:d5:4c:23:
53:4c:fe:8d:73:d2:31:4b:08:fa:d0:9f:b1:35:50:ec:3d:ef:
2d:01:00:84:57:97:c2:18:6c:23:08:9c:80:fe:77:6d:35:1e:
61:28:b0:62:6b:24:9d:0d:f0:55:94:42:34:bb:53:27:35:9b:
e3:31:fa:b7:fc:04:c6:cf:ca:1a:9a:1f:46:ca:0c:5c:8e:df:
3d:db:cd:d6:18:5c:fa:94:bc:6e:97:94:6d:0f:af:fc:a7:88:
1e:75:f4:e3:4a:fa:72:b3:10:de:af:1f:03:d3:45:3b:7f:fc:
34:d6:b1:3a:50:74:12:27:69:0a:b3:01:71:a2:be:6e:9f:69:
60:fb:a4:5f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEaEhcSDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDIw
NjAxMTczN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjQ1MjU5N2M5NzVl
MTk5M2VlMzg1NDY5NjQ5ZGI4MjBlNDM3NmQ2MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANrrvQodJvpPXzqEftsHDCFiFvthy1ixu/ziRlG8/ZkTY5Xk
nc2SLQphMroJPZDSHb00EQFRTUWfcVRfiT3h7MzEjaqE2FuxbJzTwyh6VmGOfNzn
iM3Nced4o5SQTL5fhNdKMKru7Gp/ogplfbxba1fYApdnIK7wSopkEz3yRopbpEps
jrAMFfJshW8n1XcJD1vNSRMjrN+i0xiEEvcNuqLqnvbbq5VaV+QPs4mNxYt9p+ME
H7dV9lpaWlMomr9hnXLeDbvLTKBMEpq+wpEYy4Cn3hl1d4oLd28q7Ykwur0vmVl8
0OZvRnUcXe4phJ9DfUHfd7FH1HChHQDUoA0flBUCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBS0Ull8l14Zk+44VGlknbgg5DdtYjAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L3RGSlpmSmRlR1pQdU9GUnBaSjI0SU9RM2JXSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQBfj4H8YbLK+v0rVyRlhf3v/kLm2OgkVvu3VXIy
0HJmfUvEQ2UWUXRSSClNXoDJ5MkvNaATYjvme5Ik5XDAYgOYYoEunfHt5JYi9IBn
Ja3gwGGB9rNmHhDVhJJE9+z2kGOZ95wqJyaF8e0i1jAi0MBmpFi3hWz2JIso9pXV
TCNTTP6Nc9IxSwj60J+xNVDsPe8tAQCEV5fCGGwjCJyA/ndtNR5hKLBiaySdDfBV
lEI0u1MnNZvjMfq3/ATGz8oamh9Gygxcjt89283WGFz6lLxul5RtD6/8p4gedfTj
SvpysxDerx8D00U7f/w01rE6UHQSJ2kKswFxor5un2lg+6Rf
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:39:22 2025 by rpki-client