Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tLm_G6eth0t6gQTV_awoNdEnmXw.roa
File: tLm_G6eth0t6gQTV_awoNdEnmXw.roa (raw, json)
Hash identifier: pb77Nw6MZ4JzVV/wZ7sbSCMWKp8g+gNA87Po/0mp0Gw=
Subject key identifier: B4:B9:BF:1B:A7:AD:87:4B:7A:81:04:D5:FD:AC:28:35:D1:27:99:7C
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01862710FAFE86B8CE4EB0D66745D70CCE4F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tLm_G6eth0t6gQTV_awoNdEnmXw.roa
Signing time: Mon 06 Feb 2023 14:11:09 +0000
ROA not before: Mon 06 Feb 2023 14:11:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:27:10:fa:fe:86:b8:ce:4e:b0:d6:67:45:d7:0c:ce:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 6 14:11:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4b9bf1ba7ad874b7a8104d5fdac2835d127997c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4b:d2:8a:39:58:ff:e0:90:9d:a4:fd:6d:93:
da:58:e3:e1:48:5d:1b:b7:e4:4f:8b:37:7a:cd:6c:
c2:28:d5:62:49:1a:05:a4:49:75:ae:3b:c7:fa:ed:
8a:c8:f8:8b:26:de:16:7d:fa:4c:06:af:85:46:ff:
e3:c6:6f:53:18:6a:89:91:55:4a:67:5c:11:84:42:
4d:12:bd:69:05:f1:38:1e:a3:cc:e0:40:0f:83:8c:
bf:fc:b0:fc:c3:40:3a:5e:a9:d2:48:ed:6b:14:72:
92:6c:66:7e:78:3b:af:0f:39:72:ae:1d:e4:53:db:
cb:ce:30:da:ed:ac:1c:61:7e:ea:0e:24:0c:4c:d7:
0e:30:79:18:ec:ea:4d:6c:02:bd:60:1c:84:6d:fe:
ac:18:1a:43:d0:e3:59:70:07:24:12:8b:55:cb:ff:
a1:7d:f0:a3:f5:be:74:c4:3e:e9:e4:dd:27:0e:07:
90:16:03:03:e2:a6:2e:04:bf:17:b4:98:6b:a1:46:
a1:65:9e:6a:95:30:c9:33:43:b5:b0:ab:e1:2a:96:
da:63:a3:04:e6:d4:d9:e4:89:03:f7:d3:90:1a:03:
52:f4:ca:cc:70:0e:7e:3e:89:f0:c3:e4:13:5e:d9:
13:6e:16:fb:c5:7b:0d:6a:42:1d:57:d9:02:38:d0:
05:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:B9:BF:1B:A7:AD:87:4B:7A:81:04:D5:FD:AC:28:35:D1:27:99:7C
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tLm_G6eth0t6gQTV_awoNdEnmXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
47:b4:3a:8d:0f:15:8b:e7:96:06:c8:6b:a0:dc:2d:72:21:ee:
42:72:2c:79:6b:a2:12:d3:20:fe:45:d7:aa:75:53:75:84:45:
0c:99:47:87:96:3e:73:04:68:68:81:2d:cc:06:bd:0f:d7:42:
01:71:87:bc:7a:46:90:04:d5:51:2e:d4:0a:d3:9a:04:0a:ce:
ae:16:f9:79:04:be:d4:70:40:d4:09:9f:6c:de:e2:d4:fe:1a:
81:46:73:2e:41:8f:86:b5:bc:c7:77:60:38:60:7f:e6:51:0c:
59:e1:e8:e3:27:44:c4:51:15:b2:a1:b7:4a:0b:d7:e7:84:d2:
b0:89:dc:b3:92:31:38:5f:d2:59:9c:c3:0b:7d:7a:7c:42:4f:
13:d2:be:04:85:2f:61:46:84:e5:de:bf:9f:04:2e:cc:6d:7b:
2b:4c:17:87:93:d3:aa:01:3a:d4:bd:46:49:08:1c:3e:c6:6b:
72:c5:c9:14:b2:2d:96:e8:9b:60:4c:ff:83:4c:c2:3a:f3:55:
9b:f9:f6:4f:76:9a:a9:24:5d:a2:61:20:ce:f4:63:40:ba:d4:
0f:e7:c2:f7:2d:b3:ca:07:d0:cc:f0:85:31:c0:a3:5f:ca:45:
a1:22:a1:2e:b5:3e:d1:6a:39:ea:bf:5b:08:fc:19:e8:b5:64:
b3:e2:88:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYnEPr+hrjOTrDWZ0XXDM5PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjA2MTQxMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGI5YmYxYmE3YWQ4NzRiN2E4MTA0ZDVmZGFjMjgzNWQxMjc5OTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUvSijlY/+CQnaT9bZPaWOPhSF0b
t+RPizd6zWzCKNViSRoFpEl1rjvH+u2KyPiLJt4WffpMBq+FRv/jxm9TGGqJkVVK
Z1wRhEJNEr1pBfE4HqPM4EAPg4y//LD8w0A6XqnSSO1rFHKSbGZ+eDuvDzlyrh3k
U9vLzjDa7awcYX7qDiQMTNcOMHkY7OpNbAK9YByEbf6sGBpD0ONZcAckEotVy/+h
ffCj9b50xD7p5N0nDgeQFgMD4qYuBL8XtJhroUahZZ5qlTDJM0O1sKvhKpbaY6ME
5tTZ5IkD99OQGgNS9MrMcA5+Ponww+QTXtkTbhb7xXsNakIdV9kCONAF1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLS5vxunrYdLeoEE1f2sKDXRJ5l8MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdExtX0c2ZXRoMHQ2Z1FUVl9hd29OZEVubVh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEe0Oo0PFYvnlgbIa6Dc
LXIh7kJyLHlrohLTIP5F16p1U3WERQyZR4eWPnMEaGiBLcwGvQ/XQgFxh7x6RpAE
1VEu1ArTmgQKzq4W+XkEvtRwQNQJn2ze4tT+GoFGcy5Bj4a1vMd3YDhgf+ZRDFnh
6OMnRMRRFbKht0oL1+eE0rCJ3LOSMThf0lmcwwt9enxCTxPSvgSFL2FGhOXev58E
LsxteytMF4eT06oBOtS9RkkIHD7Ga3LFyRSyLZbom2BM/4NMwjrzVZv59k92mqkk
XaJhIM70Y0C61A/nwvcts8oH0MzwhTHAo1/KRaEioS61PtFqOeq/Wwj8Gei1ZLPi
iKE=
-----END CERTIFICATE-----
Generated at Wed Apr 30 19:49:04 2025 by rpki-client