Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tTjffkh8H8B31UdGan0kC4TnDcI.roa
File: tTjffkh8H8B31UdGan0kC4TnDcI.roa (raw, json)
Hash identifier: GOoVegvj7Vc3nE008qDaGNjbhx0uRWFrvV0WCxJBKD4=
Subject key identifier: B5:38:DF:7E:48:7C:1F:C0:77:D5:47:46:6A:7D:24:0B:84:E7:0D:C2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 928337F9
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tTjffkh8H8B31UdGan0kC4TnDcI.roa
Signing time: Tue 05 Jul 2022 06:11:25 +0000
ROA not before: Tue 05 Jul 2022 06:11:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2458073081 (0x928337f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 5 06:11:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b538df7e487c1fc077d547466a7d240b84e70dc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6b:40:73:7c:b9:4c:47:df:51:e0:b7:ee:a5:
83:bc:cb:c3:5d:d6:97:eb:38:33:f9:73:51:17:3e:
fa:77:38:1d:95:eb:f9:63:1d:7f:c2:be:8f:d8:de:
28:f7:92:c6:bf:f7:91:f0:db:53:3c:3e:e5:51:86:
eb:e5:41:61:52:54:b1:f6:40:59:27:77:c5:7b:54:
26:65:7d:62:9c:b5:cb:7b:9d:2f:af:e0:75:ba:09:
aa:42:c9:89:6a:bf:6f:41:71:54:10:8c:a3:13:60:
fa:49:a1:8a:31:52:af:9c:b6:2b:f3:e3:65:04:59:
c5:99:08:23:4e:44:50:4c:f9:6c:c1:03:02:fe:e7:
a6:0d:f0:05:16:61:3c:d8:77:7b:85:cb:46:91:11:
bf:d9:b0:c1:f8:c2:8c:b7:4a:a5:03:e8:1f:b6:4b:
54:2d:ea:49:dc:6d:6c:ca:27:e2:d2:aa:0c:71:20:
75:42:c9:c3:78:fb:f8:0e:be:85:ca:36:d6:ed:8d:
ec:f0:8b:42:57:c5:84:8a:3d:23:77:3f:6d:7c:3f:
5b:e0:0b:b2:c9:97:06:be:38:d0:6b:9e:1c:70:c7:
f9:a3:80:9a:12:b6:4f:6a:f7:9f:ff:69:c2:0a:44:
3f:0a:13:25:86:ec:d0:6f:4c:9a:4f:06:16:f8:cd:
cd:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:38:DF:7E:48:7C:1F:C0:77:D5:47:46:6A:7D:24:0B:84:E7:0D:C2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tTjffkh8H8B31UdGan0kC4TnDcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
80:d6:46:e9:f0:09:6b:c7:87:f9:68:fe:22:21:88:b8:c3:47:
d6:f8:ab:39:21:55:85:10:e6:a2:f8:11:da:a3:7d:77:37:ff:
dc:b1:64:c1:ae:91:09:ca:53:52:6d:6b:6c:fe:85:57:28:a1:
2d:2b:1b:ce:9d:46:89:5c:88:40:77:97:ed:1c:d8:5a:16:9b:
00:fc:3a:14:0e:d2:f7:6e:17:35:7e:51:b3:93:06:dc:b4:47:
ee:5e:0c:2b:d8:4b:7b:ab:e8:0b:6f:4a:a8:91:0a:48:35:ac:
ad:d5:87:2a:a4:13:a9:a5:29:b0:f5:d6:89:10:fd:f7:c4:b0:
43:66:a5:5b:49:87:27:85:37:ce:d4:9e:09:ba:48:41:0d:46:
d8:27:53:96:d8:ae:80:05:af:cb:f8:9f:ae:9f:ea:ca:09:35:
12:49:d6:67:e9:b6:ea:0e:44:37:f7:fe:a7:9f:1e:98:d2:03:
ff:db:fc:bd:8e:88:05:ef:99:1a:c0:a1:30:2a:2c:d1:8a:fa:
e4:65:af:2d:ec:3a:f4:1d:0c:95:98:e2:f7:fe:49:0e:25:9e:
7e:2a:e2:3c:8f:46:59:59:c8:6d:38:21:43:1a:26:0f:30:ab:
19:a1:f2:07:b7:65:b1:58:50:6f:51:2a:73:cc:76:ef:32:22:
dc:c6:ba:18
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAJKDN/kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA3
MDUwNjExMjVaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKGI1MzhkZjdlNDg3
YzFmYzA3N2Q1NDc0NjZhN2QyNDBiODRlNzBkYzIwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCga0BzfLlMR99R4LfupYO8y8Nd1pfrODP5c1EXPvp3OB2V
6/ljHX/Cvo/Y3ij3ksa/95Hw21M8PuVRhuvlQWFSVLH2QFknd8V7VCZlfWKctct7
nS+v4HW6CapCyYlqv29BcVQQjKMTYPpJoYoxUq+ctivz42UEWcWZCCNORFBM+WzB
AwL+56YN8AUWYTzYd3uFy0aREb/ZsMH4woy3SqUD6B+2S1Qt6kncbWzKJ+LSqgxx
IHVCycN4+/gOvoXKNtbtjezwi0JXxYSKPSN3P218P1vgC7LJlwa+ONBrnhxwx/mj
gJoStk9q95//acIKRD8KEyWG7NBvTJpPBhb4zc1dAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUtTjffkh8H8B31UdGan0kC4TnDcIwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS90VGpmZmtoOEg4QjMxVWRHYW4wa0M0VG5EY0kucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAgNZG6fAJa8eH+Wj+IiGIuMNH1virOSFVhRDm
ovgR2qN9dzf/3LFkwa6RCcpTUm1rbP6FVyihLSsbzp1GiVyIQHeX7RzYWhabAPw6
FA7S924XNX5Rs5MG3LRH7l4MK9hLe6voC29KqJEKSDWsrdWHKqQTqaUpsPXWiRD9
98SwQ2alW0mHJ4U3ztSeCbpIQQ1G2CdTltiugAWvy/ifrp/qygk1EknWZ+m26g5E
N/f+p58emNID/9v8vY6IBe+ZGsChMCos0Yr65GWvLew69B0MlZji9/5JDiWefiri
PI9GWVnIbTghQxomDzCrGaHyB7dlsVhQb1Eqc8x27zIi3Ma6GA==
-----END CERTIFICATE-----
Generated at Thu May 1 10:03:58 2025 by rpki-client