Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tcH5kvGWo2oD3o65EJCb9wC2gas.roa
File: tcH5kvGWo2oD3o65EJCb9wC2gas.roa (raw, json)
Hash identifier: 2ldBTj+ZSRNS9JxxCn/V0/JPU9MaQos1ekI+YUIJTtU=
Subject key identifier: B5:C1:F9:92:F1:96:A3:6A:03:DE:8E:B9:10:90:9B:F7:00:B6:81:AB
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A0B24A30789BBAFAC0F4FB11A5327BADD
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tcH5kvGWo2oD3o65EJCb9wC2gas.roa
Signing time: Sat 19 Aug 2023 00:14:24 +0000
ROA not before: Sat 19 Aug 2023 00:14:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:0b:24:a3:07:89:bb:af:ac:0f:4f:b1:1a:53:27:ba:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 19 00:14:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5c1f992f196a36a03de8eb910909bf700b681ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1a:59:33:f3:dc:35:af:09:16:48:48:08:d5:
79:d1:9a:d2:0c:9f:8b:03:29:94:fc:53:1e:92:81:
a2:83:01:4c:f4:63:d4:42:f8:5d:00:d5:fe:49:2e:
d8:f3:20:41:31:93:a3:be:c4:68:ea:52:fd:b8:f2:
c0:89:ea:f7:8e:45:d8:d5:e5:19:31:a9:51:bf:09:
c6:b5:c6:38:a5:7c:06:fa:fe:d7:ca:96:4e:dd:ab:
eb:6b:a7:18:42:8a:94:66:3f:78:cc:e0:c1:6f:bc:
e5:9a:44:a7:34:ea:e3:85:3a:25:21:77:1d:11:96:
00:a3:b8:d1:2b:00:a9:d8:06:49:fc:a0:17:ac:b5:
79:e4:15:d7:83:2f:c6:34:a4:57:02:db:14:a7:05:
91:54:8e:7f:46:6e:0a:96:a8:ce:ef:71:48:b4:a3:
37:04:43:da:78:6f:7f:f2:2a:ed:a5:fa:4d:3f:78:
3f:ba:09:f7:5e:80:91:24:14:4b:24:cc:cb:a1:9c:
08:56:df:6b:db:e1:8d:ac:93:0f:c8:d7:07:21:f6:
4d:d3:fd:08:a2:a0:10:91:00:2b:09:1f:ad:fb:6f:
76:7c:a1:40:ba:af:75:24:97:08:d0:8b:68:a0:93:
fd:43:ef:65:27:2a:a2:78:13:db:70:87:20:eb:77:
1d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:C1:F9:92:F1:96:A3:6A:03:DE:8E:B9:10:90:9B:F7:00:B6:81:AB
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tcH5kvGWo2oD3o65EJCb9wC2gas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6a:92:56:37:f6:37:41:dc:43:8a:26:d2:32:97:2c:c5:83:2c:
86:ca:cb:96:72:6c:ad:13:a2:f9:c4:2c:97:da:e6:63:36:c5:
fe:87:f3:8b:18:8c:67:74:93:38:23:8e:03:3e:e3:0d:f5:79:
3e:1b:e8:7a:bc:fd:8c:c8:d0:27:88:0f:1f:c2:41:23:9a:f1:
cc:32:03:9f:5e:d7:0a:ee:9c:cf:77:bf:4c:e8:a2:68:ad:aa:
6e:aa:ca:44:09:5c:97:7b:4e:24:53:29:cf:99:d8:67:d6:99:
32:d3:3f:79:e1:99:9f:62:d5:af:a6:da:d8:ab:78:60:3c:d5:
66:89:0e:5c:32:85:eb:14:f2:17:69:dd:61:38:d1:1d:c8:ac:
92:17:b9:8f:8e:cc:01:37:18:33:e5:8d:b3:0d:36:34:c5:5c:
23:15:9a:00:12:f5:56:f9:91:97:ac:73:5b:84:d8:42:ba:38:
cf:9e:23:a7:29:e1:72:12:a5:c9:24:c7:b3:77:60:72:f2:06:
b7:0e:e9:a2:aa:5f:d8:fe:1b:fe:32:d5:53:2f:29:22:76:9a:
b2:f1:5d:ed:4f:6b:83:6d:c4:9f:e4:3c:91:4d:60:70:66:6e:
8b:90:95:f7:39:24:9f:21:b9:21:5a:4c:41:e6:fe:48:81:27:
a9:be:a4:83
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoLJKMHibuvrA9PsRpTJ7rdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODE5MDAxNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWMxZjk5MmYxOTZhMzZhMDNkZThlYjkxMDkwOWJmNzAwYjY4MWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRpZM/PcNa8JFkhICNV50ZrSDJ+L
AymU/FMekoGigwFM9GPUQvhdANX+SS7Y8yBBMZOjvsRo6lL9uPLAier3jkXY1eUZ
MalRvwnGtcY4pXwG+v7XypZO3avra6cYQoqUZj94zODBb7zlmkSnNOrjhTolIXcd
EZYAo7jRKwCp2AZJ/KAXrLV55BXXgy/GNKRXAtsUpwWRVI5/Rm4KlqjO73FItKM3
BEPaeG9/8irtpfpNP3g/ugn3XoCRJBRLJMzLoZwIVt9r2+GNrJMPyNcHIfZN0/0I
oqAQkQArCR+t+292fKFAuq91JJcI0ItooJP9Q+9lJyqieBPbcIcg63cdIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLXB+ZLxlqNqA96OuRCQm/cAtoGrMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdGNINWt2R1dvMm9EM282NUVKQ2I5d0MyZ2FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGqSVjf2N0HcQ4om0jKX
LMWDLIbKy5ZybK0TovnELJfa5mM2xf6H84sYjGd0kzgjjgM+4w31eT4b6Hq8/YzI
0CeIDx/CQSOa8cwyA59e1wrunM93v0zoomitqm6qykQJXJd7TiRTKc+Z2GfWmTLT
P3nhmZ9i1a+m2tireGA81WaJDlwyhesU8hdp3WE40R3IrJIXuY+OzAE3GDPljbMN
NjTFXCMVmgAS9Vb5kZesc1uE2EK6OM+eI6cp4XISpckkx7N3YHLyBrcO6aKqX9j+
G/4y1VMvKSJ2mrLxXe1Pa4NtxJ/kPJFNYHBmbouQlfc5JJ8huSFaTEHm/kiBJ6m+
pIM=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:29:10 2025 by rpki-client