Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tl_98CjHTvCDeRnEQoUXlTYhcck.roa
File: tl_98CjHTvCDeRnEQoUXlTYhcck.roa (raw, json)
Hash identifier: C/HXWYw2S0d1NZ1OSy3omuTpFMZsaL0bRr3sI1OAGKs=
Subject key identifier: B6:5F:FD:F0:28:C7:4E:F0:83:79:19:C4:42:85:17:95:36:21:71:C9
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0188BA3D0F39E06E231679C8B46718206221
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tl_98CjHTvCDeRnEQoUXlTYhcck.roa
Signing time: Wed 14 Jun 2023 14:09:03 +0000
ROA not before: Wed 14 Jun 2023 14:09:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ba:3d:0f:39:e0:6e:23:16:79:c8:b4:67:18:20:62:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 14 14:09:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b65ffdf028c74ef0837919c442851795362171c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:75:ce:26:f6:9c:ac:bb:3e:bd:2b:eb:59:b0:
6d:94:5f:e6:5e:5e:c9:a8:a0:00:b7:17:34:e9:cd:
f8:0a:c7:ef:1a:ae:55:0c:82:16:4d:f8:71:e9:9b:
48:fa:83:b1:ef:04:8c:c2:e2:9e:93:c1:9a:c8:e4:
ee:1a:a2:c8:f7:aa:46:5f:7f:8b:cd:90:32:41:a3:
78:62:ef:0d:1f:8b:c6:3c:53:9d:b4:01:8a:87:0f:
55:ca:c7:09:51:38:48:51:e9:73:a5:69:9f:21:e8:
3d:e6:bd:b9:ae:05:9d:4d:a4:dc:eb:a2:71:c8:7e:
c3:bb:2d:4a:34:ae:f9:17:65:5b:a0:8e:5f:a1:88:
5c:42:c5:92:88:ed:59:1a:c8:2a:05:2c:28:2f:bd:
ab:83:ce:d7:d8:18:a4:8d:ba:00:81:c4:50:27:b3:
47:24:b1:1a:53:a9:fd:ea:8f:6b:68:f9:ba:75:3a:
40:6e:ed:78:67:4f:ff:5b:ad:05:c3:9c:52:2b:ac:
10:f9:70:d5:52:12:ff:7c:fa:fd:03:c8:3f:6d:27:
f5:76:b3:ca:52:80:b2:83:6e:0a:18:e5:2a:70:b6:
88:c0:f0:48:78:5b:f0:2d:d2:1d:d3:06:f9:d1:2d:
a3:49:bb:d0:dc:86:df:e7:f6:d5:72:2d:8d:16:d5:
05:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:5F:FD:F0:28:C7:4E:F0:83:79:19:C4:42:85:17:95:36:21:71:C9
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tl_98CjHTvCDeRnEQoUXlTYhcck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2a:fe:ed:a1:b7:31:96:e9:8e:08:9c:78:8a:47:b9:bb:9f:6e:
da:f3:c8:61:01:cc:c6:c7:70:28:71:da:6d:81:c1:0b:23:b5:
29:7b:75:c3:9a:38:44:92:c2:c4:0e:d6:76:f5:49:94:52:23:
9b:de:f5:af:5b:4c:2b:b9:61:48:35:d9:58:95:af:ad:71:c9:
03:20:f3:f7:e4:b2:45:0e:d9:15:6b:62:3f:c9:80:ec:a3:74:
ca:55:df:31:c0:8d:5e:29:e8:9c:93:2b:2f:74:89:c9:ec:92:
d5:ed:d9:59:2b:cd:cf:02:37:b4:be:ad:28:fa:54:81:4a:9c:
a2:d5:ae:e5:1b:74:e5:79:03:d4:e1:77:e6:52:9c:3c:da:1d:
5d:b0:6d:4c:b6:7e:6e:89:ce:fc:c7:59:7a:03:20:8a:4d:02:
c0:af:8e:02:60:1a:67:ca:8a:8a:1c:b6:34:5d:3c:46:9e:63:
c8:88:df:95:89:8b:55:1a:d2:0e:f5:9f:ef:ea:04:07:fd:22:
7e:6a:1f:38:15:28:80:dc:c5:37:39:00:f0:d3:f8:7c:9c:99:
27:22:41:cb:95:34:52:8c:18:9c:80:c7:5a:6d:bf:9c:bd:27:
89:72:85:ba:c6:cd:f7:3d:fe:6c:29:71:38:e1:23:45:8e:4b:
29:91:fa:54
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYi6PQ854G4jFnnItGcYIGIhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjE0MTQwOTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjVmZmRmMDI4Yzc0ZWYwODM3OTE5YzQ0Mjg1MTc5NTM2MjE3MWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXXOJvacrLs+vSvrWbBtlF/mXl7J
qKAAtxc06c34CsfvGq5VDIIWTfhx6ZtI+oOx7wSMwuKek8GayOTuGqLI96pGX3+L
zZAyQaN4Yu8NH4vGPFOdtAGKhw9VyscJUThIUelzpWmfIeg95r25rgWdTaTc66Jx
yH7Duy1KNK75F2VboI5foYhcQsWSiO1ZGsgqBSwoL72rg87X2BikjboAgcRQJ7NH
JLEaU6n96o9raPm6dTpAbu14Z0//W60Fw5xSK6wQ+XDVUhL/fPr9A8g/bSf1drPK
UoCyg24KGOUqcLaIwPBIeFvwLdId0wb50S2jSbvQ3Ibf5/bVci2NFtUF3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLZf/fAox07wg3kZxEKFF5U2IXHJMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdGxfOThDakhUdkNEZVJuRVFvVVhsVFloY2NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACr+7aG3MZbpjgiceIpH
ubufbtrzyGEBzMbHcChx2m2BwQsjtSl7dcOaOESSwsQO1nb1SZRSI5ve9a9bTCu5
YUg12ViVr61xyQMg8/fkskUO2RVrYj/JgOyjdMpV3zHAjV4p6JyTKy90icnsktXt
2Vkrzc8CN7S+rSj6VIFKnKLVruUbdOV5A9Thd+ZSnDzaHV2wbUy2fm6JzvzHWXoD
IIpNAsCvjgJgGmfKiooctjRdPEaeY8iI35WJi1Ua0g71n+/qBAf9In5qHzgVKIDc
xTc5APDT+HycmSciQcuVNFKMGJyAx1ptv5y9J4lyhbrGzfc9/mwpcTjhI0WOSymR
+lQ=
-----END CERTIFICATE-----
Generated at Thu May 1 11:22:37 2025 by rpki-client