Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tp-obMJDj3rXaDDhTQZAcTCA4R4.roa
File: tp-obMJDj3rXaDDhTQZAcTCA4R4.roa (raw, json)
Hash identifier: 5t8rYx5p99piGHeZVzjGVzvIoIyuS5lHTgi1zzrXUZQ=
Subject key identifier: B6:9F:A8:6C:C2:43:8F:7A:D7:68:30:E1:4D:06:40:71:30:80:E1:1E
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185EDFDBF8EA53862EFA2AD3B29CA1C960B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tp-obMJDj3rXaDDhTQZAcTCA4R4.roa
Signing time: Thu 26 Jan 2023 12:11:47 +0000
ROA not before: Thu 26 Jan 2023 12:11:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ed:fd:bf:8e:a5:38:62:ef:a2:ad:3b:29:ca:1c:96:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 26 12:11:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b69fa86cc2438f7ad76830e14d0640713080e11e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f4:9e:a7:32:5e:ea:e4:5a:f4:a0:45:42:0f:
b3:ff:f4:0f:90:fd:67:55:e2:db:30:6d:3e:cc:26:
06:d7:10:d3:a1:31:0c:ec:e0:aa:f4:01:af:5d:10:
08:35:2d:3a:15:2b:85:b3:d8:6b:82:4c:da:0c:79:
50:61:c1:46:52:75:cb:97:7a:f5:f5:6c:dc:a2:f3:
0e:c5:f1:e2:45:7d:da:0a:0a:89:f9:b2:f7:ec:5d:
f4:1d:5c:21:a2:b1:33:59:72:04:a5:0d:1a:2b:d2:
16:09:60:aa:ca:80:58:45:66:1c:be:73:ed:5f:4e:
c7:31:32:36:ff:b2:62:b3:6b:d8:48:cb:42:0b:94:
15:60:d8:64:41:3c:f8:79:c4:59:c0:fe:e9:63:2d:
89:8d:76:e6:66:fb:b5:a9:ab:13:b2:9b:da:e4:27:
1e:63:8f:e5:2c:bb:2d:25:5f:0f:83:49:e0:4d:53:
4f:46:f2:da:09:78:20:69:9f:17:a1:d7:72:52:3d:
cf:28:d8:be:ff:af:4c:48:65:b8:55:dc:dc:b0:e3:
0e:cd:f6:ee:21:51:50:2f:88:4f:b3:0b:b9:91:e0:
2d:89:9f:5a:5c:ed:a7:d9:6f:37:ee:3b:9c:e5:7f:
05:52:dc:39:6c:84:d1:8a:a4:88:0e:d5:dd:e2:ec:
c5:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:9F:A8:6C:C2:43:8F:7A:D7:68:30:E1:4D:06:40:71:30:80:E1:1E
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tp-obMJDj3rXaDDhTQZAcTCA4R4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:b2:d0:47:64:0b:2b:b2:ea:1c:44:d9:4a:2e:68:df:8c:ec:
4a:1b:cb:f8:c8:c1:41:5f:aa:7a:94:05:18:40:40:df:ac:75:
a7:28:67:18:36:7a:f5:67:3f:22:67:80:ef:9c:ff:91:51:aa:
60:92:3d:61:5c:0c:e6:ac:67:46:d5:75:87:44:a4:e6:b0:ae:
45:4b:97:02:5f:f0:9a:24:da:05:69:76:fd:e4:15:f5:54:38:
61:70:79:29:42:36:14:ff:5f:ca:06:1f:5f:b1:97:a7:5f:a3:
94:35:fd:8a:82:a2:0a:9f:db:0f:88:96:03:19:12:f7:4d:8e:
99:b8:a8:d8:f5:ad:3f:92:15:ce:f9:81:11:41:83:b7:16:19:
07:9a:99:44:34:77:b7:a9:10:8f:de:3f:52:a5:e8:1b:7b:fa:
fa:ad:a5:5c:4f:73:db:5c:9e:90:e6:13:0c:76:52:fc:f2:b2:
4d:bb:41:5d:73:2f:35:be:29:52:e1:89:7c:cd:49:89:19:dd:
a0:30:09:29:39:9b:03:37:ef:63:ea:fa:83:26:2c:53:87:b4:
42:57:e8:e4:24:8a:0c:73:4b:8c:81:ee:67:ea:7e:01:ec:fa:
e8:00:d5:c9:c4:ff:e4:77:3d:58:ef:df:9f:a4:e6:68:52:46:
5c:50:c2:4c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXt/b+OpThi76KtOynKHJYLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTI2MTIxMTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjlmYTg2Y2MyNDM4ZjdhZDc2ODMwZTE0ZDA2NDA3MTMwODBlMTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/SepzJe6uRa9KBFQg+z//QPkP1n
VeLbMG0+zCYG1xDToTEM7OCq9AGvXRAINS06FSuFs9hrgkzaDHlQYcFGUnXLl3r1
9WzcovMOxfHiRX3aCgqJ+bL37F30HVwhorEzWXIEpQ0aK9IWCWCqyoBYRWYcvnPt
X07HMTI2/7Jis2vYSMtCC5QVYNhkQTz4ecRZwP7pYy2JjXbmZvu1qasTspva5Cce
Y4/lLLstJV8Pg0ngTVNPRvLaCXggaZ8XoddyUj3PKNi+/69MSGW4VdzcsOMOzfbu
IVFQL4hPswu5keAtiZ9aXO2n2W837juc5X8FUtw5bITRiqSIDtXd4uzFzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLafqGzCQ49612gw4U0GQHEwgOEeMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdHAtb2JNSkRqM3JYYUREaFRRWkFjVENBNFI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF+y0EdkCyuy6hxE2Uou
aN+M7Eoby/jIwUFfqnqUBRhAQN+sdacoZxg2evVnPyJngO+c/5FRqmCSPWFcDOas
Z0bVdYdEpOawrkVLlwJf8Jok2gVpdv3kFfVUOGFweSlCNhT/X8oGH1+xl6dfo5Q1
/YqCogqf2w+IlgMZEvdNjpm4qNj1rT+SFc75gRFBg7cWGQeamUQ0d7epEI/eP1Kl
6Bt7+vqtpVxPc9tcnpDmEwx2Uvzysk27QV1zLzW+KVLhiXzNSYkZ3aAwCSk5mwM3
72Pq+oMmLFOHtEJX6OQkigxzS4yB7mfqfgHs+ugA1cnE/+R3PVjv35+k5mhSRlxQ
wkw=
-----END CERTIFICATE-----
Generated at Fri May 2 13:11:18 2025 by rpki-client