Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tp0MPMO0W-bOMlEXvPgmntOHkeE.roa
File: tp0MPMO0W-bOMlEXvPgmntOHkeE.roa (raw, json)
Hash identifier: rlW4AfdSZJmVkVuzb3Ins/oama2Rq+Yv07q3JykycNI=
Subject key identifier: B6:9D:0C:3C:C3:B4:5B:E6:CE:32:51:17:BC:F8:26:9E:D3:87:91:E1
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 678DD669
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tp0MPMO0W-bOMlEXvPgmntOHkeE.roa
Signing time: Thu 03 Feb 2022 17:04:35 +0000
ROA not before: Thu 03 Feb 2022 17:04:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17e:a0dd:2f5b/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:17e:c08b:83d3/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1737348713 (0x678dd669)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 3 17:04:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b69d0c3cc3b45be6ce325117bcf8269ed38791e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:58:15:8b:13:b2:d1:59:c0:a1:65:2d:ed:63:
da:0b:f1:b9:c9:2f:b4:c4:fa:6a:8f:79:44:95:af:
6a:40:86:e5:2a:d4:d3:cc:69:9c:a9:a3:3f:db:54:
b3:2d:5e:21:c7:a1:72:06:3e:1a:a4:50:b3:3d:7a:
6b:68:88:0b:5c:ac:14:88:ab:ac:d1:c6:d3:f3:04:
e8:8f:11:79:ff:06:c0:97:47:c2:03:a3:75:3f:c3:
2c:85:96:2a:6c:39:0f:54:90:4b:e2:55:34:93:6e:
3b:5e:81:90:42:bd:4d:81:e6:cd:0c:7d:45:d7:19:
9b:62:af:1d:e6:66:b3:e7:02:00:ab:e2:ff:74:2f:
a9:a8:a7:f4:6b:57:4c:b8:ac:cb:68:bf:f1:b4:d0:
19:0c:ea:f4:d0:a1:0a:78:56:0f:fd:9a:15:9c:cd:
79:23:a5:c7:82:19:f8:12:a3:e0:23:49:fd:66:ca:
dd:04:d0:97:d6:08:90:3a:e9:e4:49:0a:68:77:31:
a3:8a:44:c0:7a:1e:73:8d:ec:68:0f:2d:17:16:13:
3d:57:8d:29:61:95:15:e0:73:75:e4:c4:42:fa:03:
7b:b9:b3:ec:2f:62:2b:16:e9:f6:78:3e:d7:3d:c8:
02:cd:7e:f7:4b:c1:98:c2:a9:7a:c8:75:9c:d1:25:
73:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:9D:0C:3C:C3:B4:5B:E6:CE:32:51:17:BC:F8:26:9E:D3:87:91:E1
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tp0MPMO0W-bOMlEXvPgmntOHkeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
90:58:6b:7b:b1:60:d8:bb:1a:d2:49:91:77:5d:63:40:15:ce:
4b:4c:49:52:94:54:20:7f:d8:e3:41:51:33:66:ff:6e:f7:95:
a2:56:59:ee:07:2b:86:fc:cb:a2:15:24:b9:6a:3a:f8:68:23:
9c:4a:38:94:85:75:20:bb:d9:7b:7e:70:54:e0:92:da:ee:a2:
9e:b1:9f:97:c0:d6:8a:b7:3f:0c:c7:2c:da:cb:31:da:8b:f0:
dc:64:4f:2d:8e:ed:64:e0:a3:af:e0:de:cd:1e:7a:07:2a:ea:
38:d6:71:7c:b3:26:80:d9:f8:ca:ab:3f:53:97:8d:aa:8d:51:
6a:01:9b:30:b3:70:ad:77:e4:1d:08:7b:08:35:9a:b3:31:3d:
84:92:40:e7:4a:2f:db:da:ca:b0:48:78:05:fa:d7:c5:85:fa:
aa:53:44:2e:0a:8e:98:f4:ba:3f:25:b4:0a:0f:b2:c8:a5:09:
79:53:d9:ba:65:0c:2e:24:ed:14:22:49:80:ec:bd:32:0c:75:
06:9d:e5:a9:bb:76:99:75:b7:bc:53:79:58:a3:e2:ed:f8:31:
13:d1:f7:f4:60:42:bc:87:76:10:2e:c5:34:ba:03:a0:58:87:
7d:10:5e:00:73:28:5f:2b:7f:b7:f4:1c:87:7a:2d:a1:9e:dd:
91:cd:d8:6f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEZ43WaTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDIw
MzE3MDQzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjY5ZDBjM2NjM2I0
NWJlNmNlMzI1MTE3YmNmODI2OWVkMzg3OTFlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO1YFYsTstFZwKFlLe1j2gvxuckvtMT6ao95RJWvakCG5SrU
08xpnKmjP9tUsy1eIcehcgY+GqRQsz16a2iIC1ysFIirrNHG0/ME6I8Ref8GwJdH
wgOjdT/DLIWWKmw5D1SQS+JVNJNuO16BkEK9TYHmzQx9RdcZm2KvHeZms+cCAKvi
/3Qvqain9GtXTLisy2i/8bTQGQzq9NChCnhWD/2aFZzNeSOlx4IZ+BKj4CNJ/WbK
3QTQl9YIkDrp5EkKaHcxo4pEwHoec43saA8tFxYTPVeNKWGVFeBzdeTEQvoDe7mz
7C9iKxbp9ng+1z3IAs1+90vBmMKpesh1nNElc40CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBS2nQw8w7Rb5s4yURe8+Cae04eR4TAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L3RwME1QTU8wVy1iT01sRVh2UGdtbnRPSGtlRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQCQWGt7sWDYuxrSSZF3XWNAFc5LTElSlFQgf9jj
QVEzZv9u95WiVlnuByuG/MuiFSS5ajr4aCOcSjiUhXUgu9l7fnBU4JLa7qKesZ+X
wNaKtz8MxyzayzHai/DcZE8tju1k4KOv4N7NHnoHKuo41nF8syaA2fjKqz9Tl42q
jVFqAZsws3Ctd+QdCHsINZqzMT2EkkDnSi/b2sqwSHgF+tfFhfqqU0QuCo6Y9Lo/
JbQKD7LIpQl5U9m6ZQwuJO0UIkmA7L0yDHUGneWpu3aZdbe8U3lYo+Lt+DET0ff0
YEK8h3YQLsU0ugOgWId9EF4AcyhfK3+39ByHei2hnt2Rzdhv
-----END CERTIFICATE-----
Generated at Fri May 2 09:13:02 2025 by rpki-client