Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/txcgfiWNnvUjKyC9zK0bi89VrZ0.roa
File: txcgfiWNnvUjKyC9zK0bi89VrZ0.roa (raw, json)
Hash identifier: vFgzYaGmAwHMDHpit78et63e8wSfrf8ofWvoEfcw4qc=
Subject key identifier: B7:17:20:7E:25:8D:9E:F5:23:2B:20:BD:CC:AD:1B:8B:CF:55:AD:9D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A227F90B626378C6CC2E03B9DDCA4C0CE
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/txcgfiWNnvUjKyC9zK0bi89VrZ0.roa
Signing time: Wed 23 Aug 2023 13:04:59 +0000
ROA not before: Wed 23 Aug 2023 13:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:18a:227f:34/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:22:7f:90:b6:26:37:8c:6c:c2:e0:3b:9d:dc:a4:c0:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 23 13:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b717207e258d9ef5232b20bdccad1b8bcf55ad9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6a:a2:06:63:f3:18:3a:d1:e3:17:4b:47:a6:
a6:75:06:24:49:b6:de:5b:4c:33:7d:7b:19:07:84:
e0:d0:de:7c:fd:59:ae:ab:f8:1a:c0:67:28:a6:77:
ca:11:b7:06:ac:ba:f4:a5:36:4c:1e:91:94:3f:36:
5d:e8:34:97:e7:ca:24:97:25:f1:a9:f6:68:79:38:
94:d3:e6:13:83:02:ec:d0:b7:3a:a8:4a:89:e8:44:
49:4b:2c:de:0b:76:fd:47:8c:1f:56:1a:8c:d8:9a:
69:10:b6:80:71:e9:c2:f4:e5:93:38:7b:2f:67:b6:
55:82:86:e1:4e:e3:33:cc:1f:76:c6:da:b8:db:25:
63:be:4d:d6:f8:7f:38:16:de:05:4c:c4:dd:09:6e:
d4:a0:52:90:26:1c:35:7f:64:81:e2:b8:e8:39:36:
44:46:a2:a8:2b:95:fd:0f:05:be:09:6c:30:21:f3:
d5:8e:02:04:a9:53:47:13:ac:0b:75:72:05:6c:2f:
ba:d5:60:ad:4d:33:77:9f:c4:9f:44:b4:1f:52:4f:
92:bd:2f:ea:a6:77:16:84:f7:b9:62:10:af:e1:05:
00:d9:c5:fa:d2:51:df:23:b8:b8:72:96:f2:40:f7:
1d:2d:3b:f8:c7:4b:2c:80:aa:1c:17:25:40:86:b7:
c7:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:17:20:7E:25:8D:9E:F5:23:2B:20:BD:CC:AD:1B:8B:CF:55:AD:9D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/txcgfiWNnvUjKyC9zK0bi89VrZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3a:0d:01:07:31:8a:bb:6c:67:f7:2b:e7:8b:56:23:71:ed:51:
5e:0b:7a:7d:a9:4b:38:8a:3a:63:c5:44:19:ad:28:c2:aa:4a:
aa:07:b7:9d:2c:d4:7c:20:3d:57:d8:ec:93:bf:55:b5:3c:71:
84:7c:37:e4:d0:0b:92:15:53:5a:52:d5:a2:62:eb:05:3e:2b:
b1:b8:ab:e3:0f:a9:0c:a9:42:99:06:bd:4e:ca:8c:c3:49:aa:
b8:17:ef:b5:61:a8:0c:da:f6:f4:45:43:f1:35:3a:1b:0c:cc:
1e:0e:52:7f:77:75:20:fc:3f:10:16:5a:5d:bf:62:79:ee:e2:
81:c1:b6:27:ef:29:8d:62:9f:7d:9f:30:6c:99:3d:fb:53:aa:
7c:f0:e4:cd:a2:7f:43:82:73:2d:fb:3d:b9:78:84:6e:5f:f0:
a9:3e:b7:85:10:87:9c:b5:75:c9:b2:be:a3:36:a9:f6:83:4c:
d2:e1:27:68:f2:dc:ed:ca:9e:2d:fb:f6:03:53:49:ba:cb:50:
fb:44:58:6e:03:a8:38:25:f1:bf:3c:8b:6d:ef:94:e2:cf:a9:
63:d7:f6:d0:87:11:fc:53:13:06:11:b0:fd:7f:15:08:cb:89:
8d:e1:cf:26:b7:13:e0:09:02:4f:03:8e:77:8d:d7:fc:54:87:
80:48:bf:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoif5C2JjeMbMLgO53cpMDOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIzMTMwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzE3MjA3ZTI1OGQ5ZWY1MjMyYjIwYmRjY2FkMWI4YmNmNTVhZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGqiBmPzGDrR4xdLR6amdQYkSbbe
W0wzfXsZB4Tg0N58/Vmuq/gawGcopnfKEbcGrLr0pTZMHpGUPzZd6DSX58oklyXx
qfZoeTiU0+YTgwLs0Lc6qEqJ6ERJSyzeC3b9R4wfVhqM2JppELaAcenC9OWTOHsv
Z7ZVgobhTuMzzB92xtq42yVjvk3W+H84Ft4FTMTdCW7UoFKQJhw1f2SB4rjoOTZE
RqKoK5X9DwW+CWwwIfPVjgIEqVNHE6wLdXIFbC+61WCtTTN3n8SfRLQfUk+SvS/q
pncWhPe5YhCv4QUA2cX60lHfI7i4cpbyQPcdLTv4x0ssgKocFyVAhrfHDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLcXIH4ljZ71IysgvcytG4vPVa2dMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdHhjZ2ZpV05udlVqS3lDOXpLMGJpODlWclowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADoNAQcxirtsZ/cr54tW
I3HtUV4Len2pSziKOmPFRBmtKMKqSqoHt50s1HwgPVfY7JO/VbU8cYR8N+TQC5IV
U1pS1aJi6wU+K7G4q+MPqQypQpkGvU7KjMNJqrgX77VhqAza9vRFQ/E1OhsMzB4O
Un93dSD8PxAWWl2/Ynnu4oHBtifvKY1in32fMGyZPftTqnzw5M2if0OCcy37Pbl4
hG5f8Kk+t4UQh5y1dcmyvqM2qfaDTNLhJ2jy3O3Kni379gNTSbrLUPtEWG4DqDgl
8b88i23vlOLPqWPX9tCHEfxTEwYRsP1/FQjLiY3hzya3E+AJAk8DjneN1/xUh4BI
v3g=
-----END CERTIFICATE-----
Generated at Mon May 5 16:13:37 2025 by rpki-client