Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tyZtFOoPMy64tgEY1fRR64R2WLU.roa
File: tyZtFOoPMy64tgEY1fRR64R2WLU.roa (raw, json)
Hash identifier: AD7dmO8TkUoZcMzHNIOBtgAhYMDS2qOjbK+2ey20la0=
Subject key identifier: B7:26:6D:14:EA:0F:33:2E:B8:B6:01:18:D5:F4:51:EB:84:76:58:B5
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185A5ABE726BCBF36712B4855B8BAB4A69B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tyZtFOoPMy64tgEY1fRR64R2WLU.roa
Signing time: Thu 12 Jan 2023 11:09:44 +0000
ROA not before: Thu 12 Jan 2023 11:09:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a5:ab:e7:26:bc:bf:36:71:2b:48:55:b8:ba:b4:a6:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 12 11:09:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7266d14ea0f332eb8b60118d5f451eb847658b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:58:be:73:34:ed:bb:7b:9d:7e:98:44:d4:41:
ce:a4:f9:b1:f4:08:c7:a3:28:50:e4:4e:93:6d:74:
c4:d0:b2:46:f5:40:ab:ba:96:d9:70:80:6c:f6:a1:
40:9e:23:7e:17:4b:25:66:8e:c0:a2:80:e8:57:98:
c7:43:c5:14:1d:b2:f2:19:d2:83:c7:38:a9:bc:0f:
6e:3b:a1:54:4f:d3:bc:bd:99:1e:08:2c:64:48:2b:
d4:ba:04:88:cc:07:52:e8:49:66:94:d3:e6:00:16:
de:22:68:ee:93:00:cc:3d:7c:9d:3c:9a:ff:12:fd:
d6:aa:81:68:00:b6:79:1c:16:9b:9e:a6:54:1f:b6:
c0:0f:1e:34:9e:c5:f6:e4:3a:4d:e4:92:99:c3:4f:
70:5e:2b:14:91:a4:59:f1:2a:9d:4c:59:b3:aa:3b:
d4:8e:b0:d6:6c:db:39:e4:84:30:87:47:b4:3a:a9:
de:68:fe:9c:ae:18:fc:fd:db:ac:65:41:da:61:ce:
f3:76:b6:cf:09:09:a1:cf:c9:4b:b4:85:23:5b:14:
4f:e7:48:87:7e:32:7b:b3:29:46:89:5f:e3:67:92:
3b:bc:ab:09:a1:c2:70:f1:69:b3:66:91:e8:2e:06:
c2:c8:3a:61:fd:c2:c1:0e:82:ad:48:06:5d:9c:c0:
97:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:26:6D:14:EA:0F:33:2E:B8:B6:01:18:D5:F4:51:EB:84:76:58:B5
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tyZtFOoPMy64tgEY1fRR64R2WLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
88:d9:d8:90:97:65:a8:12:38:77:27:0a:ba:d3:e9:04:69:9f:
2b:2e:be:c4:2f:a0:1f:dd:b0:62:1c:e9:2d:34:40:d4:e9:49:
72:25:82:4c:e9:77:6b:e1:95:2b:af:7e:ac:3f:b5:40:29:66:
ba:c4:e8:16:01:a7:f2:0d:d6:47:7e:42:c3:2b:7f:35:10:32:
ee:74:13:03:6f:66:59:2d:61:f8:34:b8:63:5b:82:d5:a0:ea:
b4:6c:e4:94:53:6e:47:a0:79:96:30:4e:f8:f0:d2:45:92:f9:
ad:6a:bc:b6:47:61:25:18:13:0d:a8:2b:6e:4e:8c:e6:5c:da:
97:e9:9e:14:1a:e2:34:e9:ea:91:35:6a:86:48:3a:ea:de:44:
af:46:e3:86:3e:a5:c4:a1:4d:50:d1:2c:4f:9c:8d:40:2e:60:
eb:00:4b:eb:5b:ff:12:20:3a:d7:f7:2c:ff:12:7b:0a:28:21:
63:bd:84:0f:45:bc:c0:de:c5:1c:5b:18:7a:6d:40:c8:29:50:
df:69:31:1f:36:57:57:8e:64:e8:ff:47:07:45:d2:0c:f4:e6:
fd:9c:aa:57:99:c7:e2:7c:aa:7d:e6:30:92:78:ee:89:e4:35:
b2:ae:8d:89:05:0c:b0:a9:74:7d:1c:62:d2:50:fe:82:ce:bd:
31:58:05:04
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWlq+cmvL82cStIVbi6tKabMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTEyMTEwOTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzI2NmQxNGVhMGYzMzJlYjhiNjAxMThkNWY0NTFlYjg0NzY1OGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFi+czTtu3udfphE1EHOpPmx9AjH
oyhQ5E6TbXTE0LJG9UCrupbZcIBs9qFAniN+F0slZo7AooDoV5jHQ8UUHbLyGdKD
xzipvA9uO6FUT9O8vZkeCCxkSCvUugSIzAdS6ElmlNPmABbeImjukwDMPXydPJr/
Ev3WqoFoALZ5HBabnqZUH7bADx40nsX25DpN5JKZw09wXisUkaRZ8SqdTFmzqjvU
jrDWbNs55IQwh0e0OqneaP6crhj8/dusZUHaYc7zdrbPCQmhz8lLtIUjWxRP50iH
fjJ7sylGiV/jZ5I7vKsJocJw8WmzZpHoLgbCyDph/cLBDoKtSAZdnMCXXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLcmbRTqDzMuuLYBGNX0UeuEdli1MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdHladEZPb1BNeTY0dGdFWTFmUlI2NFIyV0xVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIjZ2JCXZagSOHcnCrrT
6QRpnysuvsQvoB/dsGIc6S00QNTpSXIlgkzpd2vhlSuvfqw/tUApZrrE6BYBp/IN
1kd+QsMrfzUQMu50EwNvZlktYfg0uGNbgtWg6rRs5JRTbkegeZYwTvjw0kWS+a1q
vLZHYSUYEw2oK25OjOZc2pfpnhQa4jTp6pE1aoZIOureRK9G44Y+pcShTVDRLE+c
jUAuYOsAS+tb/xIgOtf3LP8SewooIWO9hA9FvMDexRxbGHptQMgpUN9pMR82V1eO
ZOj/RwdF0gz05v2cqleZx+J8qn3mMJJ47onkNbKujYkFDLCpdH0cYtJQ/oLOvTFY
BQQ=
-----END CERTIFICATE-----
Generated at Fri May 2 01:50:17 2025 by rpki-client