Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/TwVypnrHxzX_GI3GuyBjookoxEM.roa
File: TwVypnrHxzX_GI3GuyBjookoxEM.roa (raw, json)
Hash identifier: LhlW2GmxfB1XsoOAmoh+T+DjmF1MJ9z5qgwtIgW+wKk=
Subject key identifier: 4F:05:72:A6:7A:C7:C7:35:FF:18:8D:C6:BB:20:63:A2:89:28:C4:43
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 0194258ED47664E0EC82B67E99DC5D44B5C2
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/TwVypnrHxzX_GI3GuyBjookoxEM.roa
Signing time: Thu 02 Jan 2025 05:48:24 +0000
ROA not before: Thu 02 Jan 2025 05:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204721
IP address blocks: 2a0e:aa07:e040::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:d4:76:64:e0:ec:82:b6:7e:99:dc:5d:44:b5:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 2 05:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f0572a67ac7c735ff188dc6bb2063a28928c443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:72:5e:e4:25:19:80:b6:a6:0c:fe:e5:78:85:
68:48:ec:da:15:0a:a6:a2:55:2d:33:f5:99:ba:71:
fd:f9:e6:92:f2:92:41:8d:d8:43:ca:2c:81:b8:96:
49:e4:d0:bc:09:01:1b:64:eb:19:77:04:d9:89:d1:
20:02:98:f6:48:d5:29:19:81:b1:2d:c8:51:c1:ed:
c6:d7:49:1e:62:bf:96:aa:80:f5:2c:8d:f7:5a:38:
fe:5b:b3:e8:1c:6c:85:60:fb:b8:49:c5:22:63:11:
8c:ee:7d:68:78:e3:6b:ed:a9:84:8d:77:a5:21:32:
af:d4:21:89:4a:49:d3:c5:57:e4:b0:8f:a1:75:20:
8f:5e:54:2a:07:39:45:21:15:7a:2f:eb:2b:76:dc:
72:be:bf:41:28:d3:85:41:bf:83:be:e3:07:2c:5e:
e6:f1:c2:f1:cd:c1:a6:31:70:43:89:bb:7d:47:7f:
8f:fd:4b:95:ea:b8:bb:64:ae:2c:cd:02:ac:bf:47:
a4:b3:76:1b:ff:52:07:82:18:8a:7c:ea:88:8c:22:
0d:42:24:41:89:f3:dd:03:f2:5a:e6:49:36:3a:0f:
9f:19:f8:f4:62:19:b5:89:d7:68:1b:6f:08:92:54:
8d:a0:ce:eb:78:31:b4:99:f1:de:c2:57:95:38:fd:
d8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:05:72:A6:7A:C7:C7:35:FF:18:8D:C6:BB:20:63:A2:89:28:C4:43
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/TwVypnrHxzX_GI3GuyBjookoxEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e040::/48
Signature Algorithm: sha256WithRSAEncryption
23:4b:3a:bb:00:fe:0c:2f:2d:dd:83:a4:37:3c:17:28:c7:d1:
fc:84:e6:df:ea:33:a6:c0:e7:46:c4:62:23:e0:7e:41:e9:f6:
20:e3:cd:eb:e7:13:b1:6a:5c:c4:e4:88:84:8e:c6:e3:8b:cf:
d0:1a:37:f2:da:8b:c3:70:2d:4e:a1:a3:b2:48:34:7a:1d:d7:
0e:61:93:81:99:78:ea:c0:7c:53:54:ac:8c:af:ac:ca:7b:1d:
38:0d:61:38:e1:55:95:d4:7c:fd:18:ae:a0:59:bd:fe:12:a0:
b5:6c:32:5b:37:72:4e:2b:86:de:3f:f5:48:c7:11:b4:be:21:
36:76:b0:9f:12:ff:0e:69:77:62:08:f1:33:c4:1c:6f:cd:a9:
f4:fc:ad:f2:83:c6:fe:21:02:59:62:72:0f:8d:6f:1a:17:40:
0b:1b:b4:84:16:10:d5:b7:0f:8e:d9:bd:3b:b6:c9:0e:70:14:
10:29:34:c0:f3:11:df:70:54:dd:e8:dd:59:c1:2a:56:0d:af:
d7:c5:c1:9a:bb:d2:d9:d9:86:9f:96:37:e4:0c:47:0b:ee:7e:
44:f0:9a:66:8a:88:42:fe:93:b3:1c:b1:a8:b7:31:ec:85:df:
27:a8:85:dc:82:ba:cf:ac:d2:7a:fa:bb:52:e9:61:9b:01:9b:
95:2c:31:aa
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQljtR2ZODsgrZ+mdxdRLXCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjUwMTAyMDU0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjA1NzJhNjdhYzdjNzM1ZmYxODhkYzZiYjIwNjNhMjg5MjhjNDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnJe5CUZgLamDP7leIVoSOzaFQqm
olUtM/WZunH9+eaS8pJBjdhDyiyBuJZJ5NC8CQEbZOsZdwTZidEgApj2SNUpGYGx
LchRwe3G10keYr+WqoD1LI33Wjj+W7PoHGyFYPu4ScUiYxGM7n1oeONr7amEjXel
ITKv1CGJSknTxVfksI+hdSCPXlQqBzlFIRV6L+srdtxyvr9BKNOFQb+DvuMHLF7m
8cLxzcGmMXBDibt9R3+P/UuV6ri7ZK4szQKsv0eks3Yb/1IHghiKfOqIjCINQiRB
ifPdA/Ja5kk2Og+fGfj0Yhm1iddoG28IklSNoM7reDG0mfHewleVOP3Y3QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFE8FcqZ6x8c1/xiNxrsgY6KJKMRDMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvVHdWeXBuckh4elhfR0kzR3V5Qmpvb2tveEVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6qB+BA
MA0GCSqGSIb3DQEBCwUAA4IBAQAjSzq7AP4MLy3dg6Q3PBcox9H8hObf6jOmwOdG
xGIj4H5B6fYg483r5xOxalzE5IiEjsbji8/QGjfy2ovDcC1OoaOySDR6HdcOYZOB
mXjqwHxTVKyMr6zKex04DWE44VWV1Hz9GK6gWb3+EqC1bDJbN3JOK4beP/VIxxG0
viE2drCfEv8OaXdiCPEzxBxvzan0/K3yg8b+IQJZYnIPjW8aF0ALG7SEFhDVtw+O
2b07tskOcBQQKTTA8xHfcFTd6N1ZwSpWDa/XxcGau9LZ2YafljfkDEcL7n5E8Jpm
iohC/pOzHLGotzHshd8nqIXcgrrPrNJ6+rtS6WGbAZuVLDGq
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:17:48 2025 by rpki-client