Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TFXwChx84zE0oGd3kceI28fwIlo.roa
File: TFXwChx84zE0oGd3kceI28fwIlo.roa (raw, json)
Hash identifier: ccjMeJtySeE+650PyRvVF0/OEL5yrtj86qZpDSmdG3U=
Subject key identifier: 4C:55:F0:0A:1C:7C:E3:31:34:A0:67:77:91:C7:88:DB:C7:F0:22:5A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0181F4E8DAA96B8E47CB12ACE2EB71596EEC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TFXwChx84zE0oGd3kceI28fwIlo.roa
Signing time: Wed 13 Jul 2022 00:15:09 +0000
ROA not before: Wed 13 Jul 2022 00:15:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f4:e8:da:a9:6b:8e:47:cb:12:ac:e2:eb:71:59:6e:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 13 00:15:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4c55f00a1c7ce33134a0677791c788dbc7f0225a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b9:d2:9b:8a:6b:3e:89:ae:c3:d1:c0:ed:ae:
27:88:f6:f1:f6:f0:55:e4:db:8f:d3:aa:ba:50:cb:
0b:af:e9:e1:6b:ca:f6:7c:8c:46:81:ab:5d:92:22:
6d:86:b1:ed:44:7c:65:bb:14:a7:8f:67:4b:d7:b5:
9e:ab:7d:4e:d0:2d:86:63:b2:9a:40:cd:32:fa:ee:
f1:35:a2:61:5e:59:b5:9d:0a:d1:21:55:92:09:2d:
6b:3d:70:29:10:81:35:66:8f:84:c6:48:02:48:0e:
68:6e:f1:c4:3c:b0:00:f8:6a:93:2c:0e:a5:22:be:
c8:ff:41:da:79:a4:2c:43:d4:43:6d:1b:8b:43:33:
8f:b5:00:6e:02:b7:f3:ff:1a:66:9b:21:ea:75:00:
55:47:b4:4c:c3:26:6d:09:30:d8:42:a6:d6:c8:ac:
ad:c8:4b:ba:8a:61:02:61:93:b9:4c:ed:fe:79:e0:
eb:b2:0b:03:e2:97:f6:8e:da:82:e3:30:85:2a:a3:
01:4a:ca:66:9a:ff:64:77:10:79:0f:67:7d:b6:44:
45:ae:55:fe:a1:9b:f8:d3:1b:76:5e:6f:8b:cd:9d:
40:33:22:3c:95:8b:62:73:ea:39:9d:08:07:1f:53:
39:99:aa:52:de:90:02:03:dd:23:d1:89:a7:ea:3c:
df:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:55:F0:0A:1C:7C:E3:31:34:A0:67:77:91:C7:88:DB:C7:F0:22:5A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TFXwChx84zE0oGd3kceI28fwIlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
99:1d:de:6c:cb:53:ea:69:74:a3:9a:4a:5b:73:2d:ba:63:1a:
28:9e:23:c4:2c:4b:82:37:95:d0:86:17:4d:8b:ed:fb:75:ac:
62:0a:bf:11:41:d2:a2:0e:9f:2d:e4:a0:47:67:52:5d:a4:e7:
a5:f6:97:69:c0:c9:69:8a:e4:54:5f:a0:a5:9c:dc:87:e4:3b:
59:2e:2f:1d:3c:aa:61:1f:34:bf:88:f3:27:c5:d3:db:ab:8d:
af:a4:90:1b:8d:3e:a1:61:fd:5a:75:82:48:e9:f5:86:9c:8e:
41:26:73:0c:17:08:fa:75:2d:50:f8:0c:36:a8:ee:05:e5:e2:
19:46:16:b0:b7:09:d7:ad:1b:69:a4:c7:fc:db:d8:f9:4f:01:
8a:b7:58:99:bd:39:ab:ac:ce:35:fa:af:c8:a3:c6:41:15:e8:
9b:4c:31:dc:80:e8:b1:93:bb:21:16:27:d6:e0:7a:54:56:c5:
a0:b0:1d:af:7b:eb:a0:f3:8e:5c:57:e3:15:d0:e5:83:b9:9a:
f0:da:54:e3:54:31:51:6d:7b:71:dd:91:a7:ee:a3:80:9b:04:
7c:64:17:f2:b9:da:e0:a1:03:27:d3:bf:c3:7c:23:f7:59:a5:
8b:26:8a:75:61:0d:80:b6:13:5e:e8:cc:a6:d8:bc:b7:ef:b8:
ff:96:34:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYH06Nqpa45HyxKs4utxWW7sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwNzEzMDAxNTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzU1ZjAwYTFjN2NlMzMxMzRhMDY3Nzc5MWM3ODhkYmM3ZjAyMjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLnSm4prPomuw9HA7a4niPbx9vBV
5NuP06q6UMsLr+nha8r2fIxGgatdkiJthrHtRHxluxSnj2dL17Weq31O0C2GY7Ka
QM0y+u7xNaJhXlm1nQrRIVWSCS1rPXApEIE1Zo+ExkgCSA5obvHEPLAA+GqTLA6l
Ir7I/0HaeaQsQ9RDbRuLQzOPtQBuArfz/xpmmyHqdQBVR7RMwyZtCTDYQqbWyKyt
yEu6imECYZO5TO3+eeDrsgsD4pf2jtqC4zCFKqMBSspmmv9kdxB5D2d9tkRFrlX+
oZv40xt2Xm+LzZ1AMyI8lYtic+o5nQgHH1M5mapS3pACA90j0Ymn6jzf4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFExV8AocfOMxNKBnd5HHiNvH8CJaMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVEZYd0NoeDg0ekUwb0dkM2tjZUkyOGZ3SWxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJkd3mzLU+ppdKOaSltz
LbpjGiieI8QsS4I3ldCGF02L7ft1rGIKvxFB0qIOny3koEdnUl2k56X2l2nAyWmK
5FRfoKWc3IfkO1kuLx08qmEfNL+I8yfF09urja+kkBuNPqFh/Vp1gkjp9YacjkEm
cwwXCPp1LVD4DDao7gXl4hlGFrC3CdetG2mkx/zb2PlPAYq3WJm9OauszjX6r8ij
xkEV6JtMMdyA6LGTuyEWJ9bgelRWxaCwHa9766DzjlxX4xXQ5YO5mvDaVONUMVFt
e3Hdkafuo4CbBHxkF/K52uChAyfTv8N8I/dZpYsminVhDYC2E17ozKbYvLfvuP+W
NKE=
-----END CERTIFICATE-----
Generated at Thu Jun 12 04:13:26 2025 by rpki-client