Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TTat5BCjy8-vNytdMLraltdf2YM.roa
File: TTat5BCjy8-vNytdMLraltdf2YM.roa (raw, json)
Hash identifier: lq4tQrh0RWxNnmLWWEwqRCWzDzNnuSjanOzteqLf4vo=
Subject key identifier: 4D:36:AD:E4:10:A3:CB:CF:AF:37:2B:5D:30:BA:DA:96:D7:5F:D9:83
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018611A14F96415B38FA627512F0B346F08B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TTat5BCjy8-vNytdMLraltdf2YM.roa
Signing time: Thu 02 Feb 2023 10:17:09 +0000
ROA not before: Thu 02 Feb 2023 10:17:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:11:a1:4f:96:41:5b:38:fa:62:75:12:f0:b3:46:f0:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 2 10:17:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d36ade410a3cbcfaf372b5d30bada96d75fd983
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:89:02:6c:05:77:40:b4:96:c0:23:18:a2:69:
83:00:65:6e:31:11:40:97:10:ae:da:e9:fa:64:d3:
a9:41:f0:2f:9c:c6:6b:bc:5a:69:9b:b7:08:20:b2:
fd:57:4a:f1:48:be:75:6a:c0:0b:22:ed:9f:5a:46:
c1:5b:f6:69:d6:dd:79:88:6d:ec:12:dc:f5:3a:4d:
2a:28:90:d2:2d:2a:5d:b8:6f:3d:93:5b:f2:c2:8b:
32:c8:78:07:cd:5f:ce:2e:6a:24:67:f3:1c:4a:7a:
f1:a4:42:84:1e:34:5c:d8:15:51:50:cc:e4:4e:84:
cc:69:e0:eb:60:d8:a0:84:83:3d:85:cc:83:5d:43:
a5:f6:94:d0:6c:dc:9f:ca:a1:e0:41:9b:01:11:00:
57:f9:9b:99:1d:3d:67:8a:3e:76:98:58:3f:4d:ce:
55:98:a6:29:12:67:7b:dd:69:95:7a:28:d1:00:d6:
a9:d7:d3:7d:12:a8:9a:63:e5:43:5e:4b:19:75:21:
6d:be:e3:2e:93:18:f1:01:7a:23:f3:78:18:e0:e9:
e9:12:b2:96:ee:19:e2:54:88:9f:8a:fd:2c:34:52:
10:c5:90:43:6f:bd:ba:3e:19:60:c2:35:bd:02:ad:
f1:85:54:13:c9:dc:57:f1:aa:d6:74:7d:9a:80:b9:
d6:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:36:AD:E4:10:A3:CB:CF:AF:37:2B:5D:30:BA:DA:96:D7:5F:D9:83
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/TTat5BCjy8-vNytdMLraltdf2YM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
45:aa:b9:0a:3f:ce:b0:a6:da:cb:e6:cf:32:32:7a:5a:82:57:
27:f8:39:1c:28:a4:f6:ed:0a:cc:6b:e0:05:5e:39:9c:5c:be:
58:db:26:71:67:c6:37:00:f1:f8:10:96:07:7c:84:4d:61:0c:
15:2d:2f:fc:e0:98:eb:86:f1:d8:aa:80:8a:52:44:07:34:5e:
15:f6:b1:97:e6:2d:99:07:8b:fa:49:55:0f:af:18:5d:c2:3b:
17:05:1b:47:f1:50:82:85:73:bc:b5:32:e2:84:ef:11:9a:3d:
b3:b6:ac:a6:3e:ff:ce:e5:47:fb:16:de:08:e0:5b:fb:48:d7:
8a:62:51:7d:fa:8d:15:2a:24:60:eb:41:aa:b6:9b:67:65:42:
fd:5d:d3:52:54:74:fa:96:98:03:6b:e2:e4:16:c1:25:cb:9b:
bf:e0:0d:42:ed:57:95:fe:1e:dc:7b:41:bc:11:47:53:bc:4a:
00:bc:1d:ba:d0:09:b9:60:3e:17:8d:74:fc:bb:a4:a9:a5:8d:
f0:36:5a:d2:cc:fa:65:5b:e1:11:ce:7e:9e:c0:0f:54:e2:f0:
fc:cc:f3:3f:8d:81:e9:3b:ae:f2:3f:d9:0e:0f:ac:e0:13:29:
58:02:d0:d8:80:3d:5e:32:0d:a7:35:b1:2f:6d:19:d7:42:3b:
73:5d:22:59
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYYRoU+WQVs4+mJ1EvCzRvCLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjAyMTAxNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDM2YWRlNDEwYTNjYmNmYWYzNzJiNWQzMGJhZGE5NmQ3NWZkOTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYkCbAV3QLSWwCMYommDAGVuMRFA
lxCu2un6ZNOpQfAvnMZrvFppm7cIILL9V0rxSL51asALIu2fWkbBW/Zp1t15iG3s
Etz1Ok0qKJDSLSpduG89k1vywosyyHgHzV/OLmokZ/McSnrxpEKEHjRc2BVRUMzk
ToTMaeDrYNighIM9hcyDXUOl9pTQbNyfyqHgQZsBEQBX+ZuZHT1nij52mFg/Tc5V
mKYpEmd73WmVeijRANap19N9EqiaY+VDXksZdSFtvuMukxjxAXoj83gY4OnpErKW
7hniVIifiv0sNFIQxZBDb726PhlgwjW9Aq3xhVQTydxX8arWdH2agLnW3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE02reQQo8vPrzcrXTC62pbXX9mDMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvVFRhdDVCQ2p5OC12Tnl0ZE1McmFsdGRmMllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEWquQo/zrCm2svmzzIy
elqCVyf4ORwopPbtCsxr4AVeOZxcvljbJnFnxjcA8fgQlgd8hE1hDBUtL/zgmOuG
8diqgIpSRAc0XhX2sZfmLZkHi/pJVQ+vGF3COxcFG0fxUIKFc7y1MuKE7xGaPbO2
rKY+/87lR/sW3gjgW/tI14piUX36jRUqJGDrQaq2m2dlQv1d01JUdPqWmANr4uQW
wSXLm7/gDULtV5X+Htx7QbwRR1O8SgC8HbrQCblgPheNdPy7pKmljfA2WtLM+mVb
4RHOfp7AD1Ti8PzM8z+Ngek7rvI/2Q4PrOATKVgC0NiAPV4yDac1sS9tGddCO3Nd
Ilk=
-----END CERTIFICATE-----
Generated at Mon Jun 9 19:05:24 2025 by rpki-client