Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tdILnXOU-BP-czsuF8_hq19LkPs.roa
File: tdILnXOU-BP-czsuF8_hq19LkPs.roa (raw, json)
Hash identifier: hPK8CgIW0cF2CtRZ6MEoXsfagnG5iqCxRro/ghTkPSY=
Subject key identifier: B5:D2:0B:9D:73:94:F8:13:FE:73:3B:2E:17:CF:E1:AB:5F:4B:90:FB
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 78D54120
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tdILnXOU-BP-czsuF8_hq19LkPs.roa
Signing time: Wed 06 Apr 2022 03:10:43 +0000
ROA not before: Wed 06 Apr 2022 03:10:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2027241760 (0x78d54120)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Apr 6 03:10:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b5d20b9d7394f813fe733b2e17cfe1ab5f4b90fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:14:7b:36:ed:d6:4b:01:ee:b6:b3:85:04:a6:
cd:62:02:81:54:5c:5f:1e:53:2f:5e:03:ec:31:c2:
a8:af:2a:cb:bd:18:09:af:ef:d5:4f:ec:27:8b:1f:
e2:7f:f2:fe:66:47:91:ef:c6:f9:ea:df:e8:66:fb:
f6:59:8a:a6:b2:29:36:3f:21:cc:08:18:77:7f:37:
f9:e2:cd:ff:10:64:ad:3d:62:89:c0:5c:2c:11:19:
69:74:e5:a5:70:f6:12:bc:88:4d:d2:78:10:06:6d:
f5:53:56:c6:bf:e9:f2:99:c2:9d:04:2d:c1:b0:d6:
70:27:f4:7c:2d:c8:a9:7a:a4:31:d8:61:92:48:61:
b8:cc:f8:29:dd:b6:73:f9:23:ba:f7:11:66:a4:ef:
0e:73:f7:e5:39:6c:2e:0a:05:91:69:5c:61:ca:4c:
9d:b1:f6:84:6b:e6:53:f5:90:a5:d8:7a:d1:69:18:
a8:9f:03:13:aa:6e:d6:9d:60:ae:19:05:ee:05:b3:
93:c0:3e:49:bd:7a:f7:0c:2b:fb:7a:87:90:1a:38:
72:06:07:86:f3:a2:b9:6f:7a:7e:28:e2:72:ab:18:
9a:a5:98:fd:fa:71:4e:cf:40:89:68:94:db:53:2a:
23:fb:4b:86:c1:28:5b:c2:ac:1a:72:fd:4a:42:63:
cf:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:D2:0B:9D:73:94:F8:13:FE:73:3B:2E:17:CF:E1:AB:5F:4B:90:FB
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/tdILnXOU-BP-czsuF8_hq19LkPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:1f:d4:dc:1f:32:1f:bf:2c:b9:36:0e:d3:2a:aa:ca:8f:ea:
eb:51:65:46:a1:7d:14:49:63:68:1d:00:fc:97:4d:5d:1d:88:
39:11:c7:6a:6f:79:d2:9d:12:76:c7:bd:93:1a:2e:0a:9c:51:
93:b7:75:2a:2a:68:be:6f:68:cc:82:28:24:44:27:4b:27:c2:
d5:fb:70:7e:fa:7d:51:55:05:18:f8:17:1b:a5:e1:18:70:10:
ac:81:f7:4f:50:09:d9:c4:4d:ef:f6:f2:93:95:59:f7:cb:77:
f6:d2:c8:a1:9c:c4:f3:3d:f5:4d:a9:52:a0:ac:70:35:28:ac:
b5:de:17:03:f1:d6:0f:5e:0a:aa:f5:79:94:5d:12:cd:fb:82:
04:db:ee:26:be:24:28:d9:54:be:83:22:9a:5d:77:fc:95:25:
97:56:c9:08:36:10:23:02:a6:b0:ee:e2:12:2e:18:16:24:bc:
d9:1b:0a:18:e8:d6:fe:7b:69:55:5a:32:c3:39:9e:f9:80:94:
3d:5a:19:c8:4d:67:fc:9d:67:45:37:5c:2e:c7:d4:76:8f:55:
64:44:d1:a0:bb:56:a1:5d:a1:91:e4:ba:23:3e:19:91:41:30:
c7:1f:56:99:f6:85:9f:09:b5:7b:a5:94:bd:31:db:9a:1d:2e:
22:f9:35:d3
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEeNVBIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDQw
NjAzMTA0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjVkMjBiOWQ3Mzk0
ZjgxM2ZlNzMzYjJlMTdjZmUxYWI1ZjRiOTBmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMcUezbt1ksB7razhQSmzWICgVRcXx5TL14D7DHCqK8qy70Y
Ca/v1U/sJ4sf4n/y/mZHke/G+erf6Gb79lmKprIpNj8hzAgYd383+eLN/xBkrT1i
icBcLBEZaXTlpXD2EryITdJ4EAZt9VNWxr/p8pnCnQQtwbDWcCf0fC3IqXqkMdhh
kkhhuMz4Kd22c/kjuvcRZqTvDnP35TlsLgoFkWlcYcpMnbH2hGvmU/WQpdh60WkY
qJ8DE6pu1p1grhkF7gWzk8A+Sb169wwr+3qHkBo4cgYHhvOiuW96fijicqsYmqWY
/fpxTs9AiWiU21MqI/tLhsEoW8KsGnL9SkJjz/0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBS10gudc5T4E/5zOy4Xz+GrX0uQ+zAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L3RkSUxuWE9VLUJQLWN6c3VGOF9ocTE5TGtQcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQAsH9TcHzIfvyy5Ng7TKqrKj+rrUWVGoX0USWNo
HQD8l01dHYg5Ecdqb3nSnRJ2x72TGi4KnFGTt3UqKmi+b2jMgigkRCdLJ8LV+3B+
+n1RVQUY+BcbpeEYcBCsgfdPUAnZxE3v9vKTlVn3y3f20sihnMTzPfVNqVKgrHA1
KKy13hcD8dYPXgqq9XmUXRLN+4IE2+4mviQo2VS+gyKaXXf8lSWXVskINhAjAqaw
7uISLhgWJLzZGwoY6Nb+e2lVWjLDOZ75gJQ9WhnITWf8nWdFN1wux9R2j1VkRNGg
u1ahXaGR5LojPhmRQTDHH1aZ9oWfCbV7pZS9MduaHS4i+TXT
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:12:07 2025 by rpki-client