Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/twFLa3pSkBZM4oXAkRas_xOSleE.roa
File: twFLa3pSkBZM4oXAkRas_xOSleE.roa (raw, json)
Hash identifier: WGzfEzJQMi8hrJ272PUluI/rJOjrItU3R+1xD3dd9Kw=
Subject key identifier: B7:01:4B:6B:7A:52:90:16:4C:E2:85:C0:91:16:AC:FF:13:92:95:E1
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0186B033A942315E43FCE26454A0C98438EE
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/twFLa3pSkBZM4oXAkRas_xOSleE.roa
Signing time: Sun 05 Mar 2023 05:17:01 +0000
ROA not before: Sun 05 Mar 2023 05:17:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b0:33:a9:42:31:5e:43:fc:e2:64:54:a0:c9:84:38:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 5 05:17:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7014b6b7a5290164ce285c09116acff139295e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:8f:98:03:4c:e0:19:e5:c2:95:54:bb:b7:6c:
53:59:d3:ee:6f:91:22:10:f4:81:c3:0b:d6:b7:0b:
6d:c7:52:b3:2f:7a:10:ab:44:0a:bf:77:dd:74:b2:
10:f8:3f:f2:7c:c6:c6:cf:35:e1:6c:83:f6:1f:ce:
60:28:4e:08:83:49:24:14:73:7e:28:5e:c5:f6:1e:
bb:8d:fa:a8:eb:6a:30:0a:bd:f1:ea:10:1e:ae:69:
cd:c4:98:db:8c:2e:e3:2b:2a:16:f3:1b:09:15:63:
fb:4f:53:f8:23:d3:c2:86:b2:92:6a:3d:65:d8:93:
9a:9e:aa:d2:51:0c:56:77:cc:d7:3e:82:e5:30:12:
55:bb:94:05:c3:78:53:a4:1e:bf:91:c4:9b:20:d2:
99:5f:1c:bc:bc:1c:9f:6f:dd:4c:f9:f5:2d:80:1d:
11:6b:91:a4:0a:71:7a:58:96:76:89:36:ba:96:be:
79:53:3a:fe:9e:65:f4:66:81:69:f4:c0:fa:ca:28:
be:f5:30:6e:7b:a8:7a:92:14:7a:7f:37:ac:87:50:
15:da:5c:52:04:1d:40:7f:82:66:e4:a6:e2:12:97:
c1:8a:54:25:c4:9b:04:de:57:d1:c2:ce:fc:37:f0:
43:8a:73:f0:d1:d8:03:b3:53:f4:ab:38:5c:c5:5d:
0f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:01:4B:6B:7A:52:90:16:4C:E2:85:C0:91:16:AC:FF:13:92:95:E1
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/twFLa3pSkBZM4oXAkRas_xOSleE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2d:fc:cf:43:be:9e:2e:8a:7e:a5:08:20:61:47:23:e4:46:d4:
b8:3d:f0:80:99:1e:1a:a0:c0:a2:aa:ce:46:56:f7:77:24:ed:
c3:a0:cb:93:b3:67:61:0e:3f:f6:da:91:28:c1:9a:6d:6a:f5:
4a:c0:db:fd:00:b2:10:f9:d5:6a:d2:68:a7:7d:05:3a:f6:48:
2a:dd:bd:3d:57:89:2f:41:e9:d1:bf:37:e0:79:f0:ef:77:57:
72:98:a1:09:27:2d:9d:55:eb:57:38:65:24:50:62:b0:30:08:
65:be:52:f6:22:7d:3c:c3:59:12:19:f8:68:da:5f:5d:09:fa:
59:46:2c:c6:b7:60:d1:78:77:aa:5b:71:f8:74:d8:35:0b:77:
e0:52:5a:ec:7b:ab:35:36:bc:26:8a:c1:7a:fb:67:54:f6:3c:
58:8e:9f:fb:6f:ad:2d:f5:07:20:01:a9:16:fa:79:bc:c4:c3:
ae:68:9a:97:4c:52:f4:ee:4e:ff:4e:1f:a6:7f:10:3c:06:de:
5d:07:e6:81:09:cd:fc:3c:57:62:0c:0e:99:a6:04:44:08:6d:
a7:12:95:b1:dc:bc:cc:c0:76:f0:68:c9:28:df:cf:01:e5:75:
6a:b2:08:27:61:e2:6f:7e:a4:02:c9:47:f0:6b:37:d3:76:2e:
fb:6d:0d:8e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYawM6lCMV5D/OJkVKDJhDjuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMzA1MDUxNzAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzAxNGI2YjdhNTI5MDE2NGNlMjg1YzA5MTE2YWNmZjEzOTI5NWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Y+YA0zgGeXClVS7t2xTWdPub5Ei
EPSBwwvWtwttx1KzL3oQq0QKv3fddLIQ+D/yfMbGzzXhbIP2H85gKE4Ig0kkFHN+
KF7F9h67jfqo62owCr3x6hAermnNxJjbjC7jKyoW8xsJFWP7T1P4I9PChrKSaj1l
2JOanqrSUQxWd8zXPoLlMBJVu5QFw3hTpB6/kcSbINKZXxy8vByfb91M+fUtgB0R
a5GkCnF6WJZ2iTa6lr55Uzr+nmX0ZoFp9MD6yii+9TBue6h6khR6fzesh1AV2lxS
BB1Af4Jm5KbiEpfBilQlxJsE3lfRws78N/BDinPw0dgDs1P0qzhcxV0PVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLcBS2t6UpAWTOKFwJEWrP8TkpXhMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdHdGTGEzcFNrQlpNNG9YQWtSYXNfeE9TbGVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC38z0O+ni6KfqUIIGFH
I+RG1Lg98ICZHhqgwKKqzkZW93ck7cOgy5OzZ2EOP/bakSjBmm1q9UrA2/0AshD5
1WrSaKd9BTr2SCrdvT1XiS9B6dG/N+B58O93V3KYoQknLZ1V61c4ZSRQYrAwCGW+
UvYifTzDWRIZ+GjaX10J+llGLMa3YNF4d6pbcfh02DULd+BSWux7qzU2vCaKwXr7
Z1T2PFiOn/tvrS31ByABqRb6ebzEw65ompdMUvTuTv9OH6Z/EDwG3l0H5oEJzfw8
V2IMDpmmBEQIbacSlbHcvMzAdvBoySjfzwHldWqyCCdh4m9+pALJR/BrN9N2Lvtt
DY4=
-----END CERTIFICATE-----
Generated at Wed Jun 11 20:46:50 2025 by rpki-client