Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/twIR2IoW80S37gWRtQKHBj64ZKc.roa
File: twIR2IoW80S37gWRtQKHBj64ZKc.roa (raw, json)
Hash identifier: 1kP/gc/i87bsr+vopkiUx7ryvLCuHcuwmBaMR0rRmt4=
Subject key identifier: B7:02:11:D8:8A:16:F3:44:B7:EE:05:91:B5:02:87:06:3E:B8:64:A7
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A2BF0DAF81D49D63611E8AAACD3A2D427
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/twIR2IoW80S37gWRtQKHBj64ZKc.roa
Signing time: Fri 25 Aug 2023 09:05:19 +0000
ROA not before: Fri 25 Aug 2023 09:05:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:2bf0:802b/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:2b:f0:da:f8:1d:49:d6:36:11:e8:aa:ac:d3:a2:d4:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 25 09:05:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b70211d88a16f344b7ee0591b50287063eb864a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:52:07:e3:a2:cf:80:ea:8f:05:04:0c:f5:df:
5d:1b:c2:45:d6:8a:94:24:47:5b:ab:37:3e:b1:f2:
f0:a4:ec:f2:11:fe:a0:61:79:c9:bd:02:dd:a1:c0:
a7:f8:c9:99:0f:07:21:12:a5:8d:fe:b3:e9:d6:ce:
d9:30:34:2f:b5:7c:20:03:0e:d6:d5:ed:c7:90:3b:
7c:a8:d9:c5:fc:11:73:84:a8:ff:7e:64:a1:af:38:
81:af:4d:9a:ab:a5:4e:73:ea:a5:3f:d1:dc:00:16:
bd:6f:36:5b:77:70:ce:78:51:c7:59:38:d1:a7:56:
52:e4:fe:f6:93:17:6c:73:a9:e9:79:71:26:5f:49:
40:44:68:e2:80:5d:7f:6b:2d:12:63:cc:ab:21:ab:
5a:a8:31:04:be:bf:2c:63:9d:31:2a:e5:d2:4d:bf:
ca:da:5b:3b:82:39:0c:d6:20:ad:4d:c5:0f:bc:f0:
8f:6e:57:f3:e5:8a:40:f9:49:dd:c0:38:47:94:d0:
f1:94:8e:49:39:2f:0c:40:a8:9b:cc:26:5d:7a:45:
9c:db:9c:d0:53:07:65:06:db:dc:30:7f:bf:8a:89:
4a:f7:a6:61:71:59:ce:12:88:37:9e:ca:90:af:da:
ff:39:fd:a5:fd:df:de:a4:57:db:6f:16:29:55:2f:
98:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:02:11:D8:8A:16:F3:44:B7:EE:05:91:B5:02:87:06:3E:B8:64:A7
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/twIR2IoW80S37gWRtQKHBj64ZKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:2d:2f:00:16:8c:7d:33:53:25:ac:cd:02:d4:ba:82:f1:c4:
64:e5:63:84:3c:50:21:bf:2b:12:18:3f:7e:93:65:7d:6e:f5:
32:00:a4:dd:41:b0:2e:c3:2f:a1:6f:b8:13:32:04:7f:84:29:
ee:b5:33:6d:28:f7:4b:03:95:54:b8:45:dc:64:95:65:e0:a4:
72:3d:49:f8:4b:c2:42:88:db:78:e7:ed:5d:64:01:12:ef:8d:
15:a4:48:f8:d1:d8:25:76:4c:01:a2:7e:a5:00:f4:00:aa:81:
91:ef:b6:8c:49:7e:0a:5d:51:29:b3:8f:9d:6d:3f:34:1d:fd:
fb:e1:33:ac:f1:8e:bf:dc:78:67:6a:ea:0a:eb:ee:6a:23:1e:
5b:f0:af:73:56:2f:c0:42:e0:9c:08:74:9d:68:82:f4:74:33:
ff:28:a9:8e:2f:e9:d3:50:fe:f9:6a:e6:9f:82:18:08:04:a9:
d1:3e:3e:74:f0:0c:fa:8b:1e:a1:15:f4:82:d8:d3:81:36:dc:
22:3b:e3:2d:70:34:f2:7e:dc:07:c6:8d:61:fb:c9:42:a7:4e:
e1:2a:ec:51:25:61:4b:8d:97:e0:0e:50:cc:09:11:7b:92:11:
4b:3c:47:43:f8:19:fa:29:30:da:1a:69:49:a3:67:19:67:c0:
8a:6e:42:f8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYor8Nr4HUnWNhHoqqzTotQnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI1MDkwNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzAyMTFkODhhMTZmMzQ0YjdlZTA1OTFiNTAyODcwNjNlYjg2NGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFIH46LPgOqPBQQM9d9dG8JF1oqU
JEdbqzc+sfLwpOzyEf6gYXnJvQLdocCn+MmZDwchEqWN/rPp1s7ZMDQvtXwgAw7W
1e3HkDt8qNnF/BFzhKj/fmShrziBr02aq6VOc+qlP9HcABa9bzZbd3DOeFHHWTjR
p1ZS5P72kxdsc6npeXEmX0lARGjigF1/ay0SY8yrIataqDEEvr8sY50xKuXSTb/K
2ls7gjkM1iCtTcUPvPCPblfz5YpA+UndwDhHlNDxlI5JOS8MQKibzCZdekWc25zQ
UwdlBtvcMH+/iolK96ZhcVnOEog3nsqQr9r/Of2l/d/epFfbbxYpVS+YRwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLcCEdiKFvNEt+4FkbUChwY+uGSnMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvdHdJUjJJb1c4MFMzN2dXUnRRS0hCajY0WktjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABgtLwAWjH0zUyWszQLU
uoLxxGTlY4Q8UCG/KxIYP36TZX1u9TIApN1BsC7DL6FvuBMyBH+EKe61M20o90sD
lVS4RdxklWXgpHI9SfhLwkKI23jn7V1kARLvjRWkSPjR2CV2TAGifqUA9ACqgZHv
toxJfgpdUSmzj51tPzQd/fvhM6zxjr/ceGdq6grr7mojHlvwr3NWL8BC4JwIdJ1o
gvR0M/8oqY4v6dNQ/vlq5p+CGAgEqdE+PnTwDPqLHqEV9ILY04E23CI74y1wNPJ+
3AfGjWH7yUKnTuEq7FElYUuNl+AOUMwJEXuSEUs8R0P4GfopMNoaaUmjZxlnwIpu
Qvg=
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:09:46 2025 by rpki-client