Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tlNFzMYIU-42u_R0QIJ1br7kX_U.roa
File: tlNFzMYIU-42u_R0QIJ1br7kX_U.roa (raw, json)
Hash identifier: /St+WGDap1/5c0Ha1hhLjRSvTo7QuyKcAqLveb1WZtw=
Subject key identifier: B6:53:45:CC:C6:08:53:EE:36:BB:F4:74:40:82:75:6E:BE:E4:5F:F5
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C2AE3965596937018C7FB018239D8BA38
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tlNFzMYIU-42u_R0QIJ1br7kX_U.roa
Signing time: Sat 02 Dec 2023 14:16:47 +0000
ROA not before: Sat 02 Dec 2023 14:16:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2a:e3:96:55:96:93:70:18:c7:fb:01:82:39:d8:ba:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 2 14:16:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b65345ccc60853ee36bbf4744082756ebee45ff5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a6:53:c8:6c:34:cd:d3:b8:bf:bb:2a:e3:da:
08:35:e2:59:aa:03:91:2c:7f:12:d7:55:ad:55:5a:
17:2d:d1:21:81:c0:9d:a2:d5:e8:03:37:f0:44:1d:
54:15:ee:71:6e:83:fb:64:24:d8:16:0c:63:65:e8:
da:4b:bd:29:7c:54:85:74:28:25:4c:7d:53:dd:b1:
ac:ca:45:5b:b2:ca:0f:8c:47:fc:08:0c:8c:d5:a4:
b0:75:c4:c8:aa:5e:51:e3:e9:1d:60:96:41:8b:0d:
25:fe:3a:63:fd:29:b7:b1:cc:3f:c6:eb:64:91:ba:
53:6e:e0:0e:2a:ac:d5:ad:5c:0c:78:94:ce:39:e0:
04:2f:a8:d0:67:4b:22:b9:4f:40:90:56:ae:ba:cf:
1d:78:2a:fc:4d:79:ba:1d:e7:e5:01:a5:23:54:a7:
4c:ab:b0:fa:87:e4:7f:08:8b:6a:fb:4a:42:63:35:
c8:9e:7a:b0:53:79:1f:2c:fe:73:8d:69:1e:9c:c1:
3d:8a:13:5a:72:8c:53:76:e9:59:dc:54:b5:a4:50:
a3:8f:71:27:79:97:a5:ac:6d:f9:3f:3a:c7:80:3d:
57:1e:44:42:b7:8c:e7:51:28:da:36:ae:7a:5c:3f:
2d:32:22:20:d1:09:f9:a7:6f:33:75:32:31:28:e2:
e2:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:53:45:CC:C6:08:53:EE:36:BB:F4:74:40:82:75:6E:BE:E4:5F:F5
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tlNFzMYIU-42u_R0QIJ1br7kX_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
10:f9:87:b4:c4:66:a5:fa:76:0c:de:77:75:94:65:47:99:f9:
2c:be:8e:c1:6f:83:f7:b1:23:e9:fb:54:5c:64:16:80:57:00:
ef:98:4c:a3:05:06:b4:61:e6:2d:c7:96:20:b7:4d:13:13:25:
0e:6f:09:7a:58:20:39:2d:4e:07:88:fa:5f:88:0b:44:c1:61:
f8:ed:08:1b:b4:b7:0c:b8:33:9f:67:73:41:81:a8:32:62:1e:
6d:a4:89:70:bf:48:b4:76:fa:a4:11:8f:01:0c:28:c9:89:ca:
0e:d2:5d:66:54:f7:58:e0:c7:18:f4:94:83:3c:88:82:90:5c:
db:a0:c9:4c:14:2d:2a:6d:82:06:9e:25:8a:08:d5:0f:68:6e:
b0:d9:d5:a4:15:4a:14:1e:5d:e7:78:06:32:5f:38:7e:ed:0e:
9e:f0:92:1d:b7:cc:57:84:3d:6f:a2:e3:d8:50:3c:16:83:4b:
37:5b:67:03:d8:b8:e6:51:7c:44:eb:b8:2d:43:50:30:21:8a:
d0:6e:65:7d:20:b4:65:e5:fb:3f:26:a1:4f:d8:04:f5:7e:d2:
61:b1:2f:18:48:b7:17:d4:f2:3f:a8:fa:25:ef:db:37:6f:c0:
ba:ac:b7:10:39:f5:d2:0f:1e:a6:74:7c:ce:8d:b3:99:cd:a4:
96:ff:2b:76
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwq45ZVlpNwGMf7AYI52Lo4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAyMTQxNjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjUzNDVjY2M2MDg1M2VlMzZiYmY0NzQ0MDgyNzU2ZWJlZTQ1ZmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6ZTyGw0zdO4v7sq49oINeJZqgOR
LH8S11WtVVoXLdEhgcCdotXoAzfwRB1UFe5xboP7ZCTYFgxjZejaS70pfFSFdCgl
TH1T3bGsykVbssoPjEf8CAyM1aSwdcTIql5R4+kdYJZBiw0l/jpj/Sm3scw/xutk
kbpTbuAOKqzVrVwMeJTOOeAEL6jQZ0siuU9AkFauus8deCr8TXm6HeflAaUjVKdM
q7D6h+R/CItq+0pCYzXInnqwU3kfLP5zjWkenME9ihNacoxTdulZ3FS1pFCjj3En
eZelrG35PzrHgD1XHkRCt4znUSjaNq56XD8tMiIg0Qn5p28zdTIxKOLiXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLZTRczGCFPuNrv0dECCdW6+5F/1MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdGxORnpNWUlVLTQydV9SMFFJSjFicjdrWF9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABD5h7TEZqX6dgzed3WU
ZUeZ+Sy+jsFvg/exI+n7VFxkFoBXAO+YTKMFBrRh5i3HliC3TRMTJQ5vCXpYIDkt
TgeI+l+IC0TBYfjtCBu0twy4M59nc0GBqDJiHm2kiXC/SLR2+qQRjwEMKMmJyg7S
XWZU91jgxxj0lIM8iIKQXNugyUwULSptggaeJYoI1Q9obrDZ1aQVShQeXed4BjJf
OH7tDp7wkh23zFeEPW+i49hQPBaDSzdbZwPYuOZRfETruC1DUDAhitBuZX0gtGXl
+z8moU/YBPV+0mGxLxhItxfU8j+o+iXv2zdvwLqstxA59dIPHqZ0fM6Ns5nNpJb/
K3Y=
-----END CERTIFICATE-----
Generated at Sun May 11 19:55:22 2025 by rpki-client