Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BRZNfVuh18xE1fsE0E2hntXyKBE.roa
File: BRZNfVuh18xE1fsE0E2hntXyKBE.roa (raw, json)
Hash identifier: Q5HDo8XDNKz/F4eLJF1LpWS5rafhqZMpKqs7CZhHHsI=
Subject key identifier: 05:16:4D:7D:5B:A1:D7:CC:44:D5:FB:04:D0:4D:A1:9E:D5:F2:28:11
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01868E1041F36D3861639E763CC2FE41DC9A
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BRZNfVuh18xE1fsE0E2hntXyKBE.roa
Signing time: Sun 26 Feb 2023 14:11:15 +0000
ROA not before: Sun 26 Feb 2023 14:11:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:8e:10:41:f3:6d:38:61:63:9e:76:3c:c2:fe:41:dc:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 26 14:11:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05164d7d5ba1d7cc44d5fb04d04da19ed5f22811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:fb:fc:c7:75:1e:b5:75:2b:2c:29:d2:39:68:
d5:ee:25:1d:86:8e:19:4b:d1:70:27:65:ab:5a:5d:
19:9f:9b:da:44:f1:b0:64:07:40:97:67:14:e7:51:
55:24:40:fc:40:92:d5:95:50:45:eb:d4:e2:68:cd:
5e:7d:1a:53:24:f5:cc:2f:2c:e2:bb:71:b1:ac:49:
d7:bc:ef:a9:d9:ea:14:cc:bd:c1:67:94:eb:45:70:
2d:f5:83:09:19:90:e4:8c:93:75:06:4d:ea:3e:3a:
71:a0:6b:ed:4a:b5:0d:8c:eb:c4:76:a5:5f:f7:ba:
9d:79:83:d4:97:8f:12:7a:70:f6:65:d9:66:f8:71:
eb:6c:93:85:10:9a:70:c2:e7:40:9d:27:f8:72:53:
e9:b3:bb:bb:41:e5:d7:45:31:3f:c6:0c:92:da:c7:
0b:49:43:53:49:38:92:23:5c:d1:1e:13:1d:6a:95:
12:54:fd:58:ac:b1:92:37:c5:79:98:1b:5c:3a:96:
f4:ad:c3:a6:72:52:06:b7:91:44:e7:87:0d:16:13:
4c:af:94:27:af:76:e7:9d:ee:ff:b5:d2:03:58:bb:
b4:6a:fb:00:7a:62:13:ec:6b:48:45:33:28:16:43:
0e:98:d5:b9:f6:26:08:6f:2f:95:97:8f:dd:af:8b:
8f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:16:4D:7D:5B:A1:D7:CC:44:D5:FB:04:D0:4D:A1:9E:D5:F2:28:11
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BRZNfVuh18xE1fsE0E2hntXyKBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
06:ef:fd:78:6b:92:21:74:5c:73:ed:aa:87:36:71:63:f4:81:
09:02:f9:b2:02:46:6b:7d:5a:75:13:0c:ed:a3:1e:a6:cd:ee:
d9:9c:27:9f:32:c7:b4:46:1f:cb:21:f4:77:f9:3b:da:b3:50:
97:b4:ce:e0:de:d5:5f:27:6d:d4:33:4c:71:90:f4:11:ec:2f:
69:a5:03:93:da:ee:40:fd:c1:af:44:27:e9:e6:aa:ff:f7:34:
90:5c:b1:2f:56:d8:f4:bb:4b:a3:a4:7f:7d:1e:40:01:f2:59:
86:f4:57:69:50:da:73:b4:a4:57:10:b4:6d:95:8f:d6:9b:b6:
ed:9e:30:4d:60:b7:9d:33:1a:54:49:a6:d0:4c:93:b4:c6:3a:
5e:d0:47:62:21:23:c7:9b:09:a5:e5:4c:52:d2:40:44:63:82:
db:4e:92:4b:f9:58:a2:d4:cb:bb:c0:4e:3c:e8:a6:20:b9:4b:
08:4a:01:07:e8:47:7e:d6:a8:ef:a1:fe:5c:72:13:e1:fe:0a:
eb:43:ba:4c:5f:56:bf:0b:73:20:c1:d1:d8:35:b1:da:ba:f4:
78:55:e7:e5:37:1f:79:a6:44:6c:82:fd:67:43:98:36:1e:69:
9e:5a:e5:c9:79:c1:d1:88:ca:ab:97:bc:d8:b8:61:63:94:56:
77:7a:87:f2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaOEEHzbThhY552PML+QdyaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI2MTQxMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTE2NGQ3ZDViYTFkN2NjNDRkNWZiMDRkMDRkYTE5ZWQ1ZjIyODExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPv8x3UetXUrLCnSOWjV7iUdho4Z
S9FwJ2WrWl0Zn5vaRPGwZAdAl2cU51FVJED8QJLVlVBF69TiaM1efRpTJPXMLyzi
u3GxrEnXvO+p2eoUzL3BZ5TrRXAt9YMJGZDkjJN1Bk3qPjpxoGvtSrUNjOvEdqVf
97qdeYPUl48SenD2Zdlm+HHrbJOFEJpwwudAnSf4clPps7u7QeXXRTE/xgyS2scL
SUNTSTiSI1zRHhMdapUSVP1YrLGSN8V5mBtcOpb0rcOmclIGt5FE54cNFhNMr5Qn
r3bnne7/tdIDWLu0avsAemIT7GtIRTMoFkMOmNW59iYIby+Vl4/dr4uPxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAUWTX1bodfMRNX7BNBNoZ7V8igRMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQlJaTmZWdWgxOHhFMWZzRTBFMmhudFh5S0JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAbv/XhrkiF0XHPtqoc2
cWP0gQkC+bICRmt9WnUTDO2jHqbN7tmcJ58yx7RGH8sh9Hf5O9qzUJe0zuDe1V8n
bdQzTHGQ9BHsL2mlA5Pa7kD9wa9EJ+nmqv/3NJBcsS9W2PS7S6Okf30eQAHyWYb0
V2lQ2nO0pFcQtG2Vj9abtu2eME1gt50zGlRJptBMk7TGOl7QR2IhI8ebCaXlTFLS
QERjgttOkkv5WKLUy7vATjzopiC5SwhKAQfoR37WqO+h/lxyE+H+CutDukxfVr8L
cyDB0dg1sdq69HhV5+U3H3mmRGyC/WdDmDYeaZ5a5cl5wdGIyquXvNi4YWOUVnd6
h/I=
-----END CERTIFICATE-----
Generated at Sun May 4 13:12:41 2025 by rpki-client