Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BcHY3Ql2QQatz0s3WE2WTPNFwZY.roa
File: BcHY3Ql2QQatz0s3WE2WTPNFwZY.roa (raw, json)
Hash identifier: rrrf4h5gjmH4VR4DOJ+vGd9xp9JXFiOgWBc8f3p4UAI=
Subject key identifier: 05:C1:D8:DD:09:76:41:06:AD:CF:4B:37:58:4D:96:4C:F3:45:C1:96
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185903220B9F7B70DE9A15541617FDCEE0C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BcHY3Ql2QQatz0s3WE2WTPNFwZY.roa
Signing time: Sun 08 Jan 2023 07:04:42 +0000
ROA not before: Sun 08 Jan 2023 07:04:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:9031:da78/128 maxlen: 128
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:90:32:20:b9:f7:b7:0d:e9:a1:55:41:61:7f:dc:ee:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 8 07:04:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05c1d8dd09764106adcf4b37584d964cf345c196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:54:66:11:f3:0f:41:28:ec:d0:6e:aa:8c:6a:
06:a9:04:af:db:aa:dc:1d:b0:8c:fd:b1:a2:e6:12:
ef:fc:82:b8:cb:e5:75:29:3e:41:42:41:4f:21:6b:
b3:17:31:9a:6c:0f:ea:cd:72:ed:ef:11:fb:6d:01:
ba:34:a0:65:46:81:60:e7:46:35:5d:24:44:e5:f5:
df:f3:24:34:54:34:13:04:10:5d:74:ee:d0:64:58:
1d:85:1d:fb:25:02:78:4c:07:76:51:36:3c:f1:d3:
31:e1:7d:41:92:de:a1:0c:f5:99:13:5f:6e:b1:5f:
29:a4:77:82:bb:d8:c2:a2:80:65:62:d1:93:80:10:
29:2b:c1:cb:12:06:c3:b8:1a:57:dc:db:27:a1:be:
97:be:45:b0:6d:3b:18:b7:91:e2:22:33:b5:55:c7:
c3:de:89:47:01:18:d5:d0:03:60:ec:16:6b:a6:12:
fc:81:26:2c:38:99:3c:3d:f9:d4:fc:48:30:8b:72:
08:fa:71:82:4e:41:2e:3e:59:fd:23:f8:0d:76:b5:
d7:72:e3:e1:65:14:77:09:34:d9:2d:f9:b9:7d:0b:
00:54:dd:07:23:f0:5f:3b:19:fd:39:42:c0:90:d4:
cd:3a:35:9e:9a:98:db:e4:60:11:c3:e3:5a:a5:57:
da:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:C1:D8:DD:09:76:41:06:AD:CF:4B:37:58:4D:96:4C:F3:45:C1:96
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BcHY3Ql2QQatz0s3WE2WTPNFwZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:85:dd:c2:2a:27:c5:73:d1:62:33:cd:8b:7a:5d:94:ed:8e:
34:d2:5e:1b:bc:ff:d1:13:09:a2:91:2a:bc:9f:0d:a8:c9:f8:
29:32:19:86:87:11:56:0f:05:d8:f7:34:fd:ec:6a:54:21:7a:
d3:53:74:c6:62:d9:98:13:e4:f2:8f:01:91:2e:02:41:8a:99:
74:6c:b3:b7:5b:99:e7:96:5e:e3:5c:42:93:8a:b6:88:19:73:
b3:61:2f:6b:71:b1:eb:69:f7:d0:6b:bb:09:ca:3a:6a:cd:24:
1d:3d:44:1b:07:3c:d9:7c:12:48:2c:fd:d8:db:10:87:e2:33:
39:cc:6a:e3:d8:18:6e:4e:d4:ed:d8:45:08:d2:05:e1:d0:29:
fc:bb:37:21:76:4e:f1:7c:f5:13:0c:69:2d:7f:8b:d9:3c:f2:
86:b9:0d:0e:bc:10:13:34:41:42:9a:04:a2:00:17:c3:c3:ab:
7c:e4:31:fd:15:6d:3a:99:12:0f:8b:29:ba:e1:a2:73:77:ba:
0f:42:fd:9d:bf:80:19:37:98:89:6a:f7:1b:8c:4d:6c:ad:29:
91:04:69:c0:86:43:46:75:3f:31:fa:dc:13:e6:23:b4:f2:41:
38:15:19:65:1a:4d:52:8c:d7:0c:15:81:e9:46:2a:30:d1:81:
86:c3:9a:d4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWQMiC597cN6aFVQWF/3O4MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTA4MDcwNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWMxZDhkZDA5NzY0MTA2YWRjZjRiMzc1ODRkOTY0Y2YzNDVjMTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlRmEfMPQSjs0G6qjGoGqQSv26rc
HbCM/bGi5hLv/IK4y+V1KT5BQkFPIWuzFzGabA/qzXLt7xH7bQG6NKBlRoFg50Y1
XSRE5fXf8yQ0VDQTBBBddO7QZFgdhR37JQJ4TAd2UTY88dMx4X1Bkt6hDPWZE19u
sV8ppHeCu9jCooBlYtGTgBApK8HLEgbDuBpX3Nsnob6XvkWwbTsYt5HiIjO1VcfD
3olHARjV0ANg7BZrphL8gSYsOJk8PfnU/Egwi3II+nGCTkEuPln9I/gNdrXXcuPh
ZRR3CTTZLfm5fQsAVN0HI/BfOxn9OULAkNTNOjWempjb5GARw+NapVfa0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAXB2N0JdkEGrc9LN1hNlkzzRcGWMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQmNIWTNRbDJRUWF0ejBzM1dFMldUUE5Gd1pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABqF3cIqJ8Vz0WIzzYt6
XZTtjjTSXhu8/9ETCaKRKryfDajJ+CkyGYaHEVYPBdj3NP3salQhetNTdMZi2ZgT
5PKPAZEuAkGKmXRss7dbmeeWXuNcQpOKtogZc7NhL2txsetp99BruwnKOmrNJB09
RBsHPNl8Ekgs/djbEIfiMznMauPYGG5O1O3YRQjSBeHQKfy7NyF2TvF89RMMaS1/
i9k88oa5DQ68EBM0QUKaBKIAF8PDq3zkMf0VbTqZEg+LKbrhonN3ug9C/Z2/gBk3
mIlq9xuMTWytKZEEacCGQ0Z1PzH63BPmI7TyQTgVGWUaTVKM1wwVgelGKjDRgYbD
mtQ=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:45:13 2025 by rpki-client