Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Bd8H1J5LcprIcenavwLLQg04MJo.roa
File: Bd8H1J5LcprIcenavwLLQg04MJo.roa (raw, json)
Hash identifier: bUSsVQp9KK7M3tM/glbM1ds4SbZ3RlckZBOFFDQlH+U=
Subject key identifier: 05:DF:07:D4:9E:4B:72:9A:C8:71:E9:DA:BF:02:CB:42:0D:38:30:9A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01852D1457DBC91C7D8A1FE448346AD870B5
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Bd8H1J5LcprIcenavwLLQg04MJo.roa
Signing time: Tue 20 Dec 2022 01:09:46 +0000
ROA not before: Tue 20 Dec 2022 01:09:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2d:14:57:db:c9:1c:7d:8a:1f:e4:48:34:6a:d8:70:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 20 01:09:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=05df07d49e4b729ac871e9dabf02cb420d38309a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:23:4b:f3:fb:3b:96:24:42:e9:e9:09:2d:ed:
50:ac:69:01:0a:75:ca:bf:6e:b6:cf:50:de:b7:00:
ca:dd:a5:1e:86:ed:52:e5:00:d5:08:8a:c9:2d:f3:
f6:8d:1f:52:d1:ae:2a:3a:8f:16:9e:bf:0e:c0:8b:
08:d6:36:9d:c3:00:88:8c:20:1c:d5:04:1a:2d:07:
63:c6:c3:4b:50:95:e9:d6:fd:85:b4:c1:97:ca:fc:
d2:9b:0c:a6:d3:51:dd:ad:e9:03:fe:f6:c0:8f:a1:
4b:95:2d:41:ca:4a:44:7d:65:b0:60:51:dd:5b:f1:
e2:6b:1d:53:4e:10:a4:f8:81:36:19:72:4a:ab:44:
11:41:fc:4f:dc:b0:7a:dd:ff:55:08:43:91:e0:67:
7f:b9:2f:a3:09:8e:15:c5:6f:0e:6f:ca:12:9d:05:
2c:84:68:2e:19:ee:50:6a:3b:7c:09:c5:79:04:ff:
0d:d5:4b:83:22:dc:b1:06:dc:0e:f0:2b:fe:e4:74:
8d:f7:69:ef:8e:4d:13:a8:fe:3c:77:90:9a:9e:11:
b2:6e:b8:3e:63:d9:49:fb:b4:4a:3a:94:1c:54:e2:
bb:10:0a:ea:94:0e:33:d0:4b:20:b7:fa:75:0a:78:
21:3e:4e:18:38:78:fa:b2:19:1c:37:7f:3e:83:82:
af:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:DF:07:D4:9E:4B:72:9A:C8:71:E9:DA:BF:02:CB:42:0D:38:30:9A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Bd8H1J5LcprIcenavwLLQg04MJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
55:7c:74:58:93:0e:01:39:50:a0:eb:3e:ee:bd:aa:69:92:0f:
6d:37:e8:44:c2:96:83:74:5b:0c:7c:a3:1d:aa:b0:3c:5e:60:
01:7b:a3:e8:d1:df:6f:4a:02:c2:5d:34:b6:0f:8c:e8:e6:d4:
0b:a5:8b:b3:b3:dd:91:06:f8:04:5d:31:d7:06:cb:8e:2e:ce:
81:58:b5:e0:4e:6b:74:0e:4d:27:e6:7b:6f:32:a2:d8:ec:3c:
53:e0:74:f0:34:2c:4a:ea:79:b4:5d:cf:4c:af:9e:6f:43:11:
72:fe:a7:2f:9d:5e:52:19:ab:f1:d8:42:e1:fd:b5:b1:66:28:
d4:d7:10:98:4d:a9:fc:f3:1c:29:d6:82:62:5d:bb:83:7c:e0:
83:75:1e:02:f9:8b:cb:48:33:76:da:b6:ac:65:d3:f8:ef:e7:
6a:38:17:29:12:b3:fa:fd:cc:d0:c0:ea:09:b4:b8:fd:68:c1:
aa:3d:7a:3e:98:c5:7b:5c:f3:d3:e8:54:8e:dd:ba:f7:4e:38:
1f:37:cc:ad:75:78:a0:03:b4:6d:64:5a:79:26:d6:93:8a:6c:
1d:5d:bf:a1:ad:e2:a1:0e:66:b4:3a:23:09:d7:9b:db:66:b9:
32:f6:29:b8:20:ab:ff:54:15:7e:4a:3f:f0:a2:16:06:e1:45:
2b:a0:87:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUtFFfbyRx9ih/kSDRq2HC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjIwMDEwOTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWRmMDdkNDllNGI3MjlhYzg3MWU5ZGFiZjAyY2I0MjBkMzgzMDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyNL8/s7liRC6ekJLe1QrGkBCnXK
v262z1DetwDK3aUehu1S5QDVCIrJLfP2jR9S0a4qOo8Wnr8OwIsI1jadwwCIjCAc
1QQaLQdjxsNLUJXp1v2FtMGXyvzSmwym01HdrekD/vbAj6FLlS1BykpEfWWwYFHd
W/Hiax1TThCk+IE2GXJKq0QRQfxP3LB63f9VCEOR4Gd/uS+jCY4VxW8Ob8oSnQUs
hGguGe5Qajt8CcV5BP8N1UuDItyxBtwO8Cv+5HSN92nvjk0TqP48d5CanhGybrg+
Y9lJ+7RKOpQcVOK7EArqlA4z0Esgt/p1CnghPk4YOHj6shkcN38+g4KviQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAXfB9SeS3KayHHp2r8Cy0INODCaMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQmQ4SDFKNUxjcHJJY2VuYXZ3TExRZzA0TUpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFV8dFiTDgE5UKDrPu69
qmmSD2036ETCloN0Wwx8ox2qsDxeYAF7o+jR329KAsJdNLYPjOjm1Auli7Oz3ZEG
+ARdMdcGy44uzoFYteBOa3QOTSfme28yotjsPFPgdPA0LErqebRdz0yvnm9DEXL+
py+dXlIZq/HYQuH9tbFmKNTXEJhNqfzzHCnWgmJdu4N84IN1HgL5i8tIM3batqxl
0/jv52o4FykSs/r9zNDA6gm0uP1owao9ej6YxXtc89PoVI7duvdOOB83zK11eKAD
tG1kWnkm1pOKbB1dv6Gt4qEOZrQ6IwnXm9tmuTL2Kbggq/9UFX5KP/CiFgbhRSug
h2Q=
-----END CERTIFICATE-----
Generated at Sat May 3 09:05:45 2025 by rpki-client