Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Bh2FjNQyr-vOKL4zIy5DNF9s64k.roa
File: Bh2FjNQyr-vOKL4zIy5DNF9s64k.roa (raw, json)
Hash identifier: Sapdak1iOzYJXgfaLHl5fUmFYtr/CZftmptaedcA+G0=
Subject key identifier: 06:1D:85:8C:D4:32:AF:EB:CE:28:BE:33:23:2E:43:34:5F:6C:EB:89
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0188B92B50CB718D2D51A600ECA1F09A4428
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Bh2FjNQyr-vOKL4zIy5DNF9s64k.roa
Signing time: Wed 14 Jun 2023 09:10:03 +0000
ROA not before: Wed 14 Jun 2023 09:10:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b9:2b:50:cb:71:8d:2d:51:a6:00:ec:a1:f0:9a:44:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jun 14 09:10:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=061d858cd432afebce28be33232e43345f6ceb89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:5f:7f:2a:63:cc:fc:39:ba:b4:6b:6c:b3:93:
57:b6:67:f8:a1:9e:0d:3a:b0:86:69:db:5f:d1:66:
72:59:4c:cb:3a:14:1c:c4:38:8e:a6:c9:58:1f:04:
35:d5:91:f3:95:42:ba:19:15:37:92:41:e0:68:ad:
0e:4a:86:07:0b:97:70:cd:e9:0a:f9:90:15:32:6b:
7e:83:0a:81:7d:61:82:6f:ec:ba:39:ce:2e:78:20:
53:c5:5e:8f:d9:ae:df:67:a4:99:b8:fa:f2:bd:d8:
52:44:df:bd:59:0a:28:b3:a3:12:4f:cd:3c:60:0f:
71:bf:68:73:10:a4:a9:7a:42:0d:c5:c2:ba:92:ba:
f3:4f:78:67:1b:bc:38:25:f0:02:7c:78:61:4b:88:
66:b8:0d:6f:df:ae:de:39:81:59:e6:39:d4:8c:c7:
bf:8e:c7:95:86:3f:ac:7c:10:ec:63:07:00:95:4a:
23:2c:d5:5f:9f:5b:2c:da:80:8d:f9:2f:07:83:2b:
28:c0:31:8b:05:12:90:f7:f9:87:13:59:8e:55:7c:
2c:02:62:59:83:be:a8:79:ef:9e:cb:40:93:b8:0b:
41:bd:d9:8e:4d:bb:74:9a:03:6b:10:67:4e:e7:67:
6b:73:e3:4b:42:5b:aa:18:5f:79:83:a0:8e:05:c2:
ef:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:1D:85:8C:D4:32:AF:EB:CE:28:BE:33:23:2E:43:34:5F:6C:EB:89
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Bh2FjNQyr-vOKL4zIy5DNF9s64k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
00:4c:2f:b8:ba:98:ee:b3:3f:ca:58:3a:05:e8:56:03:1d:79:
82:18:25:3c:77:85:b3:fc:2b:7f:36:b4:9e:f3:b2:6a:7d:d9:
a4:d9:99:59:89:a6:e7:d2:41:a1:82:3b:7a:d7:c5:07:95:8f:
9d:41:7c:1e:21:61:03:92:f3:56:01:76:83:db:e2:9b:bf:fd:
c2:9d:71:02:d2:78:bc:2a:f4:94:fe:0c:ec:c7:dc:f6:98:ab:
a6:1a:0d:25:ab:53:1d:0d:3c:80:52:54:3b:4b:43:39:df:f1:
d2:0a:3f:f9:4a:cd:b4:c3:9e:b2:a8:28:2e:ff:6c:44:3a:a4:
8d:02:6c:6b:cf:a7:e4:8c:10:15:58:76:f1:e4:5d:01:73:df:
6d:38:10:c6:9e:6e:b0:72:b0:2f:7c:fd:81:a7:80:66:fc:09:
cb:a5:03:3f:09:c6:bd:bd:d2:84:b5:1b:06:b2:be:b1:0c:c6:
c6:59:ee:df:1e:6d:60:17:53:7f:8f:eb:98:87:52:25:03:84:
65:89:d1:d1:dc:8a:23:3e:05:6a:ca:7f:75:cd:2b:99:88:2f:
e1:11:72:5e:ca:4f:51:dc:70:f3:5b:88:53:fc:1b:a9:d6:8e:
66:ab:49:ff:17:05:f6:0d:b9:84:f5:46:d9:94:76:0c:be:3a:
2e:7b:9e:74
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYi5K1DLcY0tUaYA7KHwmkQoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNjE0MDkxMDAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjFkODU4Y2Q0MzJhZmViY2UyOGJlMzMyMzJlNDMzNDVmNmNlYjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiF9/KmPM/Dm6tGtss5NXtmf4oZ4N
OrCGadtf0WZyWUzLOhQcxDiOpslYHwQ11ZHzlUK6GRU3kkHgaK0OSoYHC5dwzekK
+ZAVMmt+gwqBfWGCb+y6Oc4ueCBTxV6P2a7fZ6SZuPryvdhSRN+9WQoos6MST808
YA9xv2hzEKSpekINxcK6krrzT3hnG7w4JfACfHhhS4hmuA1v367eOYFZ5jnUjMe/
jseVhj+sfBDsYwcAlUojLNVfn1ss2oCN+S8HgysowDGLBRKQ9/mHE1mOVXwsAmJZ
g76oee+ey0CTuAtBvdmOTbt0mgNrEGdO52drc+NLQluqGF95g6COBcLvHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAYdhYzUMq/rzii+MyMuQzRfbOuJMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQmgyRmpOUXlyLXZPS0w0ekl5NURORjlzNjRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAABML7i6mO6zP8pYOgXo
VgMdeYIYJTx3hbP8K382tJ7zsmp92aTZmVmJpufSQaGCO3rXxQeVj51BfB4hYQOS
81YBdoPb4pu//cKdcQLSeLwq9JT+DOzH3PaYq6YaDSWrUx0NPIBSVDtLQznf8dIK
P/lKzbTDnrKoKC7/bEQ6pI0CbGvPp+SMEBVYdvHkXQFz3204EMaebrBysC98/YGn
gGb8CculAz8Jxr290oS1GwayvrEMxsZZ7t8ebWAXU3+P65iHUiUDhGWJ0dHciiM+
BWrKf3XNK5mIL+ERcl7KT1HccPNbiFP8G6nWjmarSf8XBfYNuYT1RtmUdgy+Oi57
nnQ=
-----END CERTIFICATE-----
Generated at Wed Apr 30 19:55:49 2025 by rpki-client