Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BkJliZCLRocOTmOaycK6DqLTiPw.roa
File: BkJliZCLRocOTmOaycK6DqLTiPw.roa (raw, json)
Hash identifier: whYBmFQnToqLdHUkjLLxSIYgaVi3F91M1Ffsp0ahiKE=
Subject key identifier: 06:42:65:89:90:8B:46:87:0E:4E:63:9A:C9:C2:BA:0E:A2:D3:88:FC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018658354AEE6980564061F4A4BBA0306C2D
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BkJliZCLRocOTmOaycK6DqLTiPw.roa
Signing time: Thu 16 Feb 2023 03:12:13 +0000
ROA not before: Thu 16 Feb 2023 03:12:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:58:35:4a:ee:69:80:56:40:61:f4:a4:bb:a0:30:6c:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 16 03:12:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06426589908b46870e4e639ac9c2ba0ea2d388fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cd:14:b7:5d:02:18:03:5f:a4:93:08:2e:7b:
b7:0e:24:8c:dc:72:f8:a7:87:85:a5:d5:47:40:34:
04:8e:7d:d9:5d:e1:b5:a1:52:a5:b9:bf:6c:ef:0e:
5c:ee:cc:6d:0c:37:64:b8:a5:55:16:61:a3:4f:1c:
6f:78:5a:26:71:ac:a8:04:91:d6:13:1b:26:bf:c2:
dc:df:95:e4:cd:12:d7:f8:bd:ed:68:a9:4f:85:f5:
1b:08:50:c6:2c:2a:87:f6:2a:64:6e:71:d2:be:37:
91:9a:e9:e1:e7:f1:88:6a:14:32:4d:84:5d:18:81:
d6:d4:e2:10:8c:4a:f4:33:ce:46:b5:b8:a0:66:b2:
f9:d2:b8:a9:65:e4:a1:cc:26:37:26:d5:c0:5b:e4:
5f:08:32:9d:05:41:3f:05:b9:69:5c:d5:5c:d6:33:
5a:d3:a3:94:55:46:51:c2:04:dc:09:d0:10:e6:6a:
5e:20:d9:df:22:33:9e:38:9c:96:01:cc:21:ab:06:
ba:86:94:14:ce:54:ad:a5:61:96:7a:c4:9b:58:28:
ea:3c:86:7b:0c:b7:89:9b:f5:d7:4d:8d:8d:8b:25:
28:2c:73:f7:47:8e:54:89:eb:f5:23:4c:c2:0d:fe:
39:3f:eb:83:1d:27:89:6c:2f:87:3c:8e:0c:ef:bf:
96:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:42:65:89:90:8B:46:87:0E:4E:63:9A:C9:C2:BA:0E:A2:D3:88:FC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BkJliZCLRocOTmOaycK6DqLTiPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3d:8c:65:a3:49:78:6a:db:47:a7:ee:e9:17:d2:0e:b1:8d:98:
2d:cd:e6:cb:1b:f9:33:3b:e4:50:53:16:96:55:9f:46:07:44:
6b:2a:44:43:fc:cc:23:b8:5e:95:34:23:b2:6d:1c:71:a2:f4:
02:31:ec:8c:87:5f:be:89:e4:21:a1:b8:32:07:b0:77:e1:2a:
26:31:e6:81:5a:19:7a:c5:56:02:c5:fb:2e:5d:78:25:38:e0:
6a:12:0f:1d:5c:cd:28:6a:77:a8:ac:48:23:75:7a:05:87:43:
9b:07:3d:77:2f:f6:2f:a2:57:41:c8:84:6d:d3:50:c6:d3:a1:
f1:6f:f6:dc:29:e8:21:dc:9d:8d:3f:23:dc:f1:69:39:5a:75:
7e:32:a9:27:fc:cd:c5:e6:e6:0f:83:8c:69:4f:d1:b8:d3:be:
39:74:20:f0:a6:b4:05:38:c1:d1:ba:25:3a:2c:cf:34:03:1f:
b9:97:7b:7f:40:c3:60:14:77:e0:99:76:59:0a:0a:83:a6:da:
94:6f:bd:fb:34:a9:d9:de:cf:96:2c:f7:25:01:74:fb:56:9f:
51:17:30:8e:a6:42:3c:20:2a:b9:c5:2e:e0:94:b6:64:f1:41:
dc:b8:b9:60:68:38:e8:46:c0:17:98:8b:01:c8:9d:ab:46:ee:
84:e7:5e:71
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZYNUruaYBWQGH0pLugMGwtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE2MDMxMjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjQyNjU4OTkwOGI0Njg3MGU0ZTYzOWFjOWMyYmEwZWEyZDM4OGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArc0Ut10CGANfpJMILnu3DiSM3HL4
p4eFpdVHQDQEjn3ZXeG1oVKlub9s7w5c7sxtDDdkuKVVFmGjTxxveFomcayoBJHW
Exsmv8Lc35XkzRLX+L3taKlPhfUbCFDGLCqH9ipkbnHSvjeRmunh5/GIahQyTYRd
GIHW1OIQjEr0M85GtbigZrL50ripZeShzCY3JtXAW+RfCDKdBUE/BblpXNVc1jNa
06OUVUZRwgTcCdAQ5mpeINnfIjOeOJyWAcwhqwa6hpQUzlStpWGWesSbWCjqPIZ7
DLeJm/XXTY2NiyUoLHP3R45Uiev1I0zCDf45P+uDHSeJbC+HPI4M77+WiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAZCZYmQi0aHDk5jmsnCug6i04j8MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQmtKbGlaQ0xSb2NPVG1PYXljSzZEcUxUaVB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD2MZaNJeGrbR6fu6RfS
DrGNmC3N5ssb+TM75FBTFpZVn0YHRGsqREP8zCO4XpU0I7JtHHGi9AIx7IyHX76J
5CGhuDIHsHfhKiYx5oFaGXrFVgLF+y5deCU44GoSDx1czShqd6isSCN1egWHQ5sH
PXcv9i+iV0HIhG3TUMbTofFv9twp6CHcnY0/I9zxaTladX4yqSf8zcXm5g+DjGlP
0bjTvjl0IPCmtAU4wdG6JToszzQDH7mXe39Aw2AUd+CZdlkKCoOm2pRvvfs0qdne
z5Ys9yUBdPtWn1EXMI6mQjwgKrnFLuCUtmTxQdy4uWBoOOhGwBeYiwHInatG7oTn
XnE=
-----END CERTIFICATE-----
Generated at Thu May 1 05:01:34 2025 by rpki-client