Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BnPzYZxm4istWXdV-TrQRpoEmRo.roa
File: BnPzYZxm4istWXdV-TrQRpoEmRo.roa (raw, json)
Hash identifier: Droq1dn8xTT7V7f3ht3T4YX8eZn6moEEW4fqnecgCfo=
Subject key identifier: 06:73:F3:61:9C:66:E2:2B:2D:59:77:55:F9:3A:D0:46:9A:04:99:1A
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A17C55C1A44171E96FA6FABA29BE34DC8
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BnPzYZxm4istWXdV-TrQRpoEmRo.roa
Signing time: Mon 21 Aug 2023 11:05:24 +0000
ROA not before: Mon 21 Aug 2023 11:05:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:18a:17c4:76e9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:17:c5:5c:1a:44:17:1e:96:fa:6f:ab:a2:9b:e3:4d:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 21 11:05:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0673f3619c66e22b2d597755f93ad0469a04991a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:66:d3:02:19:69:53:85:33:82:3d:9c:37:05:
ab:b5:63:37:f1:a4:7f:e2:5d:f3:23:c5:88:81:02:
46:a7:ac:97:00:50:7e:24:88:ad:e4:ad:85:00:5f:
4c:d1:1c:6a:1a:07:bb:b0:f5:87:d7:8d:32:15:84:
41:6c:c0:85:c4:03:0d:42:16:cd:a9:bd:06:49:88:
4b:66:f6:42:48:ba:c0:94:e0:73:c7:00:bf:91:b7:
74:6e:94:d3:df:32:c5:04:83:f6:6a:4d:e8:6e:db:
a4:3e:e9:8b:d7:b1:82:ba:5d:6f:e4:85:f3:8f:6e:
f9:b4:6b:9a:f9:84:7b:9a:85:11:26:de:03:93:98:
c3:38:a6:9f:c4:d5:aa:72:07:73:8a:f4:9e:70:26:
70:21:2f:d9:f6:67:44:01:24:c8:1f:db:89:77:b5:
dd:e6:fe:88:9a:5b:22:41:05:88:10:d9:68:09:06:
d2:69:88:e1:8e:ce:f8:64:7d:45:81:1b:2b:14:d9:
c6:a1:5d:83:db:3e:e6:aa:cb:66:33:db:5c:3d:5e:
8d:d4:c1:38:07:b1:dd:63:18:22:19:aa:23:e0:e9:
ed:56:1e:da:08:f2:2b:79:08:3e:c7:6f:c8:ec:d1:
7c:9b:fe:bd:26:1b:12:bc:52:d9:78:d3:a2:bd:79:
7b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:73:F3:61:9C:66:E2:2B:2D:59:77:55:F9:3A:D0:46:9A:04:99:1A
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BnPzYZxm4istWXdV-TrQRpoEmRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
55:c7:fa:c2:76:29:61:29:12:94:92:0e:0b:b6:ec:6d:d8:7d:
3a:3d:3c:ec:dc:af:3d:41:86:bc:3c:1c:0b:5f:7f:59:9d:41:
02:79:47:46:a2:d1:a4:e8:12:81:eb:32:ae:8a:2b:1d:57:99:
73:ab:89:fd:d9:55:2d:d4:14:6a:fc:a3:3b:85:67:d3:aa:5b:
b4:d0:34:91:c5:e7:31:87:98:53:8d:0e:75:38:f3:89:7b:02:
84:a8:b8:cd:f4:36:ae:1c:a1:34:ff:c4:da:4c:a5:da:43:96:
e2:c7:a6:3c:11:6d:ef:78:b2:4e:71:bc:ca:65:ef:c9:01:f8:
64:cf:a1:9d:0b:31:1d:f2:3d:66:11:37:48:24:3f:1a:71:2a:
cb:93:b4:8e:6e:ab:5a:25:67:5c:10:7c:34:89:11:89:3c:af:
c3:6c:71:79:58:a8:b3:14:86:df:8f:33:5d:e8:b2:c0:95:25:
01:f9:b9:0f:da:36:fa:07:b6:c1:2d:59:6d:04:ae:01:48:0b:
90:ed:ec:e9:6f:e8:5a:31:fe:8d:94:fe:73:89:ba:3f:f0:f7:
ba:78:00:46:da:e9:b6:1c:73:b6:c8:54:eb:6b:2b:47:6a:ba:
14:71:1f:5a:db:3a:16:47:7f:38:f0:c5:70:b0:48:70:11:81:
dc:4c:40:67
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYoXxVwaRBcelvpvq6Kb403IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIxMTEwNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjczZjM2MTljNjZlMjJiMmQ1OTc3NTVmOTNhZDA0NjlhMDQ5OTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWbTAhlpU4Uzgj2cNwWrtWM38aR/
4l3zI8WIgQJGp6yXAFB+JIit5K2FAF9M0RxqGge7sPWH140yFYRBbMCFxAMNQhbN
qb0GSYhLZvZCSLrAlOBzxwC/kbd0bpTT3zLFBIP2ak3obtukPumL17GCul1v5IXz
j275tGua+YR7moURJt4Dk5jDOKafxNWqcgdzivSecCZwIS/Z9mdEASTIH9uJd7Xd
5v6ImlsiQQWIENloCQbSaYjhjs74ZH1FgRsrFNnGoV2D2z7mqstmM9tcPV6N1ME4
B7HdYxgiGaoj4OntVh7aCPIreQg+x2/I7NF8m/69JhsSvFLZeNOivXl7XwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAZz82GcZuIrLVl3Vfk60EaaBJkaMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQm5QellaeG00aXN0V1hkVi1UclFScG9FbVJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFXH+sJ2KWEpEpSSDgu2
7G3YfTo9POzcrz1Bhrw8HAtff1mdQQJ5R0ai0aToEoHrMq6KKx1XmXOrif3ZVS3U
FGr8ozuFZ9OqW7TQNJHF5zGHmFONDnU484l7AoSouM30Nq4coTT/xNpMpdpDluLH
pjwRbe94sk5xvMpl78kB+GTPoZ0LMR3yPWYRN0gkPxpxKsuTtI5uq1olZ1wQfDSJ
EYk8r8NscXlYqLMUht+PM13ossCVJQH5uQ/aNvoHtsEtWW0ErgFIC5Dt7Olv6Fox
/o2U/nOJuj/w97p4AEba6bYcc7bIVOtrK0dquhRxH1rbOhZHfzjwxXCwSHARgdxM
QGc=
-----END CERTIFICATE-----
Generated at Tue May 6 00:18:23 2025 by rpki-client