Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BxgaYIOxBNJdYKcmYRr7w_m8ve0.roa
File: BxgaYIOxBNJdYKcmYRr7w_m8ve0.roa (raw, json)
Hash identifier: ovwE4gCVy/F/QrZoyoympx9XrafeARGv5QGcEHBgxFs=
Subject key identifier: 07:18:1A:60:83:B1:04:D2:5D:60:A7:26:61:1A:FB:C3:F9:BC:BD:ED
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018983EC9365EB0CADD6C5BAD976AF06DDAF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BxgaYIOxBNJdYKcmYRr7w_m8ve0.roa
Signing time: Sun 23 Jul 2023 18:04:26 +0000
ROA not before: Sun 23 Jul 2023 18:04:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:188:5fe2:b396/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:189:83ec:58a1/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:83:ec:93:65:eb:0c:ad:d6:c5:ba:d9:76:af:06:dd:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 23 18:04:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=07181a6083b104d25d60a726611afbc3f9bcbded
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:dd:9a:58:64:c7:82:a7:0a:ca:f0:59:ed:d3:
14:4a:ba:88:fe:1e:fa:97:f3:35:4d:64:cc:28:de:
e6:3f:b4:7b:8e:d3:f5:fd:4b:82:64:1c:72:64:bc:
f5:db:26:14:ba:38:b0:aa:d0:a9:24:4b:e9:30:37:
51:80:86:56:d0:46:70:15:76:5d:16:d0:71:50:8f:
fe:50:45:6d:6a:82:79:30:5f:21:6e:be:59:1b:6f:
29:60:be:93:34:7b:91:c5:af:15:d0:cc:f9:62:13:
28:ef:b3:3b:b8:b7:71:ee:5f:72:ee:c3:4c:03:ab:
7d:2d:47:52:96:01:2f:f7:d2:9d:de:fe:6a:3c:df:
4b:de:ed:9f:05:b7:72:08:99:b3:97:90:e6:41:ef:
05:21:32:ea:a6:73:45:5f:75:b3:7d:0b:88:b4:e4:
6e:6d:5c:af:cc:2b:bc:f8:e3:01:b6:2f:13:9c:ed:
07:8d:f0:6c:e5:b0:8e:fc:1f:0d:b8:32:57:ed:bd:
27:b2:c9:27:85:6f:41:2a:38:a4:d1:27:e1:ff:08:
2a:5d:8e:c2:13:4f:2b:af:61:ad:ef:e7:5c:52:3f:
35:8f:b4:73:bc:a1:9f:f8:ac:d4:8b:89:f4:fe:1e:
08:77:ad:0f:f0:00:ae:e1:33:79:cb:eb:72:c4:bf:
75:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:18:1A:60:83:B1:04:D2:5D:60:A7:26:61:1A:FB:C3:F9:BC:BD:ED
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BxgaYIOxBNJdYKcmYRr7w_m8ve0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
65:46:16:ce:dc:52:8e:0c:c3:25:9b:b3:ec:02:86:f2:b0:bf:
75:50:0b:ff:9f:6b:de:98:73:d0:19:ff:0a:d6:7f:88:7c:4a:
2f:d8:d3:a4:c9:5c:fc:36:ab:d0:11:cd:34:28:41:6f:7b:c2:
e2:1a:40:b2:47:f7:03:3f:d9:30:c6:0f:04:ab:15:dd:e0:a9:
3b:fa:ce:27:d1:1e:ec:8a:86:f4:d5:72:91:55:30:99:7b:91:
42:1b:97:00:c4:7b:66:f7:9a:9b:5b:2e:fc:fa:98:74:cf:67:
55:75:0a:3d:8a:b7:40:50:e6:c5:f2:24:28:fa:fd:08:5a:aa:
2d:29:8d:59:69:64:bf:72:b0:47:af:69:7c:ad:d1:76:c5:ad:
df:e8:c9:72:3f:ea:73:29:fd:48:38:ef:76:85:f3:c9:4b:21:
a4:98:81:f0:7a:0e:8f:01:e5:24:8c:26:53:f0:97:32:4b:6d:
cc:8e:7a:6e:ec:85:30:e2:1b:57:38:d1:f2:91:19:88:9f:b5:
fe:e6:51:ef:27:b4:f6:45:69:2e:20:b7:f1:73:e9:a4:eb:30:
c3:37:79:04:6c:da:81:20:c1:07:d2:f9:79:54:bd:f2:16:b8:
26:d7:52:b1:0e:00:33:2e:18:e6:55:66:5d:da:5f:f5:dd:68:
2a:54:8f:67
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmD7JNl6wyt1sW62XavBt2vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzIzMTgwNDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzE4MWE2MDgzYjEwNGQyNWQ2MGE3MjY2MTFhZmJjM2Y5YmNiZGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiN2aWGTHgqcKyvBZ7dMUSrqI/h76
l/M1TWTMKN7mP7R7jtP1/UuCZBxyZLz12yYUujiwqtCpJEvpMDdRgIZW0EZwFXZd
FtBxUI/+UEVtaoJ5MF8hbr5ZG28pYL6TNHuRxa8V0Mz5YhMo77M7uLdx7l9y7sNM
A6t9LUdSlgEv99Kd3v5qPN9L3u2fBbdyCJmzl5DmQe8FITLqpnNFX3WzfQuItORu
bVyvzCu8+OMBti8TnO0HjfBs5bCO/B8NuDJX7b0nssknhW9BKjik0Sfh/wgqXY7C
E08rr2Gt7+dcUj81j7RzvKGf+KzUi4n0/h4Id60P8ACu4TN5y+tyxL91vQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAcYGmCDsQTSXWCnJmEa+8P5vL3tMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQnhnYVlJT3hCTkpkWUtjbVlScjd3X204dmUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGVGFs7cUo4MwyWbs+wC
hvKwv3VQC/+fa96Yc9AZ/wrWf4h8Si/Y06TJXPw2q9ARzTQoQW97wuIaQLJH9wM/
2TDGDwSrFd3gqTv6zifRHuyKhvTVcpFVMJl7kUIblwDEe2b3mptbLvz6mHTPZ1V1
Cj2Kt0BQ5sXyJCj6/Qhaqi0pjVlpZL9ysEevaXyt0XbFrd/oyXI/6nMp/Ug473aF
88lLIaSYgfB6Do8B5SSMJlPwlzJLbcyOem7shTDiG1c40fKRGYiftf7mUe8ntPZF
aS4gt/Fz6aTrMMM3eQRs2oEgwQfS+XlUvfIWuCbXUrEOADMuGOZVZl3aX/XdaCpU
j2c=
-----END CERTIFICATE-----
Generated at Fri May 2 22:43:52 2025 by rpki-client