Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BzE2ZBs2p0S-zCmAR635lELnnuI.roa
File: BzE2ZBs2p0S-zCmAR635lELnnuI.roa (raw, json)
Hash identifier: AD8vC1Gtdr3jAL/A5Rv3d0D8jCLPEVUu/5TMLEcfrKg=
Subject key identifier: 07:31:36:64:1B:36:A7:44:BE:CC:29:80:47:AD:F9:94:42:E7:9E:E2
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185DDACF4222FFD7F910D32FDBFF6273107
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BzE2ZBs2p0S-zCmAR635lELnnuI.roa
Signing time: Mon 23 Jan 2023 08:09:37 +0000
ROA not before: Mon 23 Jan 2023 08:09:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:dd:ac:f4:22:2f:fd:7f:91:0d:32:fd:bf:f6:27:31:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 23 08:09:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=073136641b36a744becc298047adf99442e79ee2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a7:fb:85:13:02:9f:81:0f:da:37:95:18:e4:
44:1c:2c:2e:fe:20:2d:73:ad:c4:c6:3e:74:a6:7a:
ea:82:8f:3e:b5:3f:05:22:aa:0f:83:54:5b:7a:a9:
f9:6e:fb:f2:26:36:58:f1:0f:83:04:c7:85:86:51:
dd:3f:14:cf:f9:ec:e6:6e:41:3b:6e:60:e8:c5:df:
46:15:b3:93:f5:83:70:b9:6d:90:56:1d:eb:04:96:
23:45:58:77:64:d9:93:ff:a9:0c:ac:5f:da:79:89:
8d:a6:2f:5c:5d:e0:6e:c3:aa:e3:80:a8:4e:59:93:
2d:96:01:b2:f9:c3:d0:27:c3:9f:00:67:84:01:93:
d4:b7:06:95:fa:95:ad:d7:ff:57:fb:11:71:24:1e:
d0:27:3a:ca:cf:1e:2c:7e:b8:9a:f1:87:77:4d:ae:
70:96:fd:df:7a:05:76:67:16:61:03:6b:2f:c5:fa:
93:64:f1:fc:dc:46:a2:1b:20:1f:bd:8d:1e:71:db:
ae:81:af:82:3f:34:52:9e:65:3b:2c:14:04:b0:d2:
b1:50:5c:d1:3a:98:f8:ae:b6:4f:b8:33:c6:73:5e:
a7:6c:db:35:ce:07:bd:10:e7:ff:5b:fb:fb:9b:1e:
b5:66:7a:1c:8c:59:b6:54:04:e5:ce:2a:56:38:6e:
bd:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:31:36:64:1B:36:A7:44:BE:CC:29:80:47:AD:F9:94:42:E7:9E:E2
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BzE2ZBs2p0S-zCmAR635lELnnuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a0:f1:3b:c2:db:ca:24:f5:0b:cc:0e:5f:e4:ad:cf:88:7d:64:
bd:fd:ee:28:31:42:b8:c5:ba:b3:6b:77:db:81:d1:fa:60:bb:
f5:52:d2:3b:a8:d2:0c:e0:e9:53:0a:30:a3:ce:fe:7b:b1:80:
da:3b:0c:07:80:b7:25:98:87:43:f5:d7:28:5c:52:2e:40:0c:
de:ca:e4:11:f3:ee:fc:d6:b2:ae:9c:c7:63:22:5f:31:b1:be:
3c:cc:d4:cd:0e:c8:47:41:d7:1e:59:2f:67:e4:d0:45:88:d4:
c6:67:a5:ba:86:02:e6:70:3c:fd:79:63:7c:d4:9f:26:91:76:
e1:09:ad:ff:7c:ce:32:56:2d:ca:c7:51:4e:2f:66:46:24:f4:
ca:3c:3d:d4:43:81:e3:6e:bd:fa:18:b9:50:71:74:84:92:90:
97:1d:dd:8f:b6:fa:c6:b0:67:c2:5a:a5:a6:a3:46:f3:02:ed:
ff:e4:ba:d3:6b:3f:d9:fe:29:25:1d:46:d1:74:f5:5e:c2:23:
fd:30:2e:91:db:9f:80:52:0c:76:d6:b4:b4:b3:35:f4:8e:f4:
ce:5d:f6:80:2f:e4:89:ce:bc:a4:df:04:9f:13:39:89:2c:31:
e1:a8:72:6e:45:9d:45:34:b1:80:a7:76:eb:a1:e0:7c:8d:53:
cd:51:3f:48
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXdrPQiL/1/kQ0y/b/2JzEHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTIzMDgwOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzMxMzY2NDFiMzZhNzQ0YmVjYzI5ODA0N2FkZjk5NDQyZTc5ZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKf7hRMCn4EP2jeVGOREHCwu/iAt
c63Exj50pnrqgo8+tT8FIqoPg1Rbeqn5bvvyJjZY8Q+DBMeFhlHdPxTP+ezmbkE7
bmDoxd9GFbOT9YNwuW2QVh3rBJYjRVh3ZNmT/6kMrF/aeYmNpi9cXeBuw6rjgKhO
WZMtlgGy+cPQJ8OfAGeEAZPUtwaV+pWt1/9X+xFxJB7QJzrKzx4sfria8Yd3Ta5w
lv3fegV2ZxZhA2svxfqTZPH83EaiGyAfvY0ecduuga+CPzRSnmU7LBQEsNKxUFzR
Opj4rrZPuDPGc16nbNs1zge9EOf/W/v7mx61ZnocjFm2VATlzipWOG69dQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAcxNmQbNqdEvswpgEet+ZRC557iMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQnpFMlpCczJwMFMtekNtQVI2MzVsRUxubnVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKDxO8LbyiT1C8wOX+St
z4h9ZL397igxQrjFurNrd9uB0fpgu/VS0juo0gzg6VMKMKPO/nuxgNo7DAeAtyWY
h0P11yhcUi5ADN7K5BHz7vzWsq6cx2MiXzGxvjzM1M0OyEdB1x5ZL2fk0EWI1MZn
pbqGAuZwPP15Y3zUnyaRduEJrf98zjJWLcrHUU4vZkYk9Mo8PdRDgeNuvfoYuVBx
dISSkJcd3Y+2+sawZ8JapaajRvMC7f/kutNrP9n+KSUdRtF09V7CI/0wLpHbn4BS
DHbWtLSzNfSO9M5d9oAv5InOvKTfBJ8TOYksMeGocm5FnUU0sYCnduuh4HyNU81R
P0g=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:23:52 2025 by rpki-client