Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bC28LXM2mrALK-euAKXIFmoiV7g.roa
File: bC28LXM2mrALK-euAKXIFmoiV7g.roa (raw, json)
Hash identifier: fNrb4eC9YnLw53FFZtblGL2XGy+46ljiq6SFdV7usAc=
Subject key identifier: 6C:2D:BC:2D:73:36:9A:B0:0B:2B:E7:AE:00:A5:C8:16:6A:22:57:B8
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01830D90C8911C704441F59808382C1C3F08
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bC28LXM2mrALK-euAKXIFmoiV7g.roa
Signing time: Mon 05 Sep 2022 12:12:15 +0000
ROA not before: Mon 05 Sep 2022 12:12:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0d:90:c8:91:1c:70:44:41:f5:98:08:38:2c:1c:3f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 5 12:12:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c2dbc2d73369ab00b2be7ae00a5c8166a2257b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:bb:80:ad:ec:97:98:c7:4e:7e:c2:17:37:50:
a0:fa:ea:8a:61:ed:08:ff:b0:ad:ef:a2:ae:31:28:
f7:5e:71:f4:44:8a:29:55:98:96:64:1b:2e:7e:7e:
24:92:6c:c8:18:14:b1:96:f2:7c:40:61:41:06:c9:
3d:2f:95:07:68:20:4a:c1:e0:f1:64:e4:0c:d3:ad:
f2:e7:36:40:c9:50:a5:cb:5a:a5:43:18:52:c3:78:
40:bc:a1:49:86:0f:16:3e:81:89:e3:b0:7f:d7:fc:
89:ac:df:7e:3b:c2:99:49:e5:bd:0d:f8:b4:14:11:
2a:85:ea:aa:0b:c8:ef:a5:e5:94:1e:27:73:74:c9:
b9:a6:6c:c7:e6:d0:d2:5b:c8:6f:0c:c5:66:59:34:
84:3f:8c:f3:25:af:30:bf:4f:9c:20:9a:b8:53:12:
57:fb:e4:ed:0a:8d:cd:b9:18:bd:5f:60:11:d1:da:
3d:3b:fb:d3:b9:09:c4:31:e6:8d:31:8a:a2:21:c6:
95:c0:5c:b3:b1:31:49:73:5d:06:a5:d8:e6:26:c3:
62:af:98:8a:91:3e:f2:39:35:76:32:53:36:4b:38:
e4:d9:e0:8b:98:d5:1c:ee:de:81:17:54:9f:74:f7:
6c:40:a0:23:63:58:71:b9:23:e2:c3:e5:ef:8c:1d:
de:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:2D:BC:2D:73:36:9A:B0:0B:2B:E7:AE:00:A5:C8:16:6A:22:57:B8
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bC28LXM2mrALK-euAKXIFmoiV7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1f:ac:f4:ad:c3:11:50:9a:ce:01:f8:08:f5:8c:dc:55:c0:0b:
7a:66:70:14:3d:aa:b0:1f:2e:c6:0d:3f:69:35:02:1a:ca:8c:
0a:8f:cf:5a:b8:08:05:9d:da:6f:8b:b5:42:f6:44:86:d1:fa:
62:67:4a:fa:0f:1f:31:6d:0b:2f:89:0c:45:dc:1a:e7:d0:d3:
8d:38:ce:76:b4:8f:b8:0d:0b:1a:27:58:0a:af:34:68:8d:eb:
04:ef:ee:ec:d1:76:a0:fe:99:2b:6f:27:6c:6e:77:6e:66:3b:
d2:db:7d:4e:c9:ee:6a:4a:0d:ee:aa:8b:12:d3:35:d4:3a:dd:
3d:2e:10:38:64:83:77:c4:74:84:4c:bc:95:bf:d0:cb:72:6b:
df:8a:ca:24:36:1a:82:7d:e9:35:dc:3c:77:72:0e:71:cf:ce:
70:45:dd:b1:79:0a:41:e1:3d:fd:f5:2b:d1:a1:6a:06:1a:75:
69:f2:75:21:3c:ca:3d:2c:a6:70:3e:79:a1:84:03:77:e3:cc:
27:5a:fc:11:69:79:86:68:b3:ce:77:b6:79:20:dd:94:30:b0:
d7:37:bc:b7:35:6f:b0:eb:29:65:70:d3:1c:f9:4b:06:ad:16:
8c:dc:fe:3c:ec:23:05:b6:b7:59:94:27:66:08:57:ad:b6:6c:
d1:5c:d8:a7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMNkMiRHHBEQfWYCDgsHD8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTA1MTIxMjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzJkYmMyZDczMzY5YWIwMGIyYmU3YWUwMGE1YzgxNjZhMjI1N2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnruAreyXmMdOfsIXN1Cg+uqKYe0I
/7Ct76KuMSj3XnH0RIopVZiWZBsufn4kkmzIGBSxlvJ8QGFBBsk9L5UHaCBKweDx
ZOQM063y5zZAyVCly1qlQxhSw3hAvKFJhg8WPoGJ47B/1/yJrN9+O8KZSeW9Dfi0
FBEqheqqC8jvpeWUHidzdMm5pmzH5tDSW8hvDMVmWTSEP4zzJa8wv0+cIJq4UxJX
++TtCo3NuRi9X2AR0do9O/vTuQnEMeaNMYqiIcaVwFyzsTFJc10GpdjmJsNir5iK
kT7yOTV2MlM2Szjk2eCLmNUc7t6BF1SfdPdsQKAjY1hxuSPiw+XvjB3eeQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGwtvC1zNpqwCyvnrgClyBZqIle4MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYkMyOExYTTJtckFMSy1ldUFLWElGbW9pVjdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB+s9K3DEVCazgH4CPWM
3FXAC3pmcBQ9qrAfLsYNP2k1AhrKjAqPz1q4CAWd2m+LtUL2RIbR+mJnSvoPHzFt
Cy+JDEXcGufQ0404zna0j7gNCxonWAqvNGiN6wTv7uzRdqD+mStvJ2xud25mO9Lb
fU7J7mpKDe6qixLTNdQ63T0uEDhkg3fEdIRMvJW/0Mtya9+KyiQ2GoJ96TXcPHdy
DnHPznBF3bF5CkHhPf31K9GhagYadWnydSE8yj0spnA+eaGEA3fjzCda/BFpeYZo
s853tnkg3ZQwsNc3vLc1b7DrKWVw0xz5SwatFozc/jzsIwW2t1mUJ2YIV622bNFc
2Kc=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:44:09 2025 by rpki-client