Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bJDkmXjThifSjMgpZWxTUty1Rnk.roa
File: bJDkmXjThifSjMgpZWxTUty1Rnk.roa (raw, json)
Hash identifier: acBbmnjka0He6TyS8B2y+DOHpFwlKjaQBgwFBWGZySo=
Subject key identifier: 6C:90:E4:99:78:D3:86:27:D2:8C:C8:29:65:6C:53:52:DC:B5:46:79
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 86E4608F
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bJDkmXjThifSjMgpZWxTUty1Rnk.roa
Signing time: Tue 24 May 2022 17:10:13 +0000
ROA not before: Tue 24 May 2022 17:10:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:180:a810:6542/128 maxlen: 128
2001:67c:64:ffff:0:180:ddb5:bc5/128 maxlen: 128
2001:67c:64:ffff:0:180:466e:42dd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:180:e0ec:efe1/128 maxlen: 128
2001:67c:64:ffff:0:180:8961:505f/128 maxlen: 128
2001:67c:64:ffff:0:180:457:1e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2263113871 (0x86e4608f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 24 17:10:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c90e49978d38627d28cc829656c5352dcb54679
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:01:c0:7c:64:21:ed:3c:0f:8e:99:31:8b:0f:
e8:a6:00:db:a0:06:ee:f5:80:96:f5:0f:56:cc:95:
32:0a:d2:f8:14:2b:2e:ce:86:fb:82:a6:34:d4:74:
cb:9e:ad:63:2c:cc:ad:d5:c7:df:4b:47:88:c6:f5:
40:04:1d:e5:50:74:08:3d:98:c7:4b:bf:8f:23:24:
55:85:ed:d5:fa:89:7a:82:5e:cd:39:21:6e:cc:12:
f3:ce:db:2c:cc:1b:63:10:3d:1e:62:fa:60:ce:33:
e6:0c:11:52:f3:c4:f2:25:d2:8e:54:8b:5c:aa:40:
c8:e0:be:84:5b:ae:9a:fb:9a:71:f2:09:a2:a7:42:
6a:57:0b:65:0e:d5:18:db:04:b9:52:a4:b8:a8:17:
72:ca:df:1c:60:05:be:e7:14:89:0c:c2:b8:63:2d:
77:3a:3e:04:26:28:cb:26:8b:50:c0:dc:1b:13:fb:
ee:0f:ad:7f:a0:9a:52:e0:d5:a9:9a:f1:ab:27:44:
b9:08:8c:ef:7f:42:f9:7b:dd:5e:25:6b:94:b5:88:
f0:11:40:8f:ab:3a:b3:fd:89:b4:d0:11:60:98:9b:
e7:cb:f8:f6:fb:fe:95:45:4e:34:e6:9c:3b:65:9e:
3e:6f:5c:96:e8:16:04:bc:7e:6e:41:0a:95:3a:f8:
0c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:90:E4:99:78:D3:86:27:D2:8C:C8:29:65:6C:53:52:DC:B5:46:79
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bJDkmXjThifSjMgpZWxTUty1Rnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
67:c2:84:3e:d2:3d:01:43:13:d8:6f:00:47:91:f4:28:3b:d7:
83:28:98:e0:9f:77:1c:1e:c4:74:e5:ca:b1:d0:47:62:30:e3:
2b:6f:d3:96:2c:8b:51:bc:99:18:2c:62:b0:e0:a9:9b:56:8f:
f4:61:04:9e:64:a4:23:58:45:3f:d1:37:3f:6c:12:73:d0:c1:
05:45:81:2b:1c:b4:b8:3b:ce:c7:a7:f5:a6:79:35:19:90:3e:
e7:0d:30:25:c8:21:a3:ec:3e:4d:2f:f0:05:df:eb:ba:8f:72:
b5:50:67:5a:c9:c3:70:6e:79:92:1d:f4:79:51:b2:fe:d7:72:
28:35:b6:6f:7a:f4:91:42:b0:61:47:c0:49:65:29:35:1c:1b:
fd:67:d6:ef:ce:6a:45:e5:4f:ad:c0:96:7c:f9:67:5d:e7:db:
99:80:c2:cd:9c:76:25:dd:0f:81:07:2b:e6:54:30:c8:ed:e0:
4a:55:9a:8a:40:68:b4:0e:01:51:67:b2:36:00:40:c8:4f:12:
0b:4a:2d:91:69:d5:56:81:ba:68:1d:3c:33:63:65:4c:78:1d:
ad:bb:e5:45:55:b7:40:d0:69:af:78:a2:aa:a1:12:62:75:94:
cc:f2:6a:d5:5a:ef:73:3f:4b:e8:b0:d8:2f:6d:c1:ac:bb:90:
4d:f4:40:8e
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIFAIbkYI8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMo
NzIwNDdiZTE1YjI3NTkwMmRjZjYxN2RjM2QwZTE2ZGMxZjMwODAyMjAeFw0yMjA1
MjQxNzEwMTNaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDZjOTBlNDk5Nzhk
Mzg2MjdkMjhjYzgyOTY1NmM1MzUyZGNiNTQ2NzkwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCUAcB8ZCHtPA+OmTGLD+imANugBu71gJb1D1bMlTIK0vgU
Ky7OhvuCpjTUdMuerWMszK3Vx99LR4jG9UAEHeVQdAg9mMdLv48jJFWF7dX6iXqC
Xs05IW7MEvPO2yzMG2MQPR5i+mDOM+YMEVLzxPIl0o5Ui1yqQMjgvoRbrpr7mnHy
CaKnQmpXC2UO1RjbBLlSpLioF3LK3xxgBb7nFIkMwrhjLXc6PgQmKMsmi1DA3BsT
++4PrX+gmlLg1ama8asnRLkIjO9/Qvl73V4la5S1iPARQI+rOrP9ibTQEWCYm+fL
+Pb7/pVFTjTmnDtlnj5vXJboFgS8fm5BCpU6+AzpAgMBAAGjggIaMIICFjAdBgNV
HQ4EFgQUbJDkmXjThifSjMgpZWxTUty1RnkwHwYDVR0jBBgwFoAUcgR74VsnWQLc
9hfcPQ4W3B8wgCIwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVM
VC9jZ1I3NFZzbldRTGM5aGZjUFE0VzNCOHdnQ0kuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzVlLzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYv
MS9iSkRrbVhqVGhpZlNqTWdwWld4VFV0eTFSbmsucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzVl
Lzc5ODQ0Ny0yMWY0LTQ1YWItOTlkYy0xYWJlM2FjMTBhYTYvMS9jZ1I3NFZzbldR
TGM5aGZjUFE0VzNCOHdnQ0kuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
MAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAPBABgwDwQCAAIwCQMHACABBnwA
ZDANBgkqhkiG9w0BAQsFAAOCAQEAZ8KEPtI9AUMT2G8AR5H0KDvXgyiY4J93HB7E
dOXKsdBHYjDjK2/TliyLUbyZGCxisOCpm1aP9GEEnmSkI1hFP9E3P2wSc9DBBUWB
Kxy0uDvOx6f1pnk1GZA+5w0wJcgho+w+TS/wBd/ruo9ytVBnWsnDcG55kh30eVGy
/tdyKDW2b3r0kUKwYUfASWUpNRwb/WfW785qReVPrcCWfPlnXefbmYDCzZx2Jd0P
gQcr5lQwyO3gSlWaikBotA4BUWeyNgBAyE8SC0otkWnVVoG6aB08M2NlTHgdrbvl
RVW3QNBpr3iiqqESYnWUzPJq1Vrvcz9L6LDYL23BrLuQTfRAjg==
-----END CERTIFICATE-----
Generated at Fri May 2 07:45:18 2025 by rpki-client