Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bVCZyMKavsw7JoweZOaFOI7KJQE.roa
File: bVCZyMKavsw7JoweZOaFOI7KJQE.roa (raw, json)
Hash identifier: l8VwH2iRMy27i6fCaPjYZLWIn713s+4+Zk1gIYcs3uQ=
Subject key identifier: 6D:50:99:C8:C2:9A:BE:CC:3B:26:8C:1E:64:E6:85:38:8E:CA:25:01
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0183F1088AE8F9D1F56BA5EAA2FE8004EE67
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bVCZyMKavsw7JoweZOaFOI7KJQE.roa
Signing time: Wed 19 Oct 2022 16:16:52 +0000
ROA not before: Wed 19 Oct 2022 16:16:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f1:08:8a:e8:f9:d1:f5:6b:a5:ea:a2:fe:80:04:ee:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Oct 19 16:16:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d5099c8c29abecc3b268c1e64e685388eca2501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0e:9a:17:35:d3:c4:9f:fe:67:21:cd:e9:77:
28:d8:ec:95:6f:9c:13:18:97:9c:77:17:57:25:e6:
cb:6f:55:97:75:0a:38:a9:36:c3:f7:70:e6:6e:14:
0b:04:15:26:41:92:a2:4b:fb:1c:ea:61:d6:b9:72:
0b:d5:b5:a3:2f:0c:c5:ab:1c:0b:3d:c4:70:18:4d:
fb:fb:1e:5c:e8:65:40:1c:65:d8:fe:3a:f2:b7:3d:
76:0a:e0:30:5c:d5:f8:5a:51:0b:36:6d:17:4e:71:
d4:28:a6:b1:29:8f:ab:00:46:77:dd:d9:ef:42:6f:
cb:f0:27:12:46:a7:5f:8f:44:75:c3:6f:bc:9f:9e:
53:16:1d:ba:6d:3b:bc:64:a0:fb:95:ff:3f:92:ad:
14:c4:8b:19:43:f9:5b:22:f0:1e:84:b6:fc:a9:89:
ab:07:83:7e:bb:c0:18:5b:55:57:e7:0d:e4:95:66:
d0:bd:5a:37:72:90:75:ab:d8:51:72:ad:e8:5b:e7:
9c:bc:52:ff:3b:e8:16:2d:d3:e6:a0:6a:f4:49:62:
d4:18:1e:42:0e:ee:b1:73:44:64:fa:aa:bd:4f:20:
98:c3:f9:3c:f1:da:53:f3:7b:8d:1d:a5:7a:a3:21:
fb:28:9a:f8:40:f7:ab:42:20:59:af:51:5e:ad:a8:
a6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:50:99:C8:C2:9A:BE:CC:3B:26:8C:1E:64:E6:85:38:8E:CA:25:01
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bVCZyMKavsw7JoweZOaFOI7KJQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
21:88:8d:43:74:eb:e8:0e:1f:7b:75:70:37:d9:b5:08:68:48:
e1:0b:66:ab:a6:37:d4:8b:73:0b:3b:6e:ae:aa:a9:d9:2c:ca:
ec:e9:1a:77:39:92:9c:79:24:84:4a:d6:6e:30:4f:a0:b5:c6:
45:b5:6c:47:bf:e7:c6:16:0f:f4:27:9d:9a:10:dc:35:c4:b4:
76:01:af:d6:bf:01:8f:2b:85:e7:af:42:62:a6:3f:a2:6c:84:
6c:08:ad:5b:80:f4:f3:a5:b5:2e:af:54:1f:3c:9d:08:e6:f0:
36:e4:0e:c4:f7:fe:5f:da:a7:64:6f:4b:d0:2f:cc:45:34:13:
6b:7c:06:c4:e3:b3:d5:d0:65:cc:10:ad:a1:1a:c4:cc:7c:67:
3d:81:d7:cd:45:94:de:8a:c2:d6:cd:e9:64:da:ec:22:df:d9:
41:99:87:f8:61:62:ef:af:08:fc:17:3a:6d:da:04:8d:7c:a5:
24:f3:6c:ef:89:fe:d3:47:6d:05:20:77:c7:42:a3:f2:cb:10:
3c:9e:1a:dc:e3:34:b8:be:62:b8:29:7b:59:9c:58:35:4f:d0:
02:c9:df:83:0e:e1:db:fe:e5:6e:2c:46:05:ac:83:e1:b2:fd:
00:23:0d:a1:42:d4:8c:78:bd:01:58:75:7e:78:0d:2f:ce:99:
81:b6:d4:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYPxCIro+dH1a6Xqov6ABO5nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMDE5MTYxNjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDUwOTljOGMyOWFiZWNjM2IyNjhjMWU2NGU2ODUzODhlY2EyNTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvw6aFzXTxJ/+ZyHN6Xco2OyVb5wT
GJecdxdXJebLb1WXdQo4qTbD93DmbhQLBBUmQZKiS/sc6mHWuXIL1bWjLwzFqxwL
PcRwGE37+x5c6GVAHGXY/jrytz12CuAwXNX4WlELNm0XTnHUKKaxKY+rAEZ33dnv
Qm/L8CcSRqdfj0R1w2+8n55TFh26bTu8ZKD7lf8/kq0UxIsZQ/lbIvAehLb8qYmr
B4N+u8AYW1VX5w3klWbQvVo3cpB1q9hRcq3oW+ecvFL/O+gWLdPmoGr0SWLUGB5C
Du6xc0Rk+qq9TyCYw/k88dpT83uNHaV6oyH7KJr4QPerQiBZr1Feraim0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG1QmcjCmr7MOyaMHmTmhTiOyiUBMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYlZDWnlNS2F2c3c3Sm93ZVpPYUZPSTdLSlFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACGIjUN06+gOH3t1cDfZ
tQhoSOELZqumN9SLcws7bq6qqdksyuzpGnc5kpx5JIRK1m4wT6C1xkW1bEe/58YW
D/QnnZoQ3DXEtHYBr9a/AY8rheevQmKmP6JshGwIrVuA9POltS6vVB88nQjm8Dbk
DsT3/l/ap2RvS9AvzEU0E2t8BsTjs9XQZcwQraEaxMx8Zz2B181FlN6KwtbN6WTa
7CLf2UGZh/hhYu+vCPwXOm3aBI18pSTzbO+J/tNHbQUgd8dCo/LLEDyeGtzjNLi+
Yrgpe1mcWDVP0ALJ34MO4dv+5W4sRgWsg+Gy/QAjDaFC1Ix4vQFYdX54DS/OmYG2
1Fg=
-----END CERTIFICATE-----
Generated at Thu May 1 00:08:31 2025 by rpki-client