Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bXaBnXvEb449JzGTOlqjO7i_B3I.roa
File: bXaBnXvEb449JzGTOlqjO7i_B3I.roa (raw, json)
Hash identifier: Gs57U8c9ds+W9OHlLQQFeYmsBakzNPqLiJ8BIARJutM=
Subject key identifier: 6D:76:81:9D:7B:C4:6F:8E:3D:27:31:93:3A:5A:A3:3B:B8:BF:07:72
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 76218B4C
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bXaBnXvEb449JzGTOlqjO7i_B3I.roa
Signing time: Sun 27 Mar 2022 11:09:52 +0000
ROA not before: Sun 27 Mar 2022 11:09:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:17f:1bf4:40b5/128 maxlen: 128
2001:67c:64:ffff:0:17f:20ac:a2bd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:17f:87e3:2531/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1981909836 (0x76218b4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Mar 27 11:09:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d76819d7bc46f8e3d2731933a5aa33bb8bf0772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7a:63:d2:25:ed:34:7f:d2:8c:84:0c:ea:f3:
c3:93:a5:07:70:d2:8f:2b:15:09:cd:ee:bd:ea:f6:
21:d1:f7:db:8a:6a:99:86:67:1b:a5:5d:e3:94:50:
0f:be:88:bd:01:76:f1:71:4a:0c:9c:57:bb:10:6f:
65:96:04:14:ad:75:e0:56:b8:8d:ae:4a:44:41:c9:
26:c6:de:e6:6c:ac:7c:4c:b4:77:fa:1a:17:d7:39:
cc:93:e1:c4:c1:13:76:d1:d5:6c:a7:05:a5:eb:f9:
56:02:20:81:de:67:ad:8b:52:7b:9b:89:6d:a7:65:
99:32:93:aa:50:e0:56:84:1f:ea:27:c7:82:ab:4f:
cb:df:f6:ab:72:7d:16:0a:6f:a1:cb:44:df:9a:df:
41:e9:0b:bf:5c:60:14:89:0b:82:90:8b:62:34:b5:
d9:14:ed:54:cb:1a:4e:6e:28:d1:ae:61:2f:07:e0:
36:08:f1:4b:c1:14:12:8e:a1:66:ac:ef:3a:6b:20:
33:ca:db:a7:6f:ea:d4:6a:82:9e:cf:09:3c:6f:27:
47:de:a2:1d:4f:eb:5a:fe:66:3b:ea:13:f7:9d:75:
79:16:33:ab:85:68:bc:8e:27:c1:01:9c:3b:ac:37:
64:d9:d2:78:5f:c3:3e:79:5b:b0:3f:8b:99:66:09:
6e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:76:81:9D:7B:C4:6F:8E:3D:27:31:93:3A:5A:A3:3B:B8:BF:07:72
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bXaBnXvEb449JzGTOlqjO7i_B3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4f:81:56:db:82:01:15:9e:3b:6d:76:8e:fa:cc:5f:b7:c4:de:
61:b7:87:0f:b1:e8:08:cf:2c:b9:ac:2d:28:0f:6b:97:bb:24:
72:c0:aa:44:dd:b6:cd:1d:03:f6:27:76:98:26:8a:e6:4e:a5:
aa:0c:0c:b9:4a:25:28:2c:bb:85:a0:f0:78:e6:8c:1b:96:e0:
b8:51:49:02:06:a2:17:03:2a:dc:98:41:e1:24:cb:85:93:4a:
4a:ef:de:9b:0f:a2:22:19:60:cb:03:65:f9:89:4a:49:5d:78:
c0:a8:9e:fe:d0:a0:d5:5d:c4:e5:b8:c7:f3:ba:d8:a0:74:ef:
92:fc:3d:b6:b6:f9:b5:d4:6a:82:af:3b:6d:0f:6d:ee:dd:c7:
e8:b7:48:85:7d:a5:af:00:66:e3:34:02:76:72:e5:40:71:00:
a1:ff:64:5b:69:21:bc:87:a6:20:77:31:d7:ba:cd:fe:09:d0:
8b:34:44:e4:4a:b1:bd:59:89:cf:d9:90:4e:16:78:50:ba:5e:
65:2f:b9:fe:43:10:2b:bc:98:77:12:dd:77:75:ea:b2:97:5f:
06:0e:c9:74:3e:a5:87:d4:bd:9c:f7:e9:ca:7a:09:8f:97:87:
73:03:13:97:6a:90:a4:57:d0:9c:ed:8b:d3:14:c0:f1:0d:a7:
d5:78:3a:01
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEdiGLTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA0N2JlMTViMjc1OTAyZGNmNjE3ZGMzZDBlMTZkYzFmMzA4MDIyMB4XDTIyMDMy
NzExMDk1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmQ3NjgxOWQ3YmM0
NmY4ZTNkMjczMTkzM2E1YWEzM2JiOGJmMDc3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALN6Y9Il7TR/0oyEDOrzw5OlB3DSjysVCc3uver2IdH324pq
mYZnG6Vd45RQD76IvQF28XFKDJxXuxBvZZYEFK114Fa4ja5KREHJJsbe5mysfEy0
d/oaF9c5zJPhxMETdtHVbKcFpev5VgIggd5nrYtSe5uJbadlmTKTqlDgVoQf6ifH
gqtPy9/2q3J9FgpvoctE35rfQekLv1xgFIkLgpCLYjS12RTtVMsaTm4o0a5hLwfg
NgjxS8EUEo6hZqzvOmsgM8rbp2/q1GqCns8JPG8nR96iHU/rWv5mO+oT9511eRYz
q4VovI4nwQGcO6w3ZNnSeF/DPnlbsD+LmWYJbokCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRtdoGde8Rvjj0nMZM6WqM7uL8HcjAfBgNVHSMEGDAWgBRyBHvhWydZAtz2
F9w9DhbcHzCAIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnUjc0VnNuV1FMYzloZmNQUTRXM0I4d2dDSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvNzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8x
L2JYYUJuWHZFYjQ0OUp6R1RPbHFqTzdpX0IzSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
Nzk4NDQ3LTIxZjQtNDVhYi05OWRjLTFhYmUzYWMxMGFhNi8xL2NnUjc0VnNuV1FM
YzloZmNQUTRXM0I4d2dDSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAPBAIAAjAJAwcAIAEGfABk
MA0GCSqGSIb3DQEBCwUAA4IBAQBPgVbbggEVnjttdo76zF+3xN5ht4cPsegIzyy5
rC0oD2uXuyRywKpE3bbNHQP2J3aYJormTqWqDAy5SiUoLLuFoPB45owbluC4UUkC
BqIXAyrcmEHhJMuFk0pK796bD6IiGWDLA2X5iUpJXXjAqJ7+0KDVXcTluMfzutig
dO+S/D22tvm11GqCrzttD23u3cfot0iFfaWvAGbjNAJ2cuVAcQCh/2RbaSG8h6Yg
dzHXus3+CdCLNETkSrG9WYnP2ZBOFnhQul5lL7n+QxArvJh3Et13deqyl18GDsl0
PqWH1L2c9+nKegmPl4dzAxOXapCkV9Cc7YvTFMDxDafVeDoB
-----END CERTIFICATE-----
Generated at Sat May 3 14:48:15 2025 by rpki-client