Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bbLXhYKx5rlseoXJGXdzfr5fK10.roa
File: bbLXhYKx5rlseoXJGXdzfr5fK10.roa (raw, json)
Hash identifier: 1d6yRnIrmSJ6OUKb8K+ykIsrHSUUKhQmIj4u2NZJhI8=
Subject key identifier: 6D:B2:D7:85:82:B1:E6:B9:6C:7A:85:C9:19:77:73:7E:BE:5F:2B:5D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A23312C5BB87C6CCF14ED27B8896F7DCA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bbLXhYKx5rlseoXJGXdzfr5fK10.roa
Signing time: Wed 23 Aug 2023 16:18:59 +0000
ROA not before: Wed 23 Aug 2023 16:18:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:178d:7ed9/128 maxlen: 128
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:23:31:2c:5b:b8:7c:6c:cf:14:ed:27:b8:89:6f:7d:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 23 16:18:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6db2d78582b1e6b96c7a85c91977737ebe5f2b5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:2b:28:58:a2:cc:1a:4e:d6:f6:a5:f6:43:f4:
92:5b:66:65:b5:08:58:32:55:ae:c7:e5:13:5c:b7:
ae:0e:53:a8:ff:3d:a0:37:3c:af:27:98:7f:75:69:
ad:69:26:94:10:6b:c8:5c:93:99:a6:c7:03:94:ef:
24:d1:4c:b8:0b:0f:76:d3:2e:4b:63:7f:70:db:a3:
43:95:cc:6d:b5:1d:87:20:d3:34:61:b0:df:cc:19:
d4:6b:06:9f:11:f0:19:d1:d3:0a:79:48:9f:ba:69:
60:01:db:52:05:44:2a:56:c1:70:20:0d:78:b0:c0:
9d:ea:17:e0:7f:41:61:9d:dc:0f:20:ac:06:1d:08:
83:aa:c4:74:d4:1c:12:a8:96:3f:30:f2:18:20:ab:
eb:47:ea:40:26:e3:15:d3:d8:46:41:b9:6b:b6:05:
38:4b:87:1b:02:cb:4c:cb:d9:5b:00:91:e2:6c:1c:
ba:a5:10:1f:91:18:af:f0:1d:aa:ce:77:94:59:c7:
c6:24:c5:e6:04:87:ba:d6:34:2f:ed:12:ba:e4:6b:
6d:ef:d7:51:82:ef:3c:26:1c:a6:8a:d1:8e:91:ea:
7f:b8:c5:ac:10:c3:2d:c0:e7:7a:02:99:6b:5c:c8:
3b:6d:9f:aa:15:7e:dc:cd:e7:c5:9b:90:c9:fb:60:
5b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:B2:D7:85:82:B1:E6:B9:6C:7A:85:C9:19:77:73:7E:BE:5F:2B:5D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bbLXhYKx5rlseoXJGXdzfr5fK10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a4:85:6e:44:86:f6:06:b3:1c:78:58:04:79:3d:4e:c8:8f:34:
4f:f3:65:6d:8b:c2:1c:74:8e:3b:47:b3:83:44:67:5c:62:1f:
5a:90:0b:70:9c:78:d7:87:dc:25:cf:02:a9:1d:88:08:5b:b9:
da:1c:1c:bc:d8:d6:58:b5:e6:1f:8d:a9:7c:8c:44:1d:87:40:
b7:44:3e:e2:00:7f:28:3e:71:48:07:04:ad:72:9a:46:9f:9f:
95:3e:80:1e:1e:02:14:f2:a4:63:06:11:10:66:f7:bb:64:ca:
2c:ea:7a:6f:41:8a:b8:3e:36:85:de:c1:b8:27:be:1d:21:9c:
ac:0e:3f:ec:14:23:08:d4:3e:5a:1f:a3:6d:14:56:30:e5:f9:
de:4a:74:3d:74:70:78:7d:d2:16:1f:7b:b3:7d:da:ea:1e:8b:
98:f4:15:d3:c8:df:73:f0:fe:a4:f0:aa:b5:a0:53:ae:9e:3f:
d2:c0:32:7f:2e:a0:75:f7:e5:1d:13:b1:78:1f:24:e2:24:e6:
06:64:3e:67:d8:db:46:74:0b:17:ce:73:a1:09:38:ad:03:cd:
9e:3b:ee:c7:4f:74:f9:4d:87:99:99:c4:7d:9f:7f:26:08:05:
49:32:a7:a7:bc:ad:6b:cd:c2:56:fe:0d:c7:44:9a:15:56:dc:
6b:75:79:03
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYojMSxbuHxszxTtJ7iJb33KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODIzMTYxODU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGIyZDc4NTgyYjFlNmI5NmM3YTg1YzkxOTc3NzM3ZWJlNWYyYjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSsoWKLMGk7W9qX2Q/SSW2ZltQhY
MlWux+UTXLeuDlOo/z2gNzyvJ5h/dWmtaSaUEGvIXJOZpscDlO8k0Uy4Cw920y5L
Y39w26NDlcxttR2HINM0YbDfzBnUawafEfAZ0dMKeUifumlgAdtSBUQqVsFwIA14
sMCd6hfgf0FhndwPIKwGHQiDqsR01BwSqJY/MPIYIKvrR+pAJuMV09hGQblrtgU4
S4cbAstMy9lbAJHibBy6pRAfkRiv8B2qzneUWcfGJMXmBIe61jQv7RK65Gtt79dR
gu88JhymitGOkep/uMWsEMMtwOd6AplrXMg7bZ+qFX7czefFm5DJ+2BbKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG2y14WCsea5bHqFyRl3c36+XytdMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYmJMWGhZS3g1cmxzZW9YSkdYZHpmcjVmSzEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKSFbkSG9gazHHhYBHk9
TsiPNE/zZW2Lwhx0jjtHs4NEZ1xiH1qQC3CceNeH3CXPAqkdiAhbudocHLzY1li1
5h+NqXyMRB2HQLdEPuIAfyg+cUgHBK1ymkafn5U+gB4eAhTypGMGERBm97tkyizq
em9Birg+NoXewbgnvh0hnKwOP+wUIwjUPlofo20UVjDl+d5KdD10cHh90hYfe7N9
2uoei5j0FdPI33Pw/qTwqrWgU66eP9LAMn8uoHX35R0TsXgfJOIk5gZkPmfY20Z0
CxfOc6EJOK0DzZ477sdPdPlNh5mZxH2ffyYIBUkyp6e8rWvNwlb+DcdEmhVW3Gt1
eQM=
-----END CERTIFICATE-----
Generated at Thu May 1 00:52:00 2025 by rpki-client