Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bced7y8xKMEllrSBc5IjGtXT_Ac.roa
File: bced7y8xKMEllrSBc5IjGtXT_Ac.roa (raw, json)
Hash identifier: jZ5dYZZmA2VCyQbkYvQV6y7qZsT9psRH77no3gQO+9k=
Subject key identifier: 6D:C7:9D:EF:2F:31:28:C1:25:96:B4:81:73:92:23:1A:D5:D3:FC:07
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01857075BB95204FA5AFB5358C7D76F64B9B
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bced7y8xKMEllrSBc5IjGtXT_Ac.roa
Signing time: Mon 02 Jan 2023 03:10:41 +0000
ROA not before: Mon 02 Jan 2023 03:10:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:75:bb:95:20:4f:a5:af:b5:35:8c:7d:76:f6:4b:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 2 03:10:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6dc79def2f3128c12596b4817392231ad5d3fc07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3c:a5:c9:41:b9:b5:39:c0:44:a2:a1:f7:87:
d7:38:da:94:56:79:c8:8d:b3:86:ce:76:1d:24:f1:
0e:2d:ff:e6:79:16:2a:f2:d9:d2:8b:8a:22:20:6e:
f0:e8:e2:ff:78:22:12:31:3a:ac:ec:b6:19:76:91:
eb:40:98:2e:3a:a9:a0:cc:22:af:53:01:ed:ad:ff:
a2:d4:05:a2:11:cf:e0:55:91:0e:e5:e7:4e:ff:39:
d8:7f:17:40:68:70:21:c6:4b:29:00:d8:ca:ad:ec:
85:4e:35:bf:91:ff:7a:9d:4f:f6:5f:13:09:15:80:
b9:d7:fd:19:c0:c2:6c:93:b1:fc:31:d4:b6:44:b0:
8c:60:c9:2a:28:71:fa:0a:a5:1c:8f:82:8e:0b:86:
3f:f6:f3:49:a6:37:63:f0:e6:a7:c1:b7:f5:1d:84:
4a:5a:99:34:4a:62:08:57:da:b3:6b:80:02:0c:48:
62:9d:f9:13:22:c8:30:40:9e:04:65:dd:f8:95:dc:
02:70:0c:ad:b1:30:c4:a5:1e:58:24:16:2e:e1:dc:
07:47:6d:5a:21:93:b8:ae:9b:df:30:e5:87:b2:ea:
7a:47:50:1a:5c:1f:35:44:64:57:3c:2e:12:74:78:
d4:7f:bb:98:c4:df:e8:41:5f:6f:81:63:97:80:10:
f1:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:C7:9D:EF:2F:31:28:C1:25:96:B4:81:73:92:23:1A:D5:D3:FC:07
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bced7y8xKMEllrSBc5IjGtXT_Ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
af:d8:28:7c:3b:06:d5:0c:81:4f:84:c5:3d:62:c2:54:98:e4:
5d:a6:ee:23:0e:4e:c1:0e:47:31:e3:9e:f7:e2:a3:9e:a1:70:
4a:a5:14:bb:ec:52:0e:ea:9e:ba:09:b4:bf:cd:b8:7b:a5:87:
d8:e9:5d:ab:0b:6f:41:25:0c:8c:da:72:33:c5:b3:75:eb:95:
80:dc:b3:8c:75:3d:82:4a:5e:bf:bc:28:81:df:1b:09:3d:41:
fb:97:ac:39:e8:71:5d:a0:dd:8b:2c:0b:9e:95:11:cb:d9:38:
5a:7e:0d:e7:ca:66:aa:70:ff:67:07:bd:c1:60:dd:3b:36:6b:
ea:32:75:8f:4e:dd:43:52:5b:aa:88:12:23:10:8a:78:62:e2:
39:50:cb:c2:92:48:fa:02:72:8d:c3:dc:0b:da:c2:eb:a7:59:
d8:17:38:28:e7:58:03:19:70:a3:93:f8:e3:da:53:37:34:24:
bd:7e:31:ae:7e:60:d4:eb:89:82:78:e7:60:5c:9e:4b:f3:52:
f2:8b:4f:a1:e4:b0:ba:5f:f0:9b:3a:69:2c:fc:d6:ae:14:8c:
b0:c5:8a:51:a0:89:18:e5:1f:95:40:45:3d:3f:5f:94:70:8e:
f0:2b:cf:ad:08:cf:11:93:16:84:4a:f8:90:76:47:f8:e7:b2:
e5:c4:25:0a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVwdbuVIE+lr7U1jH129kubMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTAyMDMxMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGM3OWRlZjJmMzEyOGMxMjU5NmI0ODE3MzkyMjMxYWQ1ZDNmYzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzylyUG5tTnARKKh94fXONqUVnnI
jbOGznYdJPEOLf/meRYq8tnSi4oiIG7w6OL/eCISMTqs7LYZdpHrQJguOqmgzCKv
UwHtrf+i1AWiEc/gVZEO5edO/znYfxdAaHAhxkspANjKreyFTjW/kf96nU/2XxMJ
FYC51/0ZwMJsk7H8MdS2RLCMYMkqKHH6CqUcj4KOC4Y/9vNJpjdj8Oanwbf1HYRK
Wpk0SmIIV9qza4ACDEhinfkTIsgwQJ4EZd34ldwCcAytsTDEpR5YJBYu4dwHR21a
IZO4rpvfMOWHsup6R1AaXB81RGRXPC4SdHjUf7uYxN/oQV9vgWOXgBDxiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG3Hne8vMSjBJZa0gXOSIxrV0/wHMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYmNlZDd5OHhLTUVsbHJTQmM1SWpHdFhUX0FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK/YKHw7BtUMgU+ExT1i
wlSY5F2m7iMOTsEORzHjnvfio56hcEqlFLvsUg7qnroJtL/NuHulh9jpXasLb0El
DIzacjPFs3XrlYDcs4x1PYJKXr+8KIHfGwk9QfuXrDnocV2g3YssC56VEcvZOFp+
DefKZqpw/2cHvcFg3Ts2a+oydY9O3UNSW6qIEiMQinhi4jlQy8KSSPoCco3D3Ava
wuunWdgXOCjnWAMZcKOT+OPaUzc0JL1+Ma5+YNTriYJ452BcnkvzUvKLT6HksLpf
8Js6aSz81q4UjLDFilGgiRjlH5VART0/X5RwjvArz60IzxGTFoRK+JB2R/jnsuXE
JQo=
-----END CERTIFICATE-----
Generated at Wed Apr 30 20:37:38 2025 by rpki-client