Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bczon0UF1iU_SgkCSk_GDWY8nFI.roa
File: bczon0UF1iU_SgkCSk_GDWY8nFI.roa (raw, json)
Hash identifier: bzGb8h931EI51oJAPYcNs+yrFLy3yZ7z2R8pvY7e4dg=
Subject key identifier: 6D:CC:E8:9F:45:05:D6:25:3F:4A:09:02:4A:4F:C6:0D:66:3C:9C:52
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018480C943C64FB3D235F3DD63B445BE33CC
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bczon0UF1iU_SgkCSk_GDWY8nFI.roa
Signing time: Wed 16 Nov 2022 14:13:04 +0000
ROA not before: Wed 16 Nov 2022 14:13:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:184:51c3:ad7c/128 maxlen: 128
2001:67c:64:ffff:0:184:3fbd:71f7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:184:4250:a4df/128 maxlen: 128
2001:67c:64:ffff:0:184:75cf:c8d9/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:80:c9:43:c6:4f:b3:d2:35:f3:dd:63:b4:45:be:33:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Nov 16 14:13:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6dcce89f4505d6253f4a09024a4fc60d663c9c52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c5:ac:dd:83:8e:72:60:c7:2e:92:78:7c:6a:
9c:f0:99:21:b3:04:6c:ef:43:4f:44:d6:3c:1b:59:
e2:83:b8:ed:6a:34:d9:a8:bb:a3:8c:23:04:3e:27:
60:25:56:7a:f8:4c:ea:1d:89:c4:b4:8f:97:c3:d2:
6c:dc:1f:9e:41:b3:45:e4:97:1f:e4:90:f3:1e:7e:
8c:ba:3d:ce:8f:8d:6f:d4:c6:5e:6a:b4:87:2a:f7:
ed:86:ed:69:35:ae:91:c3:c2:57:26:66:e3:9b:b1:
b3:25:43:07:08:f6:28:fa:64:ae:6f:a7:23:2e:a5:
ba:bf:e7:be:b6:3f:d6:f5:81:eb:1c:37:b1:cc:f3:
6f:62:f2:d6:83:55:72:91:82:7e:15:a2:1a:9e:bf:
28:72:09:51:24:60:58:d0:6e:ff:de:24:1d:ea:99:
f1:7f:44:e6:10:a4:00:ff:23:30:f5:84:fb:f7:c4:
4e:27:27:71:5f:d8:46:28:3f:5f:76:d5:a6:16:b0:
31:80:10:af:f9:86:47:18:41:83:b1:f7:35:0f:5b:
a6:bb:84:b3:86:d4:18:d1:cc:cf:94:5e:96:12:c6:
d1:a4:db:c8:a0:86:dc:7a:71:59:5e:bd:b8:ca:9f:
fa:51:fe:65:61:61:51:b7:71:fb:e2:eb:c5:f1:f9:
93:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:CC:E8:9F:45:05:D6:25:3F:4A:09:02:4A:4F:C6:0D:66:3C:9C:52
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bczon0UF1iU_SgkCSk_GDWY8nFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
88:cf:31:92:e1:8d:a9:4f:58:fa:f0:5e:da:71:2d:b4:4f:86:
6f:00:d8:2d:19:cf:01:db:bc:21:0b:e2:46:ce:50:c8:49:44:
77:d1:9f:aa:4c:ec:34:01:47:f4:67:fc:47:aa:f9:22:c9:ba:
f2:80:89:07:ab:93:93:03:44:4f:dd:0c:73:8d:c6:f4:0d:d0:
61:70:67:39:d5:6f:cc:2a:10:ea:43:ce:67:a9:cd:42:e8:7b:
a2:af:b1:59:31:33:f8:4b:14:e6:4e:cd:40:7f:fd:38:b3:e4:
d2:23:73:2c:41:c8:fe:69:54:15:72:62:d2:32:e7:1e:73:43:
be:41:d5:0c:d9:a4:5a:de:f6:26:35:07:14:59:90:69:57:16:
ec:c0:be:35:f7:17:61:cf:1d:a1:a0:47:d6:79:ff:41:32:11:
39:00:ce:49:ab:ab:0f:e7:f0:17:9b:a5:31:28:f0:3d:67:40:
90:a6:c7:cd:e1:8e:63:6e:5a:8d:89:c5:20:3a:24:a9:de:b2:
b4:0b:e9:be:45:72:97:4d:90:89:92:64:27:25:da:b4:64:aa:
f8:65:8d:07:ea:5b:d8:94:ed:fe:1e:b4:41:64:b0:e3:34:c4:
3f:81:d7:7e:f0:1c:39:c7:eb:e7:2c:f1:dc:dc:9f:f0:e6:b2:
fa:7b:41:23
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYSAyUPGT7PSNfPdY7RFvjPMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMTE2MTQxMzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGNjZTg5ZjQ1MDVkNjI1M2Y0YTA5MDI0YTRmYzYwZDY2M2M5YzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMWs3YOOcmDHLpJ4fGqc8JkhswRs
70NPRNY8G1nig7jtajTZqLujjCMEPidgJVZ6+EzqHYnEtI+Xw9Js3B+eQbNF5Jcf
5JDzHn6Muj3Oj41v1MZearSHKvfthu1pNa6Rw8JXJmbjm7GzJUMHCPYo+mSub6cj
LqW6v+e+tj/W9YHrHDexzPNvYvLWg1VykYJ+FaIanr8ocglRJGBY0G7/3iQd6pnx
f0TmEKQA/yMw9YT798ROJydxX9hGKD9fdtWmFrAxgBCv+YZHGEGDsfc1D1umu4Sz
htQY0czPlF6WEsbRpNvIoIbcenFZXr24yp/6Uf5lYWFRt3H74uvF8fmTEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG3M6J9FBdYlP0oJAkpPxg1mPJxSMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYmN6b24wVUYxaVVfU2drQ1NrX0dEV1k4bkZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIjPMZLhjalPWPrwXtpx
LbRPhm8A2C0ZzwHbvCEL4kbOUMhJRHfRn6pM7DQBR/Rn/Eeq+SLJuvKAiQerk5MD
RE/dDHONxvQN0GFwZznVb8wqEOpDzmepzULoe6KvsVkxM/hLFOZOzUB//Tiz5NIj
cyxByP5pVBVyYtIy5x5zQ75B1QzZpFre9iY1BxRZkGlXFuzAvjX3F2HPHaGgR9Z5
/0EyETkAzkmrqw/n8BebpTEo8D1nQJCmx83hjmNuWo2JxSA6JKnesrQL6b5FcpdN
kImSZCcl2rRkqvhljQfqW9iU7f4etEFksOM0xD+B137wHDnH6+cs8dzcn/Dmsvp7
QSM=
-----END CERTIFICATE-----
Generated at Wed Apr 30 23:28:02 2025 by rpki-client