Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bfnQGHkimVK3wf0mwLZxZfRnN-w.roa
File: bfnQGHkimVK3wf0mwLZxZfRnN-w.roa (raw, json)
Hash identifier: n2BU0Z1D5y8sG+NMAosIQ/PQdiuQzgimtMjKPyCiAeA=
Subject key identifier: 6D:F9:D0:18:79:22:99:52:B7:C1:FD:26:C0:B6:71:65:F4:67:37:EC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01865F4BF04DFA5F3E901D9C3A1BE2FC5576
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bfnQGHkimVK3wf0mwLZxZfRnN-w.roa
Signing time: Fri 17 Feb 2023 12:14:17 +0000
ROA not before: Fri 17 Feb 2023 12:14:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5f:4b:f0:4d:fa:5f:3e:90:1d:9c:3a:1b:e2:fc:55:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 17 12:14:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6df9d01879229952b7c1fd26c0b67165f46737ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3f:36:a2:0e:bd:19:fe:56:87:90:ab:c1:c5:
3d:9c:58:e8:70:bb:d4:9b:72:66:0b:3a:4f:dc:39:
d3:a5:6b:5c:43:b9:e6:ec:90:42:0a:23:39:79:42:
84:f0:a5:8b:33:2b:99:78:7f:46:9d:b3:6d:8d:3c:
ef:82:3a:04:5e:fe:5a:df:e8:81:92:9a:91:ba:72:
a2:4f:68:e9:e9:cf:ee:22:d8:c6:5c:ec:86:fb:72:
f2:b5:56:38:3a:44:55:a4:ae:e1:56:f0:fa:1b:09:
88:ed:c3:35:33:ca:0b:23:07:02:8d:ba:9d:1b:13:
bf:45:31:3d:35:51:38:b4:eb:2f:0d:c2:2c:f5:04:
9c:80:23:50:f4:ac:11:47:37:d6:1f:41:32:b2:48:
6e:b2:98:ef:78:72:1a:72:a5:42:f8:e9:ba:a0:ba:
e0:f7:e7:7e:c0:f8:5b:ff:12:9c:dd:a5:db:3a:0d:
e2:1e:3e:68:36:92:e5:22:dc:2c:dc:87:50:8b:4e:
79:d7:ff:8c:50:0d:4c:4c:e9:64:3d:86:eb:ed:0c:
f2:3f:c7:e8:2e:84:70:f1:0b:d1:0b:83:62:49:83:
58:a9:4a:4f:e8:d3:64:a7:94:81:52:75:ca:24:ce:
7a:9a:e4:58:3a:24:0f:f4:27:c9:ec:cd:9d:b6:28:
7c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:F9:D0:18:79:22:99:52:B7:C1:FD:26:C0:B6:71:65:F4:67:37:EC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bfnQGHkimVK3wf0mwLZxZfRnN-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:52:23:e3:b2:73:e5:5a:7b:1a:12:b5:27:3b:d9:a8:f0:41:
e1:51:53:20:d0:9c:37:96:2c:ba:a5:43:ec:4b:bf:38:c8:47:
4b:f5:9d:fc:9b:55:b9:e6:f0:5f:89:73:f6:34:13:65:3e:51:
46:0f:de:40:2c:53:05:56:89:81:cd:83:6b:75:da:35:11:90:
9b:a9:d0:d0:91:c2:20:2a:23:2b:47:26:9f:e1:4a:06:64:3e:
65:e4:09:98:df:d5:01:11:2b:0b:03:d2:ce:1b:fe:3d:f6:17:
6e:e8:e8:1d:1d:a7:7e:ed:b8:10:0f:ec:0b:d0:c1:c3:b2:18:
1f:d5:7b:c3:32:ee:57:91:c0:7f:95:5a:6b:51:bf:9a:44:92:
dd:3a:2a:cb:c2:39:0a:23:a3:19:93:5f:02:a3:ef:36:de:80:
13:9d:d3:1b:c0:82:b3:3c:39:25:7b:a8:33:5d:49:7f:8d:96:
37:20:c2:ec:51:8c:ea:07:66:5a:01:ef:7b:af:17:d6:ad:f7:
6a:83:72:e3:b8:89:d1:4c:f0:16:0d:49:34:f3:c8:11:4d:78:
f6:1a:0f:db:a9:51:57:6c:64:8a:62:33:dc:41:ef:cd:2e:7e:
a6:3f:62:27:22:68:a4:a7:14:f2:9d:31:80:23:78:fb:fe:0b:
ee:9c:7b:29
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZfS/BN+l8+kB2cOhvi/FV2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE3MTIxNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGY5ZDAxODc5MjI5OTUyYjdjMWZkMjZjMGI2NzE2NWY0NjczN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhD82og69Gf5Wh5CrwcU9nFjocLvU
m3JmCzpP3DnTpWtcQ7nm7JBCCiM5eUKE8KWLMyuZeH9GnbNtjTzvgjoEXv5a3+iB
kpqRunKiT2jp6c/uItjGXOyG+3LytVY4OkRVpK7hVvD6GwmI7cM1M8oLIwcCjbqd
GxO/RTE9NVE4tOsvDcIs9QScgCNQ9KwRRzfWH0EyskhuspjveHIacqVC+Om6oLrg
9+d+wPhb/xKc3aXbOg3iHj5oNpLlItws3IdQi0551/+MUA1MTOlkPYbr7QzyP8fo
LoRw8QvRC4NiSYNYqUpP6NNkp5SBUnXKJM56muRYOiQP9CfJ7M2dtih8+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG350Bh5IplSt8H9JsC2cWX0ZzfsMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYmZuUUdIa2ltVkszd2YwbXdMWnhaZlJuTi13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGNSI+Oyc+VaexoStSc7
2ajwQeFRUyDQnDeWLLqlQ+xLvzjIR0v1nfybVbnm8F+Jc/Y0E2U+UUYP3kAsUwVW
iYHNg2t12jURkJup0NCRwiAqIytHJp/hSgZkPmXkCZjf1QERKwsD0s4b/j32F27o
6B0dp37tuBAP7AvQwcOyGB/Ve8My7leRwH+VWmtRv5pEkt06KsvCOQojoxmTXwKj
7zbegBOd0xvAgrM8OSV7qDNdSX+NljcgwuxRjOoHZloB73uvF9at92qDcuO4idFM
8BYNSTTzyBFNePYaD9upUVdsZIpiM9xB780ufqY/YiciaKSnFPKdMYAjePv+C+6c
eyk=
-----END CERTIFICATE-----
Generated at Sun May 4 02:44:30 2025 by rpki-client