Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bmJsU8-9B-YnUQ4SYJ00DqYSIfg.roa
File: bmJsU8-9B-YnUQ4SYJ00DqYSIfg.roa (raw, json)
Hash identifier: mnckb6PUmg5ADSJTuw49Lldowf4IPgZTSX0ip+/OHMo=
Subject key identifier: 6E:62:6C:53:CF:BD:07:E6:27:51:0E:12:60:9D:34:0E:A6:12:21:F8
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018684D0B229D9B8771910C27DA7C0C13625
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bmJsU8-9B-YnUQ4SYJ00DqYSIfg.roa
Signing time: Fri 24 Feb 2023 19:05:14 +0000
ROA not before: Fri 24 Feb 2023 19:05:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:84cf:c489/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:84:d0:b2:29:d9:b8:77:19:10:c2:7d:a7:c0:c1:36:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 24 19:05:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e626c53cfbd07e627510e12609d340ea61221f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:3f:c4:d7:00:fe:4d:f8:d0:37:7d:96:54:08:
2b:db:b6:9b:5e:61:66:a0:3d:38:74:b2:20:4e:31:
2f:b8:0b:e6:c0:94:9f:dc:25:4b:c6:96:65:c0:01:
90:46:3f:13:22:8c:2a:48:61:f5:4d:49:f0:86:5b:
0c:c1:71:c6:ce:b0:d7:6c:2d:5e:26:33:51:b7:d8:
52:65:d2:0a:7f:f8:40:ea:7f:65:bf:a3:ac:2c:cb:
16:e5:07:d1:c4:38:e0:62:12:8e:34:f7:16:c2:04:
50:13:fe:9c:de:d3:83:62:37:9e:12:e5:2c:0f:a0:
6c:eb:ac:5f:36:dc:53:36:9f:a1:51:f7:f3:e1:9e:
44:d8:19:68:71:9f:ff:ae:1a:a8:9b:db:28:e6:d9:
36:8b:b0:bb:fb:22:7c:f9:df:26:6e:b4:43:f6:1c:
65:27:f6:79:4f:1f:a4:72:70:42:4d:a0:b6:ca:af:
57:fc:53:6b:26:dd:29:25:04:eb:41:da:bd:3d:fb:
f4:f0:aa:3d:9e:37:64:0a:03:35:a5:71:f5:b0:0b:
74:8e:5a:88:9d:58:ce:df:9f:c3:ef:be:aa:cd:10:
5e:35:41:d1:91:e4:63:15:b4:84:40:5b:0f:5e:00:
c8:42:fa:00:b1:a3:1a:ed:14:ad:ae:57:20:c0:15:
0a:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:62:6C:53:CF:BD:07:E6:27:51:0E:12:60:9D:34:0E:A6:12:21:F8
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bmJsU8-9B-YnUQ4SYJ00DqYSIfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
96:46:b3:ef:4d:90:31:ba:f5:c5:9b:32:20:31:a0:b3:36:ec:
d7:62:e6:91:8b:59:84:fd:32:e6:b1:d0:ff:89:68:76:f9:5b:
85:32:a4:ed:29:87:75:b9:94:8d:e2:ca:c7:de:fb:ba:2c:3a:
78:5b:18:13:ab:63:9b:15:ad:8c:17:95:00:c0:2c:85:ba:cd:
85:4c:3d:48:f4:eb:31:17:af:a4:2e:a9:6b:98:2c:f1:36:c0:
50:72:2f:eb:71:b3:8f:9d:93:2b:b2:d6:5c:a0:f5:7a:50:f4:
cc:5f:36:fb:0c:8b:30:f7:01:9f:47:bf:5b:b0:07:47:af:f4:
7d:eb:cb:f2:08:81:67:f4:64:19:80:4f:36:f4:c8:a1:a0:86:
65:24:7e:7d:74:2c:0e:72:c8:d3:33:4c:8b:f5:dd:18:ec:6f:
84:00:a2:7e:7e:28:4b:65:fc:fb:1f:e8:13:13:3f:11:f8:f5:
ee:dc:a5:18:2d:20:45:f5:1e:c4:1d:ca:75:37:f8:69:0b:a8:
c3:fa:78:84:99:8f:09:fd:d2:cb:aa:5c:eb:a3:12:71:3e:fc:
2a:42:e2:5b:d7:0a:bf:51:be:72:55:7c:5a:ef:8b:f9:2f:5d:
1f:ae:fd:05:91:93:b4:93:e4:95:ef:2b:13:f2:3f:19:2c:ec:
53:c2:7a:a0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaE0LIp2bh3GRDCfafAwTYlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI0MTkwNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTYyNmM1M2NmYmQwN2U2Mjc1MTBlMTI2MDlkMzQwZWE2MTIyMWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApD/E1wD+TfjQN32WVAgr27abXmFm
oD04dLIgTjEvuAvmwJSf3CVLxpZlwAGQRj8TIowqSGH1TUnwhlsMwXHGzrDXbC1e
JjNRt9hSZdIKf/hA6n9lv6OsLMsW5QfRxDjgYhKONPcWwgRQE/6c3tODYjeeEuUs
D6Bs66xfNtxTNp+hUffz4Z5E2BlocZ//rhqom9so5tk2i7C7+yJ8+d8mbrRD9hxl
J/Z5Tx+kcnBCTaC2yq9X/FNrJt0pJQTrQdq9Pfv08Ko9njdkCgM1pXH1sAt0jlqI
nVjO35/D776qzRBeNUHRkeRjFbSEQFsPXgDIQvoAsaMa7RStrlcgwBUKMQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG5ibFPPvQfmJ1EOEmCdNA6mEiH4MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYm1Kc1U4LTlCLVluVVE0U1lKMDBEcVlTSWZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJZGs+9NkDG69cWbMiAx
oLM27Ndi5pGLWYT9Muax0P+JaHb5W4UypO0ph3W5lI3iysfe+7osOnhbGBOrY5sV
rYwXlQDALIW6zYVMPUj06zEXr6QuqWuYLPE2wFByL+txs4+dkyuy1lyg9XpQ9Mxf
NvsMizD3AZ9Hv1uwB0ev9H3ry/IIgWf0ZBmATzb0yKGghmUkfn10LA5yyNMzTIv1
3Rjsb4QAon5+KEtl/Psf6BMTPxH49e7cpRgtIEX1HsQdynU3+GkLqMP6eISZjwn9
0suqXOujEnE+/CpC4lvXCr9RvnJVfFrvi/kvXR+u/QWRk7ST5JXvKxPyPxks7FPC
eqA=
-----END CERTIFICATE-----
Generated at Thu May 1 17:38:44 2025 by rpki-client