Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bqEjinkd71nTwSpanc5xhdV90L4.roa
File: bqEjinkd71nTwSpanc5xhdV90L4.roa (raw, json)
Hash identifier: bMv65Y8KyaxzMZKHzNSqwvuJrlKxSBgXYQ4bwf9XwE0=
Subject key identifier: 6E:A1:23:8A:79:1D:EF:59:D3:C1:2A:5A:9D:CE:71:85:D5:7D:D0:BE
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185D9633AFE1F76A86C5BCA5EB50EE15A5E
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bqEjinkd71nTwSpanc5xhdV90L4.roa
Signing time: Sun 22 Jan 2023 12:10:37 +0000
ROA not before: Sun 22 Jan 2023 12:10:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:d9:63:3a:fe:1f:76:a8:6c:5b:ca:5e:b5:0e:e1:5a:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 22 12:10:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ea1238a791def59d3c12a5a9dce7185d57dd0be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4d:b7:28:0b:ad:2d:25:b4:0f:91:b6:60:07:
f8:af:a6:d1:bf:56:c9:3f:b0:27:3a:34:fb:ae:1a:
9e:7d:49:3c:0b:4d:8c:f0:52:32:2d:ea:02:f7:fd:
b3:19:a2:93:b0:88:cb:fe:26:e9:d5:fc:48:b9:35:
57:b1:5f:29:88:1d:09:41:9e:02:ba:ac:f7:fa:15:
f3:9a:94:c2:26:bb:57:7d:39:e4:94:86:e1:dd:3d:
e5:30:86:98:82:c7:2c:c6:1d:68:ca:0c:ac:21:6e:
57:c6:66:c3:13:80:d7:da:68:3f:55:bb:51:b6:cf:
aa:bf:01:4b:50:c7:24:66:0f:6b:f9:d5:29:ee:27:
47:10:d9:87:e8:79:44:ec:80:3a:88:8e:9c:80:fa:
cb:7d:4c:fd:6a:43:39:3f:33:fe:8e:09:8d:db:f4:
48:71:8a:d9:06:5e:01:d7:34:b6:48:f9:6f:fa:7f:
0c:72:1c:9d:65:7a:7b:b2:cb:ca:e9:ac:c6:71:9e:
03:19:89:fb:dd:7b:ff:58:c3:7b:53:f8:62:e1:a0:
c2:a0:1d:7b:80:3f:8d:3a:ef:aa:90:9a:d3:a1:9d:
d5:80:1a:c1:57:fb:5c:77:a6:a4:9e:33:86:69:3b:
7d:26:cc:55:27:8a:5f:14:d6:a9:47:b3:02:80:e1:
87:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:A1:23:8A:79:1D:EF:59:D3:C1:2A:5A:9D:CE:71:85:D5:7D:D0:BE
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bqEjinkd71nTwSpanc5xhdV90L4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:4c:75:b2:79:06:c4:56:48:8a:2f:bb:87:1c:16:b8:b5:4e:
11:d9:37:2e:b7:fc:fa:9f:5c:2f:f2:4b:18:d5:c6:f9:1d:3a:
d7:37:05:fa:53:8e:e2:a2:bb:5d:4d:ad:c6:db:0d:c3:66:51:
4a:e9:cd:f2:e2:9d:6e:0d:64:0b:a1:98:b1:85:89:27:f8:65:
da:e0:4e:96:1c:4a:c4:a9:3d:c5:20:84:6f:79:7e:ef:ff:1d:
56:20:f5:b3:83:36:44:a9:d5:21:d3:a1:6a:f4:92:bc:c3:4e:
62:f1:10:6c:62:80:bf:38:23:3e:be:65:f6:8a:da:66:20:28:
49:d4:05:fb:6b:51:48:60:fb:a5:4e:6e:ae:6b:ff:ec:b0:9a:
eb:12:91:24:65:86:8e:12:da:69:3d:70:1f:80:2c:9d:f7:d4:
3d:a8:cd:f6:3b:3a:b9:f5:ef:64:e7:b1:ce:37:e2:ba:2c:85:
19:d1:f1:0d:aa:f1:24:ab:93:58:17:de:cc:65:2b:69:3a:ed:
e1:16:65:31:a6:49:aa:87:0a:38:22:c2:a3:49:a2:18:3b:4b:
ca:82:59:75:9c:2b:c4:2f:f8:d6:7f:0c:5e:cc:ee:79:72:65:
7c:2c:83:eb:1f:e2:55:89:10:31:9a:16:48:f8:a4:11:c0:d8:
92:ef:63:af
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYXZYzr+H3aobFvKXrUO4VpeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTIyMTIxMDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWExMjM4YTc5MWRlZjU5ZDNjMTJhNWE5ZGNlNzE4NWQ1N2RkMGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtE23KAutLSW0D5G2YAf4r6bRv1bJ
P7AnOjT7rhqefUk8C02M8FIyLeoC9/2zGaKTsIjL/ibp1fxIuTVXsV8piB0JQZ4C
uqz3+hXzmpTCJrtXfTnklIbh3T3lMIaYgscsxh1oygysIW5XxmbDE4DX2mg/VbtR
ts+qvwFLUMckZg9r+dUp7idHENmH6HlE7IA6iI6cgPrLfUz9akM5PzP+jgmN2/RI
cYrZBl4B1zS2SPlv+n8MchydZXp7ssvK6azGcZ4DGYn73Xv/WMN7U/hi4aDCoB17
gD+NOu+qkJrToZ3VgBrBV/tcd6aknjOGaTt9JsxVJ4pfFNapR7MCgOGHlwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG6hI4p5He9Z08EqWp3OcYXVfdC+MB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYnFFamlua2Q3MW5Ud1NwYW5jNXhoZFY5MEw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHZMdbJ5BsRWSIovu4cc
Fri1ThHZNy63/PqfXC/ySxjVxvkdOtc3BfpTjuKiu11NrcbbDcNmUUrpzfLinW4N
ZAuhmLGFiSf4ZdrgTpYcSsSpPcUghG95fu//HVYg9bODNkSp1SHToWr0krzDTmLx
EGxigL84Iz6+ZfaK2mYgKEnUBftrUUhg+6VObq5r/+ywmusSkSRlho4S2mk9cB+A
LJ331D2ozfY7Orn172Tnsc434roshRnR8Q2q8SSrk1gX3sxlK2k67eEWZTGmSaqH
CjgiwqNJohg7S8qCWXWcK8Qv+NZ/DF7M7nlyZXwsg+sf4lWJEDGaFkj4pBHA2JLv
Y68=
-----END CERTIFICATE-----
Generated at Fri May 2 21:34:54 2025 by rpki-client