Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bvfSWkG8dBAtuoaF7-OZbTyyHkQ.roa
File: bvfSWkG8dBAtuoaF7-OZbTyyHkQ.roa (raw, json)
Hash identifier: U9Ahz2LWScqU5YVWUxwGV/KKuxIRviJCSd3488XHyLo=
Subject key identifier: 6E:F7:D2:5A:41:BC:74:10:2D:BA:86:85:EF:E3:99:6D:3C:B2:1E:44
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018645533E33DE3105A57469AE20D2DE4BF6
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bvfSWkG8dBAtuoaF7-OZbTyyHkQ.roa
Signing time: Sun 12 Feb 2023 11:12:08 +0000
ROA not before: Sun 12 Feb 2023 11:12:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:45:53:3e:33:de:31:05:a5:74:69:ae:20:d2:de:4b:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 12 11:12:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ef7d25a41bc74102dba8685efe3996d3cb21e44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:af:57:65:8a:43:6b:af:9b:0b:45:54:5e:dd:
a2:85:da:49:85:be:74:ee:46:4a:16:15:0b:65:b4:
7c:28:e7:7b:a3:fd:4b:32:08:cc:61:1a:c1:93:e1:
13:af:ee:01:98:41:48:3d:26:2c:aa:a0:04:21:eb:
91:b0:4a:ad:64:f1:16:72:c3:40:7a:b8:f4:a0:46:
d3:b5:75:bd:97:b7:61:fb:cb:c9:43:a0:92:8d:70:
7d:d3:8b:76:18:24:73:ba:04:ca:de:61:19:f9:22:
a1:72:e5:71:b3:ad:1a:9e:85:4b:56:0e:34:81:ac:
d7:a8:2b:84:b6:c1:3c:e7:d7:cc:b6:64:31:15:3e:
1a:bb:c4:b6:f4:a7:a8:a9:26:69:2a:70:c5:b5:fb:
06:00:c7:90:36:78:d1:68:ea:1c:7f:4e:46:42:59:
23:fb:41:b6:6e:3d:ee:c3:b9:0a:84:ad:fc:64:d9:
49:8b:2a:67:4d:be:88:bd:62:2c:e2:25:d0:86:e5:
b7:cf:47:76:7f:87:06:6f:32:75:38:de:7e:d4:ee:
cd:db:96:1b:76:f6:dc:f0:56:a8:9c:d5:13:fc:41:
ba:55:4f:5e:8d:11:6f:e9:16:87:8d:89:ac:d1:b9:
41:4a:24:c0:4d:d8:0b:2b:46:6a:40:64:c3:e1:f3:
68:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:F7:D2:5A:41:BC:74:10:2D:BA:86:85:EF:E3:99:6D:3C:B2:1E:44
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bvfSWkG8dBAtuoaF7-OZbTyyHkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
37:46:80:f7:c8:c0:31:c3:ac:ba:4a:25:13:26:ff:66:65:4f:
ff:14:5e:90:06:1e:72:15:82:94:26:c9:f8:bc:10:cf:23:92:
dd:ac:c6:5d:74:e3:5b:b3:16:a9:50:35:4f:84:24:23:ed:46:
42:8c:c6:b5:6c:ab:bb:bc:3a:5e:c9:63:70:8a:71:f0:4a:ad:
43:7e:3a:6f:dd:45:0a:06:dc:5c:1b:77:f7:65:0c:af:7b:bc:
cf:0b:3e:51:4d:6a:a5:fe:7c:b8:17:c9:4f:bc:8c:53:35:ce:
33:a2:0b:c8:ba:4b:b9:14:95:8d:20:21:36:7c:b3:da:67:01:
b9:1e:60:1d:a4:ae:3c:f3:89:fb:53:75:32:24:f2:1d:26:4e:
72:a2:6a:d5:1d:a6:87:0b:a7:95:ca:a8:93:34:14:13:73:92:
06:f7:56:62:89:52:02:b3:fb:ca:19:7b:4a:7f:8f:c1:98:cf:
9c:db:1e:b0:45:c9:44:68:fa:bf:bc:2c:b1:1f:cc:2d:0f:c9:
77:89:33:a7:ea:ed:bd:4a:63:48:06:51:6b:f1:e0:a3:48:c8:
63:cf:3b:68:0c:14:73:ba:e5:9d:80:f0:c6:60:fa:02:78:8c:
bb:9d:81:8f:ae:aa:cb:c7:44:e4:3e:f8:3e:6f:70:6a:d4:e7:
f9:85:ca:a0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZFUz4z3jEFpXRpriDS3kv2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjEyMTExMjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWY3ZDI1YTQxYmM3NDEwMmRiYTg2ODVlZmUzOTk2ZDNjYjIxZTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm69XZYpDa6+bC0VUXt2ihdpJhb50
7kZKFhULZbR8KOd7o/1LMgjMYRrBk+ETr+4BmEFIPSYsqqAEIeuRsEqtZPEWcsNA
erj0oEbTtXW9l7dh+8vJQ6CSjXB904t2GCRzugTK3mEZ+SKhcuVxs60anoVLVg40
gazXqCuEtsE859fMtmQxFT4au8S29KeoqSZpKnDFtfsGAMeQNnjRaOocf05GQlkj
+0G2bj3uw7kKhK38ZNlJiypnTb6IvWIs4iXQhuW3z0d2f4cGbzJ1ON5+1O7N25Yb
dvbc8FaonNUT/EG6VU9ejRFv6RaHjYms0blBSiTATdgLK0ZqQGTD4fNo8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG730lpBvHQQLbqGhe/jmW08sh5EMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYnZmU1drRzhkQkF0dW9hRjctT1piVHl5SGtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADdGgPfIwDHDrLpKJRMm
/2ZlT/8UXpAGHnIVgpQmyfi8EM8jkt2sxl1041uzFqlQNU+EJCPtRkKMxrVsq7u8
Ol7JY3CKcfBKrUN+Om/dRQoG3Fwbd/dlDK97vM8LPlFNaqX+fLgXyU+8jFM1zjOi
C8i6S7kUlY0gITZ8s9pnAbkeYB2krjzziftTdTIk8h0mTnKiatUdpocLp5XKqJM0
FBNzkgb3VmKJUgKz+8oZe0p/j8GYz5zbHrBFyURo+r+8LLEfzC0PyXeJM6fq7b1K
Y0gGUWvx4KNIyGPPO2gMFHO65Z2A8MZg+gJ4jLudgY+uqsvHROQ++D5vcGrU5/mF
yqA=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:38:01 2025 by rpki-client