Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BIdi6svHAUbW49lrvDmt4hKWTZY.roa
File: BIdi6svHAUbW49lrvDmt4hKWTZY.roa (raw, json)
Hash identifier: 4qd2SIRwWFvnqXVexBqmW6sj8UVWhHovlGUWFwY2KdY=
Subject key identifier: 04:87:62:EA:CB:C7:01:46:D6:E3:D9:6B:BC:39:AD:E2:12:96:4D:96
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0183331F4178229B20A54AF2380464250EC1
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BIdi6svHAUbW49lrvDmt4hKWTZY.roa
Signing time: Mon 12 Sep 2022 19:13:49 +0000
ROA not before: Mon 12 Sep 2022 19:13:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:182:3f1d:a803/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:182:7cb2:99d4/128 maxlen: 128
2001:67c:64:ffff:0:183:1279:659d/128 maxlen: 128
2001:67c:64:ffff:0:182:383f:6b78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:33:1f:41:78:22:9b:20:a5:4a:f2:38:04:64:25:0e:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Sep 12 19:13:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=048762eacbc70146d6e3d96bbc39ade212964d96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:05:72:86:98:82:4d:ab:05:36:09:ec:07:79:
cd:db:49:b1:d6:dc:5f:bd:bf:a9:16:80:b9:4a:e1:
0f:2e:1e:6f:48:2f:19:5d:6e:5b:c5:99:ef:5f:fc:
19:01:25:39:ba:28:d4:a2:b6:48:84:66:d1:1f:89:
97:93:6b:4e:dd:66:f2:90:2b:8b:05:11:8d:1e:ef:
4e:f4:41:dd:9d:c8:49:ed:bc:f7:72:4a:12:51:ab:
fa:0c:2e:61:e5:a1:4d:1c:52:c5:73:12:f1:7a:f8:
86:5a:bd:cf:71:1b:1a:8a:14:ad:fe:d3:bf:f2:93:
1b:9e:cf:37:86:97:7a:02:d2:d6:91:7d:45:67:ab:
4d:e2:f3:25:ae:84:8b:d5:1a:c8:e2:a1:1e:9f:ae:
75:ba:b3:27:9f:93:9f:1f:1c:27:23:3d:6e:f6:1e:
36:77:8e:dd:a3:b0:5f:4a:74:2b:2d:90:f1:ba:92:
61:39:41:70:09:97:50:cb:17:1b:a9:b3:87:b2:96:
37:39:5e:6c:cd:2f:0f:3a:0a:cc:67:fe:3e:0b:bf:
f4:b8:a2:d8:1f:3d:60:11:bc:8d:f5:cf:55:fa:d3:
87:d3:c1:ca:43:8a:bb:91:47:0e:f6:0e:91:ed:e6:
43:ba:12:f4:02:23:19:d2:03:dc:37:eb:c4:87:e7:
ec:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:87:62:EA:CB:C7:01:46:D6:E3:D9:6B:BC:39:AD:E2:12:96:4D:96
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BIdi6svHAUbW49lrvDmt4hKWTZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
32:84:e5:09:88:06:d7:e7:8a:51:3a:b2:96:d9:19:fa:25:21:
2d:f0:44:55:aa:63:8a:96:94:c2:88:d6:84:53:7b:d9:37:76:
49:2f:17:aa:be:6a:b0:53:a2:0a:1b:44:5c:03:c9:6c:f3:c8:
62:6d:cb:4a:4f:3f:21:7a:77:2d:35:14:93:fd:b7:91:79:15:
22:48:88:cd:48:8a:ef:60:48:ed:47:fe:d5:a0:d3:9b:f5:6b:
02:ec:05:15:8e:71:2a:f6:27:72:97:22:25:67:3c:4b:fa:2d:
ca:bd:55:fa:3f:1f:78:da:d5:e8:2c:c8:d1:9e:e6:b1:8c:63:
72:4b:5e:72:da:f3:a6:c1:78:4e:35:eb:89:bb:4f:a5:04:52:
2a:f6:80:c7:4b:92:a7:d0:00:d5:f0:81:be:fd:e5:60:1b:cb:
8c:00:ab:83:37:30:80:87:ee:82:5d:55:58:e1:79:9f:07:4c:
25:75:e6:bf:f2:12:a1:8b:9b:63:f9:82:99:3d:b8:66:db:8b:
4d:b1:72:3d:7d:25:0e:aa:6d:1c:1f:c3:13:f3:62:9f:19:4b:
dd:6c:f6:39:57:2b:32:d4:0c:26:d2:63:5d:b0:c3:f0:87:df:
de:c6:be:d9:f8:e9:f9:16:ef:da:3a:08:ee:48:66:08:c7:7c:
0f:bb:65:ba
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMzH0F4IpsgpUryOARkJQ7BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIwOTEyMTkxMzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDg3NjJlYWNiYzcwMTQ2ZDZlM2Q5NmJiYzM5YWRlMjEyOTY0ZDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAVyhpiCTasFNgnsB3nN20mx1txf
vb+pFoC5SuEPLh5vSC8ZXW5bxZnvX/wZASU5uijUorZIhGbRH4mXk2tO3WbykCuL
BRGNHu9O9EHdnchJ7bz3ckoSUav6DC5h5aFNHFLFcxLxeviGWr3PcRsaihSt/tO/
8pMbns83hpd6AtLWkX1FZ6tN4vMlroSL1RrI4qEen651urMnn5OfHxwnIz1u9h42
d47do7BfSnQrLZDxupJhOUFwCZdQyxcbqbOHspY3OV5szS8POgrMZ/4+C7/0uKLY
Hz1gEbyN9c9V+tOH08HKQ4q7kUcO9g6R7eZDuhL0AiMZ0gPcN+vEh+fs7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFASHYurLxwFG1uPZa7w5reISlk2WMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQklkaTZzdkhBVWJXNDlscnZEbXQ0aEtXVFpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADKE5QmIBtfnilE6spbZ
GfolIS3wRFWqY4qWlMKI1oRTe9k3dkkvF6q+arBTogobRFwDyWzzyGJty0pPPyF6
dy01FJP9t5F5FSJIiM1Iiu9gSO1H/tWg05v1awLsBRWOcSr2J3KXIiVnPEv6Lcq9
Vfo/H3ja1egsyNGe5rGMY3JLXnLa86bBeE4164m7T6UEUir2gMdLkqfQANXwgb79
5WAby4wAq4M3MICH7oJdVVjheZ8HTCV15r/yEqGLm2P5gpk9uGbbi02xcj19JQ6q
bRwfwxPzYp8ZS91s9jlXKzLUDCbSY12ww/CH397Gvtn46fkW79o6CO5IZgjHfA+7
Zbo=
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:27:20 2025 by rpki-client