Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BbZVOaOWywyfHtP_0OzTkpc8N-M.roa
File: BbZVOaOWywyfHtP_0OzTkpc8N-M.roa (raw, json)
Hash identifier: TFtvD7Kq+jqp4tPB0t5ZFHCkZuTq8PiMbYulwvjLibQ=
Subject key identifier: 05:B6:55:39:A3:96:CB:0C:9F:1E:D3:FF:D0:EC:D3:92:97:3C:37:E3
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01868B490A8860369E49E41C6571019EE8EA
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BbZVOaOWywyfHtP_0OzTkpc8N-M.roa
Signing time: Sun 26 Feb 2023 01:14:25 +0000
ROA not before: Sun 26 Feb 2023 01:14:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:8b:49:0a:88:60:36:9e:49:e4:1c:65:71:01:9e:e8:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 26 01:14:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05b65539a396cb0c9f1ed3ffd0ecd392973c37e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ce:4f:35:fb:99:ee:c2:5a:fe:42:3f:1f:3f:
5f:90:8a:11:55:95:da:fa:26:fb:15:3a:9e:13:cb:
c6:22:f0:d0:59:29:2e:d7:0c:18:4c:98:12:46:ef:
2e:60:dc:9d:ed:3d:fd:dd:0f:98:fc:2b:61:d2:e6:
fc:e1:a4:d4:ed:9d:36:0a:20:06:e6:e6:2d:c5:03:
fa:88:c1:22:4a:c9:00:a2:7e:f1:c7:76:b9:73:78:
a0:04:a1:7f:7e:80:c7:3d:1b:d4:57:7d:22:14:08:
75:6a:8f:55:0f:a0:72:22:a2:5f:3f:97:e4:22:c4:
6d:ce:01:23:59:59:5d:a4:c1:1d:3d:f8:8f:6b:d3:
25:da:27:e3:87:79:4c:a9:b9:2c:3a:3e:06:37:22:
da:55:40:63:04:27:ee:9a:d7:a4:76:97:da:6d:9b:
02:4f:c4:c5:04:5e:04:89:8b:8b:37:7c:67:d0:1e:
04:f9:68:88:23:ba:31:52:0b:fd:8b:b5:f7:ca:c8:
81:f1:6e:98:a8:c3:4d:56:13:78:78:14:82:90:65:
8a:1c:aa:49:14:72:88:84:4b:9e:84:b2:95:58:97:
50:48:f2:12:fb:12:18:9c:37:9f:92:e2:aa:99:d0:
55:1a:4f:67:da:f8:a2:3e:28:f5:49:36:c7:58:e5:
86:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:B6:55:39:A3:96:CB:0C:9F:1E:D3:FF:D0:EC:D3:92:97:3C:37:E3
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BbZVOaOWywyfHtP_0OzTkpc8N-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
48:34:67:60:fe:e8:f8:d3:93:46:cd:36:1d:59:65:c2:e1:9d:
16:3f:b7:f2:17:bd:67:01:bf:c5:f3:1a:44:e7:6f:27:79:2a:
98:56:25:f1:8c:20:5c:90:4b:9e:5b:1a:7f:2a:eb:a5:45:f0:
06:c2:fd:d8:dd:93:23:67:f1:3b:4a:10:4a:a2:0a:1b:56:90:
a5:f6:fe:a8:b3:a3:6d:d3:54:8e:2b:53:68:1a:9e:50:1b:6f:
a1:7c:0e:b8:14:34:79:f4:5b:c3:fb:db:f9:ec:c5:4c:b4:07:
6e:fe:f0:44:2c:9a:a7:b5:97:bc:9a:36:a0:4f:1e:0d:4b:79:
4c:5d:9d:4a:90:75:f5:44:07:9e:13:c9:8f:91:51:1f:be:00:
b8:ed:2d:a2:b4:94:40:0b:ae:c1:7c:ce:57:34:49:2d:7b:24:
66:b6:32:44:cc:7d:31:e1:7c:47:48:6f:c8:33:21:9a:3d:7c:
40:15:f2:a2:be:ed:75:fd:71:62:ae:c2:75:29:b3:9a:af:82:
18:a2:a1:cf:10:1b:10:07:cb:cf:ad:19:19:d3:cc:4a:f8:f9:
78:3b:92:d4:36:f0:a0:ff:5a:c1:b8:07:39:87:1a:25:f9:32:
26:23:40:bd:f0:86:c0:97:ab:dd:af:92:64:e5:c5:0f:34:42:
03:92:84:fe
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYaLSQqIYDaeSeQcZXEBnujqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjI2MDExNDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWI2NTUzOWEzOTZjYjBjOWYxZWQzZmZkMGVjZDM5Mjk3M2MzN2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlM5PNfuZ7sJa/kI/Hz9fkIoRVZXa
+ib7FTqeE8vGIvDQWSku1wwYTJgSRu8uYNyd7T393Q+Y/Cth0ub84aTU7Z02CiAG
5uYtxQP6iMEiSskAon7xx3a5c3igBKF/foDHPRvUV30iFAh1ao9VD6ByIqJfP5fk
IsRtzgEjWVldpMEdPfiPa9Ml2ifjh3lMqbksOj4GNyLaVUBjBCfumtekdpfabZsC
T8TFBF4EiYuLN3xn0B4E+WiII7oxUgv9i7X3ysiB8W6YqMNNVhN4eBSCkGWKHKpJ
FHKIhEuehLKVWJdQSPIS+xIYnDefkuKqmdBVGk9n2viiPij1STbHWOWGAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAW2VTmjlssMnx7T/9Ds05KXPDfjMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQmJaVk9hT1d5d3lmSHRQXzBPelRrcGM4Ti1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEg0Z2D+6PjTk0bNNh1Z
ZcLhnRY/t/IXvWcBv8XzGkTnbyd5KphWJfGMIFyQS55bGn8q66VF8AbC/djdkyNn
8TtKEEqiChtWkKX2/qizo23TVI4rU2ganlAbb6F8DrgUNHn0W8P72/nsxUy0B27+
8EQsmqe1l7yaNqBPHg1LeUxdnUqQdfVEB54TyY+RUR++ALjtLaK0lEALrsF8zlc0
SS17JGa2MkTMfTHhfEdIb8gzIZo9fEAV8qK+7XX9cWKuwnUps5qvghiioc8QGxAH
y8+tGRnTzEr4+Xg7ktQ28KD/WsG4BzmHGiX5MiYjQL3whsCXq92vkmTlxQ80QgOS
hP4=
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:32:32 2025 by rpki-client