Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Be8FupufTejolcj8skIDwbh5y2A.roa
File: Be8FupufTejolcj8skIDwbh5y2A.roa (raw, json)
Hash identifier: 2tRJnokUTZYhVbronc33h02pnv0PNKUB+rDMaN8JrT4=
Subject key identifier: 05:EF:05:BA:9B:9F:4D:E8:E8:95:C8:FC:B2:42:03:C1:B8:79:CB:60
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0188440121A339CC8BA8A67F628E341972BF
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Be8FupufTejolcj8skIDwbh5y2A.roa
Signing time: Mon 22 May 2023 15:08:24 +0000
ROA not before: Mon 22 May 2023 15:08:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:d20f:1e28/128 maxlen: 128
2001:67c:64:ffff:0:186:a1c7:a442/128 maxlen: 128
2001:67c:64:ffff:0:186:92f9:8437/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64:ffff:0:186:6f5a:adbb/128 maxlen: 128
2001:67c:64:ffff:0:186:7ecd:cc90/128 maxlen: 128
2001:67c:64:ffff:0:187:4695:a68a/128 maxlen: 128
2001:67c:64:ffff:0:186:6e7e:de02/128 maxlen: 128
2001:67c:64:ffff:0:186:9e58:8c82/128 maxlen: 128
2001:67c:64:ffff:0:186:cfe9:cd16/128 maxlen: 128
2001:67c:64:ffff:0:187:fa9a:b088/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:186:c678:c9dc/128 maxlen: 128
2001:67c:64:ffff:0:187:b2b8:a7dd/128 maxlen: 128
2001:67c:64:ffff:0:186:620c:ed81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:44:01:21:a3:39:cc:8b:a8:a6:7f:62:8e:34:19:72:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: May 22 15:08:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05ef05ba9b9f4de8e895c8fcb24203c1b879cb60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6b:ec:aa:f6:d6:51:2d:1b:77:b1:99:cc:8f:
ff:d5:d7:dc:e3:f2:44:70:7c:aa:b3:a1:67:8f:8f:
f4:60:d7:8c:37:09:70:ee:ea:07:70:1f:cc:62:ed:
6a:2c:27:3f:18:ed:85:6e:d4:2d:f9:f6:9f:a9:16:
a5:e3:8c:9b:20:4f:b6:5f:cc:9e:a6:2a:19:e3:ad:
b6:b9:ae:d5:7e:4b:88:7e:ce:c4:ca:26:47:96:e2:
22:77:d9:50:87:e5:b5:58:a8:d5:ce:ac:c6:10:6e:
6c:7b:46:bf:87:19:19:d7:8a:74:39:fb:7a:8f:22:
61:4b:fa:ed:ba:0d:07:0f:36:2e:fa:2c:02:6b:10:
34:3e:08:fa:70:37:17:f5:cc:f3:29:89:b2:5f:55:
40:07:19:25:2b:94:0d:de:fe:a6:24:b5:bc:6d:75:
83:fe:70:a2:be:1b:d2:14:05:4a:4f:82:1b:2e:8a:
b8:d9:92:30:72:3c:ae:44:ee:fd:19:e8:18:ad:cb:
b7:94:f7:99:7c:a4:ac:48:cd:17:a8:1f:dc:8e:f9:
ee:46:e5:59:33:91:df:2d:6d:ef:b4:21:f3:3f:85:
12:b2:31:72:23:9d:33:e0:6e:58:7a:21:b9:cf:df:
12:c0:ca:da:47:a1:a6:4b:7b:c2:8d:4d:ae:b8:67:
dc:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:EF:05:BA:9B:9F:4D:E8:E8:95:C8:FC:B2:42:03:C1:B8:79:CB:60
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Be8FupufTejolcj8skIDwbh5y2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8c:a6:06:9a:a9:34:b5:93:b1:93:ab:45:b0:a0:1a:24:f5:fa:
b2:81:99:40:d4:41:2d:02:77:53:a6:9a:2b:86:f4:e3:c1:e5:
59:35:92:99:6b:f9:aa:af:07:1e:77:3c:ea:36:4e:f8:7a:8a:
9c:12:77:d5:e1:47:b8:b4:ff:03:c1:bc:a7:39:8f:9c:04:0c:
42:33:88:2e:eb:00:4e:7b:50:9e:6a:14:43:6f:4b:2f:32:e8:
1e:0e:d6:b3:33:a9:15:72:04:7c:e9:c3:c1:5e:1d:b7:c6:44:
de:06:9f:4a:06:4c:ba:ec:0d:5c:50:3a:e1:d7:46:b5:1a:4b:
f6:ed:17:50:43:7e:00:a7:ff:e5:48:90:3a:c5:99:31:db:ca:
60:27:6b:59:9c:38:dc:b1:21:b2:1c:09:f8:2a:41:9c:46:ab:
53:41:12:64:3d:f7:b7:bc:68:70:b3:17:87:2b:1c:5b:30:8f:
f5:5e:fb:da:a1:8c:2a:09:b7:fa:5c:43:c7:21:e7:06:7b:5a:
b6:ff:31:dd:7f:31:8f:5b:9b:ee:d0:f1:81:f1:fc:18:94:a0:
14:f5:f1:f7:33:26:03:a1:d7:fe:2f:ec:e8:b7:91:3f:9f:3a:
7e:18:99:a5:f2:78:4b:1c:ad:8b:8f:f3:81:36:ce:68:2f:ec:
4e:8f:d6:0b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYhEASGjOcyLqKZ/Yo40GXK/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNTIyMTUwODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWVmMDViYTliOWY0ZGU4ZTg5NWM4ZmNiMjQyMDNjMWI4NzljYjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2vsqvbWUS0bd7GZzI//1dfc4/JE
cHyqs6Fnj4/0YNeMNwlw7uoHcB/MYu1qLCc/GO2FbtQt+fafqRal44ybIE+2X8ye
pioZ4622ua7VfkuIfs7EyiZHluIid9lQh+W1WKjVzqzGEG5se0a/hxkZ14p0Oft6
jyJhS/rtug0HDzYu+iwCaxA0Pgj6cDcX9czzKYmyX1VABxklK5QN3v6mJLW8bXWD
/nCivhvSFAVKT4IbLoq42ZIwcjyuRO79GegYrcu3lPeZfKSsSM0XqB/cjvnuRuVZ
M5HfLW3vtCHzP4USsjFyI50z4G5YeiG5z98SwMraR6GmS3vCjU2uuGfcxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAXvBbqbn03o6JXI/LJCA8G4ectgMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQmU4RnVwdWZUZWpvbGNqOHNrSUR3Ymg1eTJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIymBpqpNLWTsZOrRbCg
GiT1+rKBmUDUQS0Cd1OmmiuG9OPB5Vk1kplr+aqvBx53POo2Tvh6ipwSd9XhR7i0
/wPBvKc5j5wEDEIziC7rAE57UJ5qFENvSy8y6B4O1rMzqRVyBHzpw8FeHbfGRN4G
n0oGTLrsDVxQOuHXRrUaS/btF1BDfgCn/+VIkDrFmTHbymAna1mcONyxIbIcCfgq
QZxGq1NBEmQ997e8aHCzF4crHFswj/Ve+9qhjCoJt/pcQ8ch5wZ7Wrb/Md1/MY9b
m+7Q8YHx/BiUoBT18fczJgOh1/4v7Oi3kT+fOn4YmaXyeEscrYuP84E2zmgv7E6P
1gs=
-----END CERTIFICATE-----
Generated at Tue Jun 10 02:23:17 2025 by rpki-client