Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BjUKwPDfnWgrNf7WwrcncOTtMYc.roa
File: BjUKwPDfnWgrNf7WwrcncOTtMYc.roa (raw, json)
Hash identifier: 955J3OtbC6qjatlZ0zW+wGibeNbmgkN64E4qLfR/snA=
Subject key identifier: 06:35:0A:C0:F0:DF:9D:68:2B:35:FE:D6:C2:B7:27:70:E4:ED:31:87
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018A352AEE222E5F8D5DF3142CA627D23BE4
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BjUKwPDfnWgrNf7WwrcncOTtMYc.roa
Signing time: Sun 27 Aug 2023 04:05:20 +0000
ROA not before: Sun 27 Aug 2023 04:05:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:352a:7402/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:35:2a:ee:22:2e:5f:8d:5d:f3:14:2c:a6:27:d2:3b:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Aug 27 04:05:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06350ac0f0df9d682b35fed6c2b72770e4ed3187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:89:cd:1b:b6:a8:f2:cd:44:ee:28:56:b5:b6:
61:02:53:88:a3:7d:cd:69:3b:c2:a3:60:ee:61:82:
e6:b7:01:f2:73:20:02:94:c2:b5:41:64:03:d9:49:
5f:20:0c:ad:5a:04:f2:8c:88:72:b1:c6:d5:45:37:
1e:37:1e:e2:51:a6:71:a0:c4:07:0d:c4:0d:e0:c0:
aa:f0:82:1b:d6:eb:fe:fb:6f:aa:5a:a4:f9:f8:c0:
19:a1:28:21:8d:77:8a:8e:4b:63:da:db:2f:36:c8:
45:30:22:de:f0:01:ac:59:93:47:60:73:a7:f0:a7:
c2:86:1b:18:15:83:4c:3d:5d:65:8a:67:4e:67:3b:
b8:93:4c:00:b9:af:ee:49:1d:b3:59:ac:35:e3:83:
d1:1a:58:35:5d:1b:f5:20:d5:f9:e4:ce:94:a0:35:
fa:11:5c:72:fe:c8:f2:c8:fb:ee:8f:04:7d:f2:2c:
40:a5:d2:4e:36:64:d2:61:d7:e3:34:24:d8:0a:c6:
62:de:91:bd:aa:b2:42:be:85:00:3d:70:af:9e:89:
34:77:af:51:5e:64:71:5d:95:cf:fe:0a:33:d8:51:
11:ae:dc:3e:7b:90:4a:f7:4e:da:87:5f:f7:cd:d2:
64:2d:19:25:8d:c3:86:2f:c6:f8:6b:79:f9:cc:ae:
1e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:35:0A:C0:F0:DF:9D:68:2B:35:FE:D6:C2:B7:27:70:E4:ED:31:87
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BjUKwPDfnWgrNf7WwrcncOTtMYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
07:5e:42:75:35:54:3b:37:70:8a:84:9b:81:19:d6:62:56:a8:
b1:94:dc:d2:54:64:5d:0e:8a:b3:1b:db:7e:74:5b:c3:9c:3e:
11:97:2b:93:6f:22:26:c4:a7:54:a7:27:1b:8d:cb:ae:b9:32:
b8:eb:58:e4:0f:1d:78:94:56:88:67:0d:12:91:45:32:bf:95:
94:b3:ad:e0:45:cd:de:f2:00:30:61:bb:af:01:86:b7:48:46:
bb:9c:cc:cc:28:9c:8b:f7:d5:d7:a8:39:61:c3:54:91:5a:63:
41:15:19:0d:c1:21:a8:d6:94:df:2e:ac:01:7c:87:9e:bd:fb:
0f:98:9c:fc:d3:e6:af:89:75:dd:4b:4b:e0:86:e7:7e:92:dc:
3f:8f:d0:8f:88:64:de:ae:42:13:91:12:3d:d7:c9:13:e1:98:
01:bb:8e:0b:57:3f:7e:00:5f:0d:02:d5:ec:5d:19:d7:54:86:
fc:f2:ca:1b:80:16:3c:bc:95:23:28:eb:ba:ca:23:18:fd:2b:
d3:eb:0f:66:e9:35:ae:c5:28:33:e0:23:8f:35:40:c6:3c:60:
2c:36:48:ec:f2:8e:3c:0e:c5:a0:6a:5a:68:76:21:3f:77:92:
b6:8e:1a:bf:3e:e7:ca:5f:66:75:5d:bf:57:b0:6f:5e:16:8a:
9b:f9:79:09
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYo1Ku4iLl+NXfMULKYn0jvkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwODI3MDQwNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjM1MGFjMGYwZGY5ZDY4MmIzNWZlZDZjMmI3Mjc3MGU0ZWQzMTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsInNG7ao8s1E7ihWtbZhAlOIo33N
aTvCo2DuYYLmtwHycyAClMK1QWQD2UlfIAytWgTyjIhyscbVRTceNx7iUaZxoMQH
DcQN4MCq8IIb1uv++2+qWqT5+MAZoSghjXeKjktj2tsvNshFMCLe8AGsWZNHYHOn
8KfChhsYFYNMPV1limdOZzu4k0wAua/uSR2zWaw144PRGlg1XRv1INX55M6UoDX6
EVxy/sjyyPvujwR98ixApdJONmTSYdfjNCTYCsZi3pG9qrJCvoUAPXCvnok0d69R
XmRxXZXP/goz2FERrtw+e5BK907ah1/3zdJkLRkljcOGL8b4a3n5zK4e6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAY1CsDw351oKzX+1sK3J3Dk7TGHMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQmpVS3dQRGZuV2dyTmY3V3dyY25jT1R0TVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAdeQnU1VDs3cIqEm4EZ
1mJWqLGU3NJUZF0OirMb2350W8OcPhGXK5NvIibEp1SnJxuNy665MrjrWOQPHXiU
VohnDRKRRTK/lZSzreBFzd7yADBhu68BhrdIRruczMwonIv31deoOWHDVJFaY0EV
GQ3BIajWlN8urAF8h569+w+YnPzT5q+Jdd1LS+CG536S3D+P0I+IZN6uQhOREj3X
yRPhmAG7jgtXP34AXw0C1exdGddUhvzyyhuAFjy8lSMo67rKIxj9K9PrD2bpNa7F
KDPgI481QMY8YCw2SOzyjjwOxaBqWmh2IT93kraOGr8+58pfZnVdv1ewb14Wipv5
eQk=
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:22:51 2025 by rpki-client