Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BmN-JfJ3m5nDt9L0NAwsNl0UKMw.roa
File: BmN-JfJ3m5nDt9L0NAwsNl0UKMw.roa (raw, json)
Hash identifier: Rh82fmgBLoYQ4tsXeN+Oyc9shvOogXq1/3W7a4fDV4c=
Subject key identifier: 06:63:7E:25:F2:77:9B:99:C3:B7:D2:F4:34:0C:2C:36:5D:14:28:CC
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0189A60BA12AF823E61B58EE76934B10CB19
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BmN-JfJ3m5nDt9L0NAwsNl0UKMw.roa
Signing time: Sun 30 Jul 2023 09:05:27 +0000
ROA not before: Sun 30 Jul 2023 09:05:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:188:7858:a003/128 maxlen: 128
2001:67c:64:ffff:0:189:a60a:c0b9/128 maxlen: 128
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:189:a0e4:5c7d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:a6:0b:a1:2a:f8:23:e6:1b:58:ee:76:93:4b:10:cb:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jul 30 09:05:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06637e25f2779b99c3b7d2f4340c2c365d1428cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:8e:f3:44:90:7e:f2:93:14:d1:15:e0:65:b3:
26:16:6e:44:a8:82:1f:d2:f5:aa:02:4f:80:3c:58:
45:d2:2b:f8:8e:43:f9:8b:0e:6a:2e:ab:76:fd:a4:
fd:26:63:bc:25:d5:e9:23:58:8d:9a:ce:1f:9f:ef:
e9:0f:33:bd:ac:b5:f6:df:a8:dd:ac:92:78:f4:43:
38:d5:79:a9:89:ad:5d:17:5a:33:6d:fa:45:e0:89:
69:5b:b8:a0:31:fe:1f:15:36:8e:71:e3:02:d0:38:
c6:cc:89:2f:9b:45:03:a7:52:f6:29:de:b5:90:f0:
2c:bc:6d:ff:3d:19:33:4a:6d:64:1c:a4:ee:de:1b:
14:28:44:57:9a:a6:6d:f9:2f:6b:48:46:e1:da:9b:
06:11:ed:e8:d5:d6:9c:bc:c9:6e:02:24:95:dc:15:
87:0a:cc:e7:2e:38:c8:0a:ac:2f:14:a1:1e:04:18:
8b:d4:eb:9f:ac:a4:59:f5:cf:f5:67:e0:f5:fc:19:
15:05:a2:e8:37:af:6b:9a:34:c9:d8:f0:f8:f7:83:
5a:5c:1d:16:15:f8:66:aa:a4:40:4c:b5:dd:9d:86:
05:e2:95:4f:0c:09:4c:1b:bb:84:a8:a7:42:d4:0e:
95:04:2b:d0:f8:2d:2f:9c:ec:7a:23:9c:31:cc:dc:
68:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:63:7E:25:F2:77:9B:99:C3:B7:D2:F4:34:0C:2C:36:5D:14:28:CC
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BmN-JfJ3m5nDt9L0NAwsNl0UKMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:40:f7:5a:be:f0:a9:96:04:86:46:f0:3a:65:e7:bf:dc:94:
4f:5d:69:c6:b3:57:18:2c:43:73:be:9c:b1:23:3b:98:70:7b:
df:c8:3e:5c:48:7f:1d:d3:c1:85:7d:bb:b9:22:13:d4:24:45:
8f:c6:60:4d:e2:98:2c:86:ea:c7:a1:56:33:a5:50:11:d2:05:
ef:06:ef:66:15:98:51:0f:4f:86:9d:bc:58:7c:0c:94:92:0c:
a1:6e:df:f4:14:23:31:7e:63:43:6e:b7:7a:f4:97:65:c8:6a:
76:d7:e5:4f:8b:3b:ef:38:4d:fa:2a:a0:1e:63:c7:86:81:9f:
4e:41:80:4f:54:d9:43:b7:95:54:02:4d:24:80:ea:35:2d:c6:
8f:76:92:9c:14:91:11:62:52:cc:de:d0:ec:a8:01:04:a5:b6:
54:1f:10:50:08:98:2c:61:39:95:7b:c8:b4:b3:cf:9f:eb:8a:
ba:b5:9e:e9:02:e5:04:32:a2:8b:ec:bc:75:90:8b:4b:aa:64:
02:10:e2:fd:1e:41:8a:5c:d1:51:88:9a:65:6f:07:32:33:7b:
57:0d:c3:64:1c:78:d3:12:75:82:6f:1f:b2:4e:7e:fe:b1:3e:
a8:74:da:ef:22:c0:90:5f:d3:a4:c0:ad:ab:a7:3b:40:cb:51:
2d:08:26:86
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYmmC6Eq+CPmG1judpNLEMsZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwNzMwMDkwNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjYzN2UyNWYyNzc5Yjk5YzNiN2QyZjQzNDBjMmMzNjVkMTQyOGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh47zRJB+8pMU0RXgZbMmFm5EqIIf
0vWqAk+APFhF0iv4jkP5iw5qLqt2/aT9JmO8JdXpI1iNms4fn+/pDzO9rLX236jd
rJJ49EM41Xmpia1dF1ozbfpF4IlpW7igMf4fFTaOceMC0DjGzIkvm0UDp1L2Kd61
kPAsvG3/PRkzSm1kHKTu3hsUKERXmqZt+S9rSEbh2psGEe3o1dacvMluAiSV3BWH
CsznLjjICqwvFKEeBBiL1OufrKRZ9c/1Z+D1/BkVBaLoN69rmjTJ2PD494NaXB0W
FfhmqqRATLXdnYYF4pVPDAlMG7uEqKdC1A6VBCvQ+C0vnOx6I5wxzNxoUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAZjfiXyd5uZw7fS9DQMLDZdFCjMMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQm1OLUpmSjNtNW5EdDlMME5Bd3NObDBVS013LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGZA91q+8KmWBIZG8Dpl
57/clE9dacazVxgsQ3O+nLEjO5hwe9/IPlxIfx3TwYV9u7kiE9QkRY/GYE3imCyG
6sehVjOlUBHSBe8G72YVmFEPT4advFh8DJSSDKFu3/QUIzF+Y0Nut3r0l2XIanbX
5U+LO+84TfoqoB5jx4aBn05BgE9U2UO3lVQCTSSA6jUtxo92kpwUkRFiUsze0Oyo
AQSltlQfEFAImCxhOZV7yLSzz5/rirq1nukC5QQyoovsvHWQi0uqZAIQ4v0eQYpc
0VGImmVvBzIze1cNw2QceNMSdYJvH7JOfv6xPqh02u8iwJBf06TAraunO0DLUS0I
JoY=
-----END CERTIFICATE-----
Generated at Sat Jun 14 17:06:04 2025 by rpki-client