Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BmsWxyJpdDG_AJ8LkQgt2lDprd0.roa
File: BmsWxyJpdDG_AJ8LkQgt2lDprd0.roa (raw, json)
Hash identifier: cIrhgoDV5TrsltfE36QB224PrrMwaJ9kSbK2ljaxc5I=
Subject key identifier: 06:6B:16:C7:22:69:74:31:BF:00:9F:0B:91:08:2D:DA:50:E9:AD:DD
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018660949CCDB36CD40F70AC052F60F95DAE
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BmsWxyJpdDG_AJ8LkQgt2lDprd0.roa
Signing time: Fri 17 Feb 2023 18:13:17 +0000
ROA not before: Fri 17 Feb 2023 18:13:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:186:59e5:727c/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:60:94:9c:cd:b3:6c:d4:0f:70:ac:05:2f:60:f9:5d:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Feb 17 18:13:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=066b16c722697431bf009f0b91082dda50e9addd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:dc:36:12:fa:9e:ed:c9:36:b9:d1:98:77:1e:
f4:39:64:a4:f4:d8:1b:8c:f6:8e:ba:f5:fd:7d:da:
75:86:0d:60:83:29:fb:86:39:8d:08:56:2e:19:64:
4e:b2:58:b0:3e:91:c8:87:2e:2a:71:37:81:c0:32:
ee:4c:5e:8d:96:c9:e6:e6:99:94:6e:11:9b:8c:16:
0b:30:e2:94:82:3e:d3:02:94:da:c3:63:0d:7c:ce:
37:47:45:25:84:11:53:62:a2:a2:24:68:97:88:80:
be:c4:36:c9:ef:19:bb:bf:f1:7d:69:86:18:f6:6d:
98:69:11:9a:22:b6:51:78:57:26:0b:01:6c:f9:dc:
be:04:8a:77:4d:4e:61:cb:5a:b1:43:c5:32:66:71:
fa:8f:11:7c:8d:59:5d:53:7e:1e:2d:34:f6:e4:4e:
2b:99:26:ac:e7:3e:9e:30:15:83:a6:fd:6c:b8:1e:
8f:64:9c:b9:6a:88:c9:80:b3:d8:a4:98:66:a6:fc:
70:45:36:7a:1e:0c:63:10:d0:6f:63:57:aa:47:2d:
1b:21:16:68:66:86:dd:50:41:bc:ab:e6:79:87:e8:
a4:9c:85:7a:ab:ba:a9:11:9f:68:b5:35:d6:2c:b8:
35:e2:ab:66:47:b2:6d:7c:3a:00:d3:80:ed:ec:34:
76:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:6B:16:C7:22:69:74:31:BF:00:9F:0B:91:08:2D:DA:50:E9:AD:DD
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/BmsWxyJpdDG_AJ8LkQgt2lDprd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
50:45:9c:e9:56:c6:a8:be:c4:10:ca:bc:6e:53:7b:2a:ca:e0:
55:99:63:3d:f2:60:39:e3:22:2c:c1:61:df:76:60:32:8b:00:
e7:bb:f3:0e:93:5b:46:b0:0b:51:f1:91:43:69:f3:78:00:1f:
ec:2d:6a:d9:aa:3c:40:73:5e:ad:75:85:ad:08:19:40:8b:33:
21:cb:b8:0d:eb:5c:59:89:e4:9b:b1:6f:55:6f:a1:8f:f4:a3:
1f:8a:0e:f5:7d:4f:2f:44:03:05:32:fb:7a:02:da:b6:02:69:
ed:e5:42:b1:6f:a5:3d:5d:e4:c7:cb:4e:5b:35:fe:d9:31:95:
6d:a3:42:a6:89:99:4e:20:7f:e3:a4:f7:ba:74:78:74:2a:7b:
12:58:15:20:a1:bb:13:9e:ca:89:65:cc:40:d5:ca:ba:07:84:
e9:bd:84:21:d2:c9:6c:9c:9e:41:14:0f:00:64:56:90:c8:b9:
e9:0d:c9:0a:d8:33:c7:f1:b3:77:d2:49:01:c8:30:d3:04:2e:
b0:f4:9b:8d:7f:f7:be:d4:86:de:75:7c:77:8c:a6:70:fb:b6:
64:b7:41:45:05:5e:40:cb:24:e7:e3:37:52:dd:9d:91:95:1b:
cf:3c:c1:b8:e6:25:fa:ae:97:93:9d:b6:1a:41:41:4e:2f:08:
53:ad:9c:7c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYZglJzNs2zUD3CsBS9g+V2uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMjE3MTgxMzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjZiMTZjNzIyNjk3NDMxYmYwMDlmMGI5MTA4MmRkYTUwZTlhZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNw2Evqe7ck2udGYdx70OWSk9Ngb
jPaOuvX9fdp1hg1ggyn7hjmNCFYuGWROsliwPpHIhy4qcTeBwDLuTF6Nlsnm5pmU
bhGbjBYLMOKUgj7TApTaw2MNfM43R0UlhBFTYqKiJGiXiIC+xDbJ7xm7v/F9aYYY
9m2YaRGaIrZReFcmCwFs+dy+BIp3TU5hy1qxQ8UyZnH6jxF8jVldU34eLTT25E4r
mSas5z6eMBWDpv1suB6PZJy5aojJgLPYpJhmpvxwRTZ6HgxjENBvY1eqRy0bIRZo
ZobdUEG8q+Z5h+iknIV6q7qpEZ9otTXWLLg14qtmR7JtfDoA04Dt7DR2twIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAZrFsciaXQxvwCfC5EILdpQ6a3dMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvQm1zV3h5SnBkREdfQUo4TGtRZ3QybERwcmQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFBFnOlWxqi+xBDKvG5T
eyrK4FWZYz3yYDnjIizBYd92YDKLAOe78w6TW0awC1HxkUNp83gAH+wtatmqPEBz
Xq11ha0IGUCLMyHLuA3rXFmJ5Juxb1VvoY/0ox+KDvV9Ty9EAwUy+3oC2rYCae3l
QrFvpT1d5MfLTls1/tkxlW2jQqaJmU4gf+Ok97p0eHQqexJYFSChuxOeyollzEDV
yroHhOm9hCHSyWycnkEUDwBkVpDIuekNyQrYM8fxs3fSSQHIMNMELrD0m41/977U
ht51fHeMpnD7tmS3QUUFXkDLJOfjN1LdnZGVG888wbjmJfqul5OdthpBQU4vCFOt
nHw=
-----END CERTIFICATE-----
Generated at Sun Jun 8 22:25:48 2025 by rpki-client