Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bJyXw4C0TnFxKhQXu5eWgroDt2g.roa
File: bJyXw4C0TnFxKhQXu5eWgroDt2g.roa (raw, json)
Hash identifier: ot+k7ypKtjlpEWxWFJVTEnGgvBSl/66FDaXiRN9lytw=
Subject key identifier: 6C:9C:97:C3:80:B4:4E:71:71:2A:14:17:BB:97:96:82:BA:03:B7:68
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018566CCE85157FC29C27751A07C46214648
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bJyXw4C0TnFxKhQXu5eWgroDt2g.roa
Signing time: Sat 31 Dec 2022 06:09:42 +0000
ROA not before: Sat 31 Dec 2022 06:09:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:66:cc:e8:51:57:fc:29:c2:77:51:a0:7c:46:21:46:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 31 06:09:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6c9c97c380b44e71712a1417bb979682ba03b768
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fd:81:04:02:ad:b9:01:75:48:7e:7a:2a:4c:
32:d6:f4:83:2c:35:34:37:a9:37:8d:22:55:68:c5:
61:ba:86:d8:08:a4:52:6e:74:a3:1b:71:da:eb:5e:
db:66:41:3b:0b:e5:37:07:42:48:ec:9f:a8:77:f6:
51:8c:1d:41:8b:5b:ba:ad:38:5f:d9:ed:e6:e4:05:
a8:25:0d:6f:c4:1e:d9:97:9d:55:2b:b5:e9:e5:24:
b9:10:4d:00:e3:3e:e1:13:68:72:0f:c7:ce:dc:99:
d6:ee:29:f8:e9:50:f9:08:cf:c6:fd:41:df:bf:f2:
50:f8:05:d3:0f:b0:eb:37:8a:0b:50:8e:d4:42:41:
6a:95:31:d6:65:bf:f4:6e:6d:84:85:2e:27:df:5d:
2b:9c:80:43:4c:82:bb:e9:0a:6b:58:53:03:53:f2:
9f:9f:5d:1d:e2:b6:f2:01:2c:5b:46:40:8e:b6:a3:
f9:b2:c3:09:e1:c4:d1:24:6c:44:8f:8f:d9:49:f2:
ff:72:57:90:d3:43:d1:bb:6c:5d:b1:fe:1f:44:a1:
cc:7f:5e:5d:cc:21:27:87:b5:c6:97:b6:6e:93:6d:
e8:62:f7:31:d6:63:db:0c:a6:c1:a6:dc:68:b8:80:
40:77:be:ea:c7:de:fc:78:29:4b:1c:cd:70:d5:1e:
58:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:9C:97:C3:80:B4:4E:71:71:2A:14:17:BB:97:96:82:BA:03:B7:68
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bJyXw4C0TnFxKhQXu5eWgroDt2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
91:a1:53:81:51:e5:46:a4:cc:d9:c6:1b:d6:af:59:9b:ae:df:
fc:db:e1:c5:aa:d8:2b:ec:9a:39:79:3f:6b:ae:ab:62:26:d0:
53:fd:10:ef:d1:ae:b7:b5:a9:be:0b:a3:0f:b9:f0:1e:b9:84:
fd:76:3e:ed:10:f7:8c:7f:d7:1f:19:41:5c:5a:05:69:56:01:
d9:65:df:62:56:af:73:31:e9:9c:94:3c:18:6a:77:0b:7f:b2:
a2:bd:35:bb:b1:9a:c4:a2:b6:06:83:05:04:84:8a:68:28:8a:
63:e9:68:8e:90:cf:fb:d9:93:ff:84:0f:22:60:ea:45:8e:61:
0f:66:37:8b:22:8e:81:dc:a1:e8:8f:d1:b0:ae:9f:c2:3c:07:
c7:7f:de:24:3a:99:32:e1:89:d1:ba:51:38:af:68:19:77:31:
ff:e2:19:39:63:89:d1:dc:06:3c:f0:af:9f:ec:24:ff:3f:94:
09:60:a4:8b:fa:e4:48:a1:27:43:a3:01:26:95:20:ee:19:7a:
fd:14:6f:8f:54:53:98:35:28:f1:0e:cb:54:46:a3:cd:43:00:
8c:5f:24:2c:a2:78:98:a9:87:78:7b:f1:aa:a4:98:e5:3c:97:
6b:98:6c:fc:93:2f:96:16:04:38:9a:35:62:6e:ef:bb:26:07:
7a:1c:08:e3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVmzOhRV/wpwndRoHxGIUZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjMxMDYwOTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzljOTdjMzgwYjQ0ZTcxNzEyYTE0MTdiYjk3OTY4MmJhMDNiNzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqf2BBAKtuQF1SH56Kkwy1vSDLDU0
N6k3jSJVaMVhuobYCKRSbnSjG3Ha617bZkE7C+U3B0JI7J+od/ZRjB1Bi1u6rThf
2e3m5AWoJQ1vxB7Zl51VK7Xp5SS5EE0A4z7hE2hyD8fO3JnW7in46VD5CM/G/UHf
v/JQ+AXTD7DrN4oLUI7UQkFqlTHWZb/0bm2EhS4n310rnIBDTIK76QprWFMDU/Kf
n10d4rbyASxbRkCOtqP5ssMJ4cTRJGxEj4/ZSfL/cleQ00PRu2xdsf4fRKHMf15d
zCEnh7XGl7Zuk23oYvcx1mPbDKbBptxouIBAd77qx978eClLHM1w1R5Y/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGycl8OAtE5xcSoUF7uXloK6A7doMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYkp5WHc0QzBUbkZ4S2hRWHU1ZVdncm9EdDJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJGhU4FR5UakzNnGG9av
WZuu3/zb4cWq2Cvsmjl5P2uuq2Im0FP9EO/Rrre1qb4Low+58B65hP12Pu0Q94x/
1x8ZQVxaBWlWAdll32JWr3Mx6ZyUPBhqdwt/sqK9NbuxmsSitgaDBQSEimgoimPp
aI6Qz/vZk/+EDyJg6kWOYQ9mN4sijoHcoeiP0bCun8I8B8d/3iQ6mTLhidG6UTiv
aBl3Mf/iGTljidHcBjzwr5/sJP8/lAlgpIv65EihJ0OjASaVIO4Zev0Ub49UU5g1
KPEOy1RGo81DAIxfJCyieJiph3h78aqkmOU8l2uYbPyTL5YWBDiaNWJu77smB3oc
COM=
-----END CERTIFICATE-----
Generated at Mon Jun 9 03:26:52 2025 by rpki-client