Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bKYkpr6T0gmP-lYfWkboFKFk2MY.roa
File: bKYkpr6T0gmP-lYfWkboFKFk2MY.roa (raw, json)
Hash identifier: LX32IJ9mnUrf7m8rJPpD5dW0Q0eFznVe6DNSueZ4EiA=
Subject key identifier: 6C:A6:24:A6:BE:93:D2:09:8F:FA:56:1F:5A:46:E8:14:A1:64:D8:C6
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0183FCD04988115166EAC5ACDEF9C7489C12
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bKYkpr6T0gmP-lYfWkboFKFk2MY.roa
Signing time: Fri 21 Oct 2022 23:10:52 +0000
ROA not before: Fri 21 Oct 2022 23:10:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fc:d0:49:88:11:51:66:ea:c5:ac:de:f9:c7:48:9c:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Oct 21 23:10:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ca624a6be93d2098ffa561f5a46e814a164d8c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:0c:de:9a:36:00:29:07:95:a4:48:fa:10:a2:
d6:85:bb:20:0a:e9:a2:75:8f:44:fc:ee:1f:11:51:
87:5b:d6:ac:3b:04:81:ad:08:cf:66:22:0e:cd:e3:
b4:0d:5e:dc:09:72:5a:8a:f1:8b:c9:e2:ac:b6:4a:
51:1e:00:c4:c7:be:d8:7c:db:9e:c3:da:8c:d6:9e:
df:5b:ee:4f:27:b7:07:ae:0d:11:bc:3f:86:13:b2:
ec:1d:ed:b9:c2:fa:07:a6:e5:f3:58:c0:d9:ae:20:
e2:be:06:f8:48:bf:74:79:97:10:d9:82:a8:8a:81:
ec:23:6a:e4:a3:fc:ee:ee:8a:2d:f6:76:3d:12:c8:
e3:26:5e:72:d7:3b:9d:cd:49:05:85:c2:01:92:d5:
d5:a4:b2:ee:5e:db:8f:60:54:e4:ba:a1:10:42:97:
e5:11:d0:2d:83:41:9c:7c:cb:9e:8c:36:6a:3d:5e:
dd:a8:b4:41:12:7b:3e:9c:4b:52:e6:b8:93:e4:d5:
cc:ca:f4:cf:84:28:ae:e6:5d:60:11:63:2e:f3:37:
96:54:20:2c:92:75:03:8f:f2:68:de:41:2c:56:5a:
f2:b5:84:e2:4f:37:dd:79:01:0f:4d:0b:4a:39:6a:
22:b9:13:70:4b:1f:fb:34:17:68:62:f9:8a:45:f4:
c2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:A6:24:A6:BE:93:D2:09:8F:FA:56:1F:5A:46:E8:14:A1:64:D8:C6
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/bKYkpr6T0gmP-lYfWkboFKFk2MY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
69:5d:72:4b:ea:83:72:23:ac:35:3b:e7:b8:a0:c8:86:f2:59:
2b:f6:44:a6:64:dd:51:a3:14:63:63:84:b4:18:90:99:2f:c8:
14:f8:b9:45:42:49:fe:79:86:6b:16:4b:2a:8d:96:d1:20:c1:
43:ce:2a:46:70:46:87:a7:e2:2a:15:bb:1a:65:36:93:cc:5f:
d1:7a:d4:aa:bc:66:9b:6b:6d:33:f0:f6:6d:18:4d:66:e3:43:
65:28:e7:a7:9d:b7:24:bd:54:df:6d:8c:60:6e:07:42:c6:d5:
56:69:40:52:90:d7:eb:34:14:76:36:2f:e8:c8:9d:d7:97:98:
57:8e:1f:33:fb:01:db:0f:98:2e:39:ed:b2:fe:61:a1:b3:a9:
13:31:02:b5:29:bc:da:8a:06:dd:99:3a:f1:02:ce:58:ba:87:
dd:1a:f3:2a:b0:46:27:9f:86:b6:c0:48:83:de:0c:4c:59:f8:
00:17:18:99:5d:ad:83:ff:89:11:70:3a:2d:2f:a7:75:14:f5:
89:e5:94:b3:ba:22:9a:28:b4:30:2f:81:8f:25:2a:f2:53:54:
41:52:f2:7e:9c:ab:7a:73:80:f0:2a:ae:42:e8:95:ba:a3:87:
c7:16:6b:d1:30:a3:74:47:51:b2:dd:00:4c:bb:d8:dd:c1:19:
73:be:5b:28
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYP80EmIEVFm6sWs3vnHSJwSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMDIxMjMxMDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2E2MjRhNmJlOTNkMjA5OGZmYTU2MWY1YTQ2ZTgxNGExNjRkOGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQzemjYAKQeVpEj6EKLWhbsgCumi
dY9E/O4fEVGHW9asOwSBrQjPZiIOzeO0DV7cCXJaivGLyeKstkpRHgDEx77YfNue
w9qM1p7fW+5PJ7cHrg0RvD+GE7LsHe25wvoHpuXzWMDZriDivgb4SL90eZcQ2YKo
ioHsI2rko/zu7oot9nY9EsjjJl5y1zudzUkFhcIBktXVpLLuXtuPYFTkuqEQQpfl
EdAtg0GcfMuejDZqPV7dqLRBEns+nEtS5riT5NXMyvTPhCiu5l1gEWMu8zeWVCAs
knUDj/Jo3kEsVlrytYTiTzfdeQEPTQtKOWoiuRNwSx/7NBdoYvmKRfTCmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGymJKa+k9IJj/pWH1pG6BShZNjGMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvYktZa3ByNlQwZ21QLWxZZldrYm9GS0ZrMk1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGldckvqg3IjrDU757ig
yIbyWSv2RKZk3VGjFGNjhLQYkJkvyBT4uUVCSf55hmsWSyqNltEgwUPOKkZwRoen
4ioVuxplNpPMX9F61Kq8ZptrbTPw9m0YTWbjQ2Uo56edtyS9VN9tjGBuB0LG1VZp
QFKQ1+s0FHY2L+jIndeXmFeOHzP7AdsPmC457bL+YaGzqRMxArUpvNqKBt2ZOvEC
zli6h90a8yqwRiefhrbASIPeDExZ+AAXGJldrYP/iRFwOi0vp3UU9YnllLO6Ipoo
tDAvgY8lKvJTVEFS8n6cq3pzgPAqrkLolbqjh8cWa9Ewo3RHUbLdAEy72N3BGXO+
Wyg=
-----END CERTIFICATE-----
Generated at Wed Jun 11 13:42:24 2025 by rpki-client