Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OYA6QyzJgUAcHJWvrrx6mBtCUY8.roa
File: OYA6QyzJgUAcHJWvrrx6mBtCUY8.roa (raw, json)
Hash identifier: y1N2BdHoZxZKx/M4ikhp26fXiA5/XENrEDgALJeOfsQ=
Subject key identifier: 39:80:3A:43:2C:C9:81:40:1C:1C:95:AF:AE:BC:7A:98:1B:42:51:8F
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F5A7A5245512CD519BC9B932BED944503
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OYA6QyzJgUAcHJWvrrx6mBtCUY8.roa
Signing time: Wed 08 May 2024 23:11:56 +0000
ROA not before: Wed 08 May 2024 23:11:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5a:7a:52:45:51:2c:d5:19:bc:9b:93:2b:ed:94:45:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 8 23:11:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39803a432cc981401c1c95afaebc7a981b42518f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ee:b2:27:76:97:cd:5f:e9:d2:97:98:b4:fe:
15:61:f3:23:70:7f:da:b6:be:59:e2:ea:af:51:4c:
b1:57:d3:93:7e:a2:5f:17:a6:bb:73:34:63:00:95:
8c:18:eb:75:a9:dc:ec:4e:b3:37:5a:55:f9:2b:29:
12:4c:cd:e9:55:63:7b:b6:ab:c2:1f:31:b7:a4:15:
2a:cf:b7:12:69:14:2d:2c:dd:0f:fb:dc:4b:5b:c6:
5d:ab:ec:87:e2:00:88:f4:ac:89:8d:5f:28:b8:68:
9c:32:ee:03:8f:5e:dd:e4:15:f4:df:51:7f:21:1b:
19:dc:b5:34:e4:5b:d3:90:88:a9:93:b7:90:f9:e6:
3c:40:fd:70:f3:f1:47:38:82:8a:b3:9e:8f:b2:c2:
a6:77:fd:42:dd:1d:d0:b4:1e:09:97:e0:2d:5e:90:
c9:95:9e:75:86:3c:f7:ca:4d:89:77:11:36:9c:6a:
82:d6:06:c7:38:65:02:7e:51:36:f0:b3:67:96:84:
94:bb:65:46:f2:c8:42:d3:6f:e5:2e:19:5c:b0:cb:
f1:20:df:0e:dc:e3:4a:be:1a:a8:8d:0d:dc:a1:ea:
40:1a:a4:ca:72:93:f8:01:05:a1:59:a7:93:04:b6:
f6:8a:94:1e:b5:51:03:b4:00:18:ef:ee:de:a1:de:
39:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:80:3A:43:2C:C9:81:40:1C:1C:95:AF:AE:BC:7A:98:1B:42:51:8F
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OYA6QyzJgUAcHJWvrrx6mBtCUY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
71:69:6c:c0:66:5d:c7:ce:2e:46:19:4c:3d:7b:6e:10:76:0e:
6b:b1:d9:59:26:ec:6f:f7:d6:27:54:70:30:11:ee:07:ef:8a:
9e:23:cb:8b:91:6a:89:ad:ff:5c:f8:91:18:e7:49:43:d5:4c:
29:f4:bb:af:51:f5:28:18:bd:f7:91:66:0e:e5:fc:5f:e5:51:
36:33:87:01:84:91:35:fa:c3:5e:0e:84:8d:f4:e2:6e:20:1e:
de:6e:47:7e:b0:3b:cb:75:5b:51:4c:21:2f:a1:05:d0:dc:8c:
7d:56:91:a4:18:71:21:cc:9a:b8:35:90:f1:99:33:f6:11:68:
28:88:53:33:27:e3:64:3e:9a:99:28:4e:30:6d:c2:66:cf:23:
e0:a4:08:e3:72:04:f9:36:ef:d4:5f:00:00:f6:57:27:c9:0b:
60:d6:0e:46:28:32:30:76:dd:57:a3:ad:a0:a1:44:3b:90:cd:
14:58:7b:f6:83:6e:cb:3e:98:19:3f:b3:09:1b:14:08:2d:72:
e5:d4:be:e3:4d:ea:2c:12:8c:73:3b:f9:4d:c0:8a:c3:17:1b:
08:ca:7c:fa:bb:11:8c:e7:93:c5:ee:79:18:31:a0:e4:39:10:
88:aa:d6:14:fc:33:11:5e:c3:2b:94:b6:67:d2:21:42:c2:79:
46:7e:8f:f6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9aelJFUSzVGbybkyvtlEUDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA4MjMxMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTgwM2E0MzJjYzk4MTQwMWMxYzk1YWZhZWJjN2E5ODFiNDI1MThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqO6yJ3aXzV/p0peYtP4VYfMjcH/a
tr5Z4uqvUUyxV9OTfqJfF6a7czRjAJWMGOt1qdzsTrM3WlX5KykSTM3pVWN7tqvC
HzG3pBUqz7cSaRQtLN0P+9xLW8Zdq+yH4gCI9KyJjV8ouGicMu4Dj17d5BX031F/
IRsZ3LU05FvTkIipk7eQ+eY8QP1w8/FHOIKKs56PssKmd/1C3R3QtB4Jl+AtXpDJ
lZ51hjz3yk2JdxE2nGqC1gbHOGUCflE28LNnloSUu2VG8shC02/lLhlcsMvxIN8O
3ONKvhqojQ3coepAGqTKcpP4AQWhWaeTBLb2ipQetVEDtAAY7+7eod45mQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDmAOkMsyYFAHByVr668epgbQlGPMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvT1lBNlF5ekpnVUFjSEpXdnJyeDZtQnRDVVk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHFpbMBmXcfOLkYZTD17
bhB2Dmux2Vkm7G/31idUcDAR7gfvip4jy4uRaomt/1z4kRjnSUPVTCn0u69R9SgY
vfeRZg7l/F/lUTYzhwGEkTX6w14OhI304m4gHt5uR36wO8t1W1FMIS+hBdDcjH1W
kaQYcSHMmrg1kPGZM/YRaCiIUzMn42Q+mpkoTjBtwmbPI+CkCONyBPk279RfAAD2
VyfJC2DWDkYoMjB23VejraChRDuQzRRYe/aDbss+mBk/swkbFAgtcuXUvuNN6iwS
jHM7+U3AisMXGwjKfPq7EYznk8XueRgxoOQ5EIiq1hT8MxFewyuUtmfSIULCeUZ+
j/Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:07 2024 by rpki-client on console-fra.rpki-client.org