Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ohpwcdqRtFKdHGCiah0FPko6xTw.roa
File: ohpwcdqRtFKdHGCiah0FPko6xTw.roa (raw, json)
Hash identifier: fT7025xsaop6pk0w0y9euNFJFAECqlV3EHi+GKBpkeI=
Subject key identifier: A2:1A:70:71:DA:91:B4:52:9D:1C:60:A2:6A:1D:05:3E:4A:3A:C5:3C
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F521BFBF63C3FFB91C30438F49ADDE43B
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ohpwcdqRtFKdHGCiah0FPko6xTw.roa
Signing time: Tue 07 May 2024 08:11:56 +0000
ROA not before: Tue 07 May 2024 08:11:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:52:1b:fb:f6:3c:3f:fb:91:c3:04:38:f4:9a:dd:e4:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 7 08:11:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a21a7071da91b4529d1c60a26a1d053e4a3ac53c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d6:1d:2c:4e:28:fa:d3:22:f3:ab:58:cc:a2:
b9:5b:68:46:50:e9:09:b8:6c:67:49:5b:f1:be:42:
58:1f:c5:4d:8a:23:d4:57:16:61:29:ac:b5:fb:5b:
cd:b0:54:8b:37:c7:44:0c:e3:f4:90:ae:b4:35:81:
fa:25:f3:6c:3f:8e:b1:a9:ad:25:58:9a:35:f3:72:
75:b1:48:57:97:c5:ed:e7:0d:f3:b3:a9:3c:8b:37:
09:16:3b:c5:b6:fc:c4:27:ab:e4:eb:e3:1b:39:5d:
79:d3:23:cd:de:7e:6a:63:ff:ce:6b:ff:10:e2:31:
4e:88:0c:ee:2c:1f:6a:b6:4d:85:ef:45:a5:9d:04:
d4:c8:03:d6:3d:1b:e1:54:f7:6b:9b:0b:d2:02:a0:
1b:06:8b:1d:1e:24:81:78:e7:c0:e2:5f:5b:26:af:
4f:4a:7c:6f:b7:27:d4:7c:01:6a:18:cb:e5:62:57:
37:80:5f:f6:37:08:48:07:a3:c2:fb:4c:e4:68:da:
00:fb:cc:ef:89:a7:45:27:40:95:cd:dd:14:3d:43:
53:41:bc:c7:66:a0:51:56:6a:84:aa:89:90:4c:e7:
78:a8:ee:0b:ca:c4:a2:03:5a:9e:01:dc:ac:e3:d8:
e0:b8:cb:32:c0:30:76:cf:0e:2b:bd:24:83:55:4a:
09:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:1A:70:71:DA:91:B4:52:9D:1C:60:A2:6A:1D:05:3E:4A:3A:C5:3C
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/ohpwcdqRtFKdHGCiah0FPko6xTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9e:a6:cc:fe:d1:b1:1d:dd:ce:fa:2a:29:c9:c1:33:d5:31:43:
d2:28:8a:ee:57:d5:24:2b:b8:5b:29:ff:61:ea:0f:eb:ac:91:
76:eb:6a:00:a9:70:bf:a1:e0:3f:b3:c3:42:23:71:2d:3d:38:
38:62:0f:a0:49:4f:7a:9f:46:cd:d6:25:25:4f:6d:ee:38:c9:
23:41:2b:3d:56:53:1b:4f:b9:4e:2c:b3:dd:67:7b:ed:bd:9f:
f7:4b:3b:6a:70:a6:49:bb:4d:d9:e7:9d:89:dd:cb:88:c3:3a:
48:4d:37:a0:e7:f0:20:21:54:66:f2:44:ba:c8:15:d7:fd:8e:
9a:10:10:56:1d:7a:eb:7c:c0:33:cc:a2:67:e7:fb:a3:9c:af:
9b:15:32:cd:e3:d4:94:ed:13:fa:69:b4:e2:9b:ab:58:23:a8:
52:3e:e6:b9:1d:f9:d6:5f:7f:86:d1:33:94:77:24:d5:db:fd:
b3:6b:a3:8a:47:8f:0a:31:6f:0e:fe:87:80:cb:d4:63:c0:82:
d5:23:ef:7d:b3:55:71:7e:08:44:01:fe:ad:53:79:a9:e3:6b:
0e:b8:84:a4:6f:a1:bd:9b:07:3e:d7:d7:26:ab:cd:f4:62:3c:
20:ad:45:a1:7b:e4:03:31:bb:84:38:b5:f1:42:94:8e:7d:e0:
66:31:fe:67
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9SG/v2PD/7kcMEOPSa3eQ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA3MDgxMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjFhNzA3MWRhOTFiNDUyOWQxYzYwYTI2YTFkMDUzZTRhM2FjNTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0tYdLE4o+tMi86tYzKK5W2hGUOkJ
uGxnSVvxvkJYH8VNiiPUVxZhKay1+1vNsFSLN8dEDOP0kK60NYH6JfNsP46xqa0l
WJo183J1sUhXl8Xt5w3zs6k8izcJFjvFtvzEJ6vk6+MbOV150yPN3n5qY//Oa/8Q
4jFOiAzuLB9qtk2F70WlnQTUyAPWPRvhVPdrmwvSAqAbBosdHiSBeOfA4l9bJq9P
SnxvtyfUfAFqGMvlYlc3gF/2NwhIB6PC+0zkaNoA+8zviadFJ0CVzd0UPUNTQbzH
ZqBRVmqEqomQTOd4qO4LysSiA1qeAdys49jguMsywDB2zw4rvSSDVUoJCQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKIacHHakbRSnRxgomodBT5KOsU8MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvb2hwd2NkcVJ0RktkSEdDaWFoMEZQa282eFR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ6mzP7RsR3dzvoqKcnB
M9UxQ9Ioiu5X1SQruFsp/2HqD+uskXbragCpcL+h4D+zw0IjcS09ODhiD6BJT3qf
Rs3WJSVPbe44ySNBKz1WUxtPuU4ss91ne+29n/dLO2pwpkm7TdnnnYndy4jDOkhN
N6Dn8CAhVGbyRLrIFdf9jpoQEFYdeut8wDPMomfn+6Ocr5sVMs3j1JTtE/pptOKb
q1gjqFI+5rkd+dZff4bRM5R3JNXb/bNro4pHjwoxbw7+h4DL1GPAgtUj732zVXF+
CEQB/q1Teanjaw64hKRvob2bBz7X1yarzfRiPCCtRaF75AMxu4Q4tfFClI594GYx
/mc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:59 2024 by rpki-client on console-ams.rpki-client.org