Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/O8XTeLt6hD0AIUAFBVGxlQ-O09E.roa
File: O8XTeLt6hD0AIUAFBVGxlQ-O09E.roa (raw, json)
Hash identifier: g/4C3ytLfIh48zkJNXV94shBOsXXkeCFKSSGd9YhZvo=
Subject key identifier: 3B:C5:D3:78:BB:7A:84:3D:00:21:40:05:05:51:B1:95:0F:8E:D3:D1
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F5D0D7F46262BBE1A1DD9E41B1CA7EC0F
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/O8XTeLt6hD0AIUAFBVGxlQ-O09E.roa
Signing time: Thu 09 May 2024 11:11:56 +0000
ROA not before: Thu 09 May 2024 11:11:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5d:0d:7f:46:26:2b:be:1a:1d:d9:e4:1b:1c:a7:ec:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 9 11:11:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bc5d378bb7a843d002140050551b1950f8ed3d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:2f:af:18:b8:df:ec:73:0f:a7:65:20:4a:4a:
70:70:71:97:50:77:de:ce:70:1b:8d:9b:ef:6a:ce:
29:de:77:62:6e:4b:fa:dd:19:5d:a5:27:f4:28:f8:
79:04:b2:1a:f9:dd:24:23:65:0a:ad:c1:d1:6d:b0:
9d:d2:29:81:7c:0f:f4:20:0d:60:b5:f7:36:91:79:
4a:ca:1f:30:50:f2:aa:d0:3a:72:e5:9e:10:a1:6d:
0b:4b:e2:6a:31:aa:b6:95:93:72:43:22:bb:3f:ec:
cb:2e:af:4e:76:cd:e7:f7:70:bc:5d:65:bd:c6:c1:
7e:e8:d5:b0:47:cd:f8:0a:13:37:db:6a:bb:c6:74:
13:2d:b7:05:63:49:8f:8e:df:ed:d3:d5:60:c4:9c:
b3:50:27:53:ac:1b:ed:9a:33:30:b5:08:ae:26:44:
95:d7:72:e4:98:7a:f3:15:9f:c3:05:0c:b4:42:1b:
53:ed:bc:db:04:3b:9f:c6:91:37:3b:25:2a:da:04:
be:5e:0a:14:c5:1b:4d:92:d2:9b:0d:81:72:c0:ed:
27:ab:ea:82:0c:67:0b:93:9b:4d:97:2f:7c:f1:d3:
1e:72:cd:ad:a2:c4:bc:7a:6a:35:d7:21:6b:60:54:
37:22:23:64:f1:32:f9:fe:69:57:8a:a8:f3:68:0e:
95:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:C5:D3:78:BB:7A:84:3D:00:21:40:05:05:51:B1:95:0F:8E:D3:D1
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/O8XTeLt6hD0AIUAFBVGxlQ-O09E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
38:e3:12:db:31:9b:e7:ef:96:93:78:d2:14:89:d2:f1:2c:d5:
9a:aa:6a:9f:f1:4e:b5:5a:d6:08:b8:04:e1:aa:55:30:8d:c0:
b0:d2:28:a8:35:7a:f2:e6:f0:9c:5a:71:d1:2a:99:c9:91:19:
56:f8:ec:3e:d2:97:69:a2:24:11:e3:df:28:94:c4:07:f5:76:
32:a3:f1:e5:d2:c5:8c:c2:cd:43:16:67:52:71:32:98:8c:2f:
80:b8:8b:da:d3:b8:f6:d2:95:9a:11:5f:9f:1f:d9:e4:89:8f:
3e:96:2f:fd:5e:99:49:7c:79:3c:ca:43:19:5b:e7:95:5f:0d:
37:59:d8:c3:27:8b:68:81:a7:1a:05:7f:9e:22:8b:cf:72:83:
7d:e8:6b:32:5e:c1:c0:6b:ce:71:5f:db:6e:79:db:4c:67:11:
a3:7e:f2:23:c6:98:c6:59:1b:d6:7c:aa:04:b0:94:d5:10:47:
cd:ce:91:90:85:e3:eb:3a:39:78:e5:2c:8f:31:d1:46:3c:a9:
23:a1:30:f7:b4:60:9c:cd:48:ce:32:12:f7:70:c7:27:b0:74:
ef:1b:82:4c:bf:fe:4c:38:ee:39:a6:c2:00:0d:68:28:38:d8:
ca:3a:99:ad:76:a8:2a:56:5e:43:ba:85:aa:44:e9:2c:58:39:
85:67:7c:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9dDX9GJiu+Gh3Z5Bscp+wPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA5MTExMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmM1ZDM3OGJiN2E4NDNkMDAyMTQwMDUwNTUxYjE5NTBmOGVkM2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8S+vGLjf7HMPp2UgSkpwcHGXUHfe
znAbjZvvas4p3ndibkv63RldpSf0KPh5BLIa+d0kI2UKrcHRbbCd0imBfA/0IA1g
tfc2kXlKyh8wUPKq0Dpy5Z4QoW0LS+JqMaq2lZNyQyK7P+zLLq9Ods3n93C8XWW9
xsF+6NWwR834ChM322q7xnQTLbcFY0mPjt/t09VgxJyzUCdTrBvtmjMwtQiuJkSV
13LkmHrzFZ/DBQy0QhtT7bzbBDufxpE3OyUq2gS+XgoUxRtNktKbDYFywO0nq+qC
DGcLk5tNly988dMecs2tosS8emo11yFrYFQ3IiNk8TL5/mlXiqjzaA6VxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDvF03i7eoQ9ACFABQVRsZUPjtPRMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvTzhYVGVMdDZoRDBBSVVBRkJWR3hsUS1PMDlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADjjEtsxm+fvlpN40hSJ
0vEs1Zqqap/xTrVa1gi4BOGqVTCNwLDSKKg1evLm8JxacdEqmcmRGVb47D7Sl2mi
JBHj3yiUxAf1djKj8eXSxYzCzUMWZ1JxMpiML4C4i9rTuPbSlZoRX58f2eSJjz6W
L/1emUl8eTzKQxlb55VfDTdZ2MMni2iBpxoFf54ii89yg33oazJewcBrznFf2255
20xnEaN+8iPGmMZZG9Z8qgSwlNUQR83OkZCF4+s6OXjlLI8x0UY8qSOhMPe0YJzN
SM4yEvdwxyewdO8bgky//kw47jmmwgANaCg42Mo6ma12qCpWXkO6hapE6SxYOYVn
fHg=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:05:12 2025 by rpki-client