Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OAiFLbXCt-jTLvrebhdf5y0w-Y4.roa
File: OAiFLbXCt-jTLvrebhdf5y0w-Y4.roa (raw, json)
Hash identifier: TNb5grNF7Zd8THmRhZ5rxNn5yynaE7Ee0pGdUF6WLD0=
Subject key identifier: 38:08:85:2D:B5:C2:B7:E8:D3:2E:FA:DE:6E:17:5F:E7:2D:30:F9:8E
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F42033250E9B936320811B65909CE7782
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OAiFLbXCt-jTLvrebhdf5y0w-Y4.roa
Signing time: Sat 04 May 2024 05:10:56 +0000
ROA not before: Sat 04 May 2024 05:10:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:42:03:32:50:e9:b9:36:32:08:11:b6:59:09:ce:77:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 4 05:10:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3808852db5c2b7e8d32efade6e175fe72d30f98e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:59:9b:44:90:e9:a3:07:53:ba:bb:c0:45:e1:
dc:09:11:76:86:cd:ec:89:69:91:a9:57:f9:dc:57:
11:ec:3b:ac:19:51:c1:f2:ef:7d:b4:ff:e8:c6:fe:
20:bb:7e:7b:87:af:3c:82:80:cc:bf:9f:42:77:7b:
04:e8:3e:48:6f:8d:87:56:4a:8d:87:36:fc:02:21:
02:3b:11:67:2e:5c:f5:48:52:70:31:11:ff:7d:65:
cf:9b:75:d2:bf:a1:e0:8d:d8:00:75:a6:5f:a1:36:
f3:a1:86:c9:ad:6f:1d:f6:39:7c:47:d3:fe:ee:8e:
56:8f:85:36:d3:91:55:fc:b8:c8:ca:8b:00:7a:26:
38:30:8a:42:44:0c:c7:be:7f:e0:0e:85:49:36:a4:
87:86:6f:7c:97:02:ac:8c:a9:50:b8:86:f0:f9:64:
3e:ea:00:96:fd:ff:cf:a8:d3:0d:79:d8:be:aa:12:
76:c7:fa:5c:db:c6:ba:05:c2:61:ad:5f:3c:33:65:
61:a5:dc:0e:73:a0:58:c1:a1:91:d8:14:03:1f:11:
92:a4:d3:bb:24:01:65:fc:62:60:67:8c:b4:25:2d:
cc:b7:22:49:74:56:57:8f:0f:1d:b2:df:c9:b3:c2:
9e:61:4a:c7:1c:b3:82:44:5f:65:82:fa:0f:72:e5:
90:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:08:85:2D:B5:C2:B7:E8:D3:2E:FA:DE:6E:17:5F:E7:2D:30:F9:8E
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OAiFLbXCt-jTLvrebhdf5y0w-Y4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
77:3e:03:cd:ce:34:a2:a3:9c:d6:22:48:8a:ea:6b:7c:49:bb:
4c:cb:8e:81:2b:28:03:9b:f5:35:47:79:cc:e7:01:0f:32:c3:
1d:f3:2f:03:1d:dd:89:f3:a9:39:80:18:19:88:59:2e:4e:dc:
e4:0e:db:b2:3c:ec:fd:ac:c8:45:34:c6:2c:94:4f:75:d4:d7:
b6:6b:b2:28:6d:d6:c0:3d:1a:a7:2d:38:ef:4d:56:6d:0f:62:
ed:78:c9:6c:a7:58:1d:a2:ba:c6:47:b8:40:14:17:2c:06:16:
02:d7:2c:cb:38:cc:79:3d:b4:db:65:8f:a5:e7:9c:44:cd:59:
fa:ea:0e:ce:67:4b:51:42:95:6b:c7:0e:a6:79:40:75:e7:74:
a4:fe:a6:07:06:ff:9b:f1:c3:25:a0:07:ef:4e:dd:82:2c:26:
3c:1a:73:7c:57:29:21:9d:99:65:19:02:82:9e:12:f5:6f:d1:
28:c7:5d:02:35:5e:bd:c0:ba:c8:3e:f1:80:91:24:13:91:00:
65:93:46:27:79:69:74:90:2f:15:fd:39:67:1a:d6:0f:6b:98:
19:9d:8f:9b:71:4a:15:72:51:9e:7c:a7:9a:d2:94:07:f0:fd:
86:c4:6b:95:8f:1f:ba:a0:1e:d4:bd:ab:07:33:b8:f5:73:be:
41:56:e9:61
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9CAzJQ6bk2MggRtlkJzneCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA0MDUxMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODA4ODUyZGI1YzJiN2U4ZDMyZWZhZGU2ZTE3NWZlNzJkMzBmOThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+FmbRJDpowdTurvAReHcCRF2hs3s
iWmRqVf53FcR7DusGVHB8u99tP/oxv4gu357h688goDMv59Cd3sE6D5Ib42HVkqN
hzb8AiECOxFnLlz1SFJwMRH/fWXPm3XSv6HgjdgAdaZfoTbzoYbJrW8d9jl8R9P+
7o5Wj4U205FV/LjIyosAeiY4MIpCRAzHvn/gDoVJNqSHhm98lwKsjKlQuIbw+WQ+
6gCW/f/PqNMNedi+qhJ2x/pc28a6BcJhrV88M2VhpdwOc6BYwaGR2BQDHxGSpNO7
JAFl/GJgZ4y0JS3MtyJJdFZXjw8dst/Js8KeYUrHHLOCRF9lgvoPcuWQQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDgIhS21wrfo0y763m4XX+ctMPmOMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvT0FpRkxiWEN0LWpUTHZyZWJoZGY1eTB3LVk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHc+A83ONKKjnNYiSIrq
a3xJu0zLjoErKAOb9TVHecznAQ8ywx3zLwMd3YnzqTmAGBmIWS5O3OQO27I87P2s
yEU0xiyUT3XU17Zrsiht1sA9GqctOO9NVm0PYu14yWynWB2iusZHuEAUFywGFgLX
LMs4zHk9tNtlj6XnnETNWfrqDs5nS1FClWvHDqZ5QHXndKT+pgcG/5vxwyWgB+9O
3YIsJjwac3xXKSGdmWUZAoKeEvVv0SjHXQI1Xr3Ausg+8YCRJBORAGWTRid5aXSQ
LxX9OWca1g9rmBmdj5txShVyUZ58p5rSlAfw/YbEa5WPH7qgHtS9qwczuPVzvkFW
6WE=
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:13:20 2025 by rpki-client