Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OFqNdZJC8MyEplZFg83wvbO7QyI.roa
File: OFqNdZJC8MyEplZFg83wvbO7QyI.roa (raw, json)
Hash identifier: ptro9W94iYLJHJSRVHGhTLzidPPOmKKY29aPgJAkYiM=
Subject key identifier: 38:5A:8D:75:92:42:F0:CC:84:A6:56:45:83:CD:F0:BD:B3:BB:43:22
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F19AC4D0A8B74AF1AC1A60CD1160F1BB4
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OFqNdZJC8MyEplZFg83wvbO7QyI.roa
Signing time: Fri 26 Apr 2024 09:11:13 +0000
ROA not before: Fri 26 Apr 2024 09:11:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:19:ac:4d:0a:8b:74:af:1a:c1:a6:0c:d1:16:0f:1b:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 26 09:11:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=385a8d759242f0cc84a6564583cdf0bdb3bb4322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ce:f7:cb:6e:57:97:94:9c:0d:47:89:6d:37:
db:36:9d:87:c1:0d:c9:2f:6d:c8:88:06:a2:78:5e:
ad:8c:60:72:b6:ad:66:7d:50:ac:75:75:22:98:c8:
5b:7e:97:4b:68:be:fb:be:34:4a:82:ae:f9:d0:c2:
2f:d3:d0:e7:5c:8a:d3:66:71:66:34:55:a3:67:71:
3d:36:5f:c0:27:23:55:2b:c4:4c:a0:e2:08:63:d2:
47:13:cf:fe:b0:43:5f:39:7b:02:2e:09:a1:79:09:
12:e7:41:42:bb:3b:72:9b:ad:d9:96:31:e4:f6:06:
3d:27:5c:4f:1d:3e:f0:d6:09:51:ee:df:78:54:04:
b4:b7:d4:61:8d:e7:ba:1e:ef:9a:f9:f4:96:fd:59:
dc:8f:92:af:c0:87:96:63:f8:5a:1c:28:81:ff:c2:
8a:9b:88:4c:61:2a:f1:9f:a1:40:70:c9:61:18:2d:
3c:7f:b5:e6:8c:1b:43:22:9e:97:54:e0:04:70:ce:
0b:21:8f:0c:34:b7:d9:6b:cd:48:8a:fa:c4:91:b9:
84:99:ec:56:e3:02:ee:ab:8d:45:6e:1c:76:23:e4:
9d:a4:18:87:3d:a6:f6:41:f2:80:f2:73:b7:74:ae:
83:7a:c6:90:b5:39:73:56:4b:53:de:3a:fd:35:ad:
18:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:5A:8D:75:92:42:F0:CC:84:A6:56:45:83:CD:F0:BD:B3:BB:43:22
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OFqNdZJC8MyEplZFg83wvbO7QyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
Signature Algorithm: sha256WithRSAEncryption
d2:80:87:45:e7:e7:97:24:87:a8:85:6d:a4:a6:31:2b:82:19:
34:5a:87:bd:fc:80:af:fc:fa:cf:c9:c7:55:05:a0:1a:dd:cd:
ef:1e:f1:5e:d8:4e:20:6d:90:8a:5b:b5:19:78:ba:65:b0:b5:
bf:0d:6c:df:d2:cb:de:e0:1c:03:52:cc:ee:86:ed:c5:26:ef:
17:66:75:68:1d:cb:9f:3e:21:8a:22:ad:79:89:8d:8a:89:bb:
30:4a:9a:59:01:0c:9a:29:2e:c6:dc:f6:b1:0f:1e:e9:0a:03:
a5:6b:d2:41:bf:0f:e0:fa:d1:23:f2:e4:da:a6:97:eb:3d:53:
39:5b:5f:e7:4c:e2:e0:e8:72:f8:5f:62:cc:71:f6:52:69:c4:
d1:92:23:62:92:71:c0:bb:9e:22:45:6d:3e:27:92:fb:ae:ab:
a2:89:70:2b:3a:a9:ff:9a:7a:1e:9b:d6:a1:a9:e6:c2:d3:52:
17:40:a0:25:c0:a5:42:26:ed:f4:3e:3a:3e:dc:60:7b:2d:63:
70:7f:a7:e5:f6:be:d9:82:6e:91:64:6c:1c:f2:32:52:48:83:
4c:42:2f:f8:1e:1c:64:ed:e8:0c:e9:52:34:fd:0d:fc:5c:7e:
72:97:f5:de:b4:f4:24:6e:75:97:fe:c7:05:22:df:6a:b8:42:
39:ed:b9:53
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8ZrE0Ki3SvGsGmDNEWDxu0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI2MDkxMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODVhOGQ3NTkyNDJmMGNjODRhNjU2NDU4M2NkZjBiZGIzYmI0MzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtM73y25Xl5ScDUeJbTfbNp2HwQ3J
L23IiAaieF6tjGBytq1mfVCsdXUimMhbfpdLaL77vjRKgq750MIv09DnXIrTZnFm
NFWjZ3E9Nl/AJyNVK8RMoOIIY9JHE8/+sENfOXsCLgmheQkS50FCuztym63ZljHk
9gY9J1xPHT7w1glR7t94VAS0t9Rhjee6Hu+a+fSW/Vncj5KvwIeWY/haHCiB/8KK
m4hMYSrxn6FAcMlhGC08f7XmjBtDIp6XVOAEcM4LIY8MNLfZa81IivrEkbmEmexW
4wLuq41Fbhx2I+SdpBiHPab2QfKA8nO3dK6DesaQtTlzVktT3jr9Na0YuwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDhajXWSQvDMhKZWRYPN8L2zu0MiMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvT0ZxTmRaSkM4TXlFcGxaRmc4M3d2Yk83UXlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQDwQAYMBkE
AgACMBMDEQAgAQZ8AGT//wAAAY8FQ55BMA0GCSqGSIb3DQEBCwUAA4IBAQDSgIdF
5+eXJIeohW2kpjErghk0Woe9/ICv/PrPycdVBaAa3c3vHvFe2E4gbZCKW7UZeLpl
sLW/DWzf0sve4BwDUszuhu3FJu8XZnVoHcufPiGKIq15iY2KibswSppZAQyaKS7G
3PaxDx7pCgOla9JBvw/g+tEj8uTappfrPVM5W1/nTOLg6HL4X2LMcfZSacTRkiNi
knHAu54iRW0+J5L7rquiiXArOqn/mnoem9ahqebC01IXQKAlwKVCJu30Pjo+3GB7
LWNwf6fl9r7Zgm6RZGwc8jJSSINMQi/4Hhxk7egM6VI0/Q38XH5yl/XetPQkbnWX
/scFIt9quEI57blT
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:43 2025 by rpki-client