Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OKAtSIvu-bBI9wws3-CTZWbqTFE.roa
File: OKAtSIvu-bBI9wws3-CTZWbqTFE.roa (raw, json)
Hash identifier: JRV7N3Rsu78ZwUggp6oma0pxoR1lPPIEz4KQT6VP8nY=
Subject key identifier: 38:A0:2D:48:8B:EE:F9:B0:48:F7:0C:2C:DF:E0:93:65:66:EA:4C:51
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F796000612214BA7E3EA795B326860E27
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OKAtSIvu-bBI9wws3-CTZWbqTFE.roa
Signing time: Tue 14 May 2024 23:11:25 +0000
ROA not before: Tue 14 May 2024 23:11:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:79:60:00:61:22:14:ba:7e:3e:a7:95:b3:26:86:0e:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 14 23:11:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38a02d488beef9b048f70c2cdfe0936566ea4c51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:67:a9:52:85:14:e6:5c:8a:69:d1:a1:75:a8:
05:a3:ec:3c:3d:89:c1:1f:fc:2c:1f:4b:1a:a7:7a:
c6:e3:f7:5c:85:bf:39:34:0c:d7:64:92:c3:e6:29:
37:5c:a7:d5:e0:c4:fb:22:fe:53:59:be:67:6f:86:
dc:87:64:d3:ce:0b:9c:8c:e6:75:6e:19:d3:d5:5e:
bb:de:d5:93:1a:95:01:46:ef:ef:a3:ac:33:4a:f4:
61:18:1d:b5:89:a3:76:9f:25:65:9d:f6:47:39:72:
c8:ab:4c:f1:e3:31:46:52:5f:6e:64:9d:fd:71:a1:
8c:c6:0d:9d:8d:1a:f1:38:38:ac:75:29:e5:d3:5f:
64:8b:14:4d:fc:a4:95:cb:03:63:b2:d2:36:50:b0:
46:fb:ae:56:5c:a5:fc:0c:c2:e0:d5:85:14:53:4e:
6f:89:91:bb:3f:72:74:28:96:5f:e6:68:60:2c:d1:
97:a0:fb:81:50:d4:76:27:09:f7:36:ee:c3:3d:5f:
da:22:49:2d:6d:ea:8f:b4:ce:55:36:76:82:2a:a6:
20:63:c4:c0:ad:11:17:ad:fe:03:a1:1c:38:62:be:
21:92:48:62:94:0a:9b:d7:b9:14:55:56:36:9a:a6:
23:b3:4d:c7:7e:d2:d2:a2:d3:d1:a6:29:33:3e:ab:
a9:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:A0:2D:48:8B:EE:F9:B0:48:F7:0C:2C:DF:E0:93:65:66:EA:4C:51
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OKAtSIvu-bBI9wws3-CTZWbqTFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0f:fe:7a:ea:4e:50:4b:60:07:6c:16:8c:4c:4d:9e:df:cd:c6:
8d:71:b3:7d:a1:83:d4:c6:bf:90:e2:5c:af:66:7c:a4:6e:f7:
03:e8:ad:b5:23:3b:13:ab:85:70:75:a0:06:db:60:53:22:73:
a6:de:93:14:92:5b:21:a8:bc:18:53:86:88:89:44:4a:9c:96:
49:31:51:0d:d3:fa:17:b4:6d:b7:8f:a9:71:07:25:77:dc:5b:
15:f4:cc:dc:5f:5c:49:ce:20:d7:c8:83:1b:54:f0:f5:f6:fd:
13:3e:eb:36:b3:1e:cd:fc:9a:ac:30:b8:6d:eb:37:4b:33:f5:
c3:29:b3:8d:0a:81:0a:5f:e0:ed:d0:77:17:31:4b:8a:f0:91:
9c:fb:e0:4b:c8:87:99:c1:0c:56:07:cd:8e:23:84:53:35:03:
9a:4b:e0:d6:d4:a6:f2:e2:88:65:e8:9a:5c:f2:1e:2e:3e:78:
8c:e3:ae:39:1f:10:76:18:52:82:a7:f5:49:19:ed:aa:34:d5:
8f:3b:53:d1:20:c2:1b:e8:e9:6e:69:91:5b:ff:3d:47:75:95:
9a:21:36:2c:8a:5a:25:35:92:5a:32:3c:91:8b:d2:ff:7e:a5:
e3:af:7b:99:bb:df:68:3d:89:05:ff:9b:9d:69:58:86:25:61:
a8:42:31:41
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY95YABhIhS6fj6nlbMmhg4nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE0MjMxMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGEwMmQ0ODhiZWVmOWIwNDhmNzBjMmNkZmUwOTM2NTY2ZWE0YzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGepUoUU5lyKadGhdagFo+w8PYnB
H/wsH0sap3rG4/dchb85NAzXZJLD5ik3XKfV4MT7Iv5TWb5nb4bch2TTzgucjOZ1
bhnT1V673tWTGpUBRu/vo6wzSvRhGB21iaN2nyVlnfZHOXLIq0zx4zFGUl9uZJ39
caGMxg2djRrxODisdSnl019kixRN/KSVywNjstI2ULBG+65WXKX8DMLg1YUUU05v
iZG7P3J0KJZf5mhgLNGXoPuBUNR2Jwn3Nu7DPV/aIkktbeqPtM5VNnaCKqYgY8TA
rREXrf4DoRw4Yr4hkkhilAqb17kUVVY2mqYjs03HftLSotPRpikzPqupswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDigLUiL7vmwSPcMLN/gk2Vm6kxRMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvT0tBdFNJdnUtYkJJOXd3czMtQ1RaV2JxVEZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA/+eupOUEtgB2wWjExN
nt/Nxo1xs32hg9TGv5DiXK9mfKRu9wPorbUjOxOrhXB1oAbbYFMic6bekxSSWyGo
vBhThoiJREqclkkxUQ3T+he0bbePqXEHJXfcWxX0zNxfXEnOINfIgxtU8PX2/RM+
6zazHs38mqwwuG3rN0sz9cMps40KgQpf4O3QdxcxS4rwkZz74EvIh5nBDFYHzY4j
hFM1A5pL4NbUpvLiiGXomlzyHi4+eIzjrjkfEHYYUoKn9UkZ7ao01Y87U9Egwhvo
6W5pkVv/PUd1lZohNiyKWiU1kloyPJGL0v9+peOve5m732g9iQX/m51pWIYlYahC
MUE=
-----END CERTIFICATE-----
Generated at Sun Jun 8 16:33:29 2025 by rpki-client