Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OPaKfZr6WvYu3x1zVFrjD4TvG3E.roa
File: OPaKfZr6WvYu3x1zVFrjD4TvG3E.roa (raw, json)
Hash identifier: 0SCHvgIg5Vs+cPHfLJelC0cE2M8x3fUoTugUR7+ujLk=
Subject key identifier: 38:F6:8A:7D:9A:FA:5A:F6:2E:DF:1D:73:54:5A:E3:0F:84:EF:1B:71
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F79C775055DD2CB84DE06795CA9002BA1
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OPaKfZr6WvYu3x1zVFrjD4TvG3E.roa
Signing time: Wed 15 May 2024 01:04:25 +0000
ROA not before: Wed 15 May 2024 01:04:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:79c7:4bb8/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:79:c7:75:05:5d:d2:cb:84:de:06:79:5c:a9:00:2b:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 15 01:04:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38f68a7d9afa5af62edf1d73545ae30f84ef1b71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e8:70:4a:ed:2c:f9:4e:27:5a:11:2a:09:82:
61:b7:37:24:b2:de:04:0c:88:28:dc:08:bd:db:70:
71:4c:36:29:e1:d5:4c:c1:6a:bb:6c:f4:d5:61:af:
18:ca:ce:63:da:9b:e2:7e:34:3d:2f:ae:2e:4b:8d:
85:1f:f4:e1:d2:64:bf:19:57:53:03:34:ef:50:05:
d1:be:36:05:f1:f9:59:d2:bd:b5:d6:15:88:e5:4f:
d3:fa:05:a2:b6:72:8a:6e:77:07:86:9b:e7:da:ca:
1e:59:45:8e:a2:20:48:76:61:17:18:6d:1d:d8:85:
30:40:fe:8f:6c:28:55:cc:20:2a:68:f9:21:83:42:
b0:92:ae:44:9d:4e:51:1f:dc:de:57:c2:f8:bf:e7:
0c:49:fa:ad:bc:70:d6:01:7a:4e:cc:e2:66:d2:d8:
3e:50:c3:c9:6d:90:5d:1f:43:65:fa:06:51:1f:90:
52:79:ad:60:25:da:42:6f:e3:c8:3b:02:a8:17:9b:
52:3f:87:0d:98:c5:5e:e8:c3:35:5d:64:b8:c1:10:
79:49:96:34:a4:66:eb:2b:cc:6e:5b:1c:ba:f5:d4:
bd:58:0c:59:7c:15:e7:97:50:df:da:bd:8a:ee:06:
9c:f2:4e:29:86:e0:d0:f8:1e:80:e3:da:d4:24:a5:
04:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:F6:8A:7D:9A:FA:5A:F6:2E:DF:1D:73:54:5A:E3:0F:84:EF:1B:71
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OPaKfZr6WvYu3x1zVFrjD4TvG3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
46:e9:23:9c:9a:90:3d:43:d6:82:d2:15:1e:92:a0:1a:bf:e4:
0e:4b:04:06:b4:40:a9:49:d8:37:4c:f7:da:77:0b:e6:8d:f7:
13:b6:29:1f:28:7d:97:c3:50:fc:90:df:29:df:97:75:4d:fd:
3d:2c:1b:14:72:df:68:e1:f3:3c:58:d1:97:b9:64:fd:b3:f1:
d9:04:6a:89:83:c3:67:ff:8b:af:c1:58:43:0f:4e:4b:ec:a2:
42:86:a9:7c:f3:56:1e:6d:dc:e3:ec:38:b8:8e:7c:f2:b3:29:
f4:45:71:20:63:9f:24:a1:3b:56:c1:e2:b3:88:6d:cc:dd:8f:
b1:b7:f1:fd:45:a8:44:53:63:25:e3:18:1d:35:fb:43:e3:5a:
bb:2b:32:b6:3a:54:a5:6f:a8:81:d0:24:af:94:ba:8f:85:f6:
5c:34:81:35:01:c8:19:00:2f:f8:7d:2f:52:d6:67:52:05:7a:
b0:47:88:ce:dc:cb:26:a4:94:77:17:d1:c5:5a:ab:58:67:e0:
61:cf:ff:42:29:ad:79:14:8c:7d:e6:66:39:7e:ae:21:be:5c:
5a:89:d9:17:a0:e9:e3:76:76:eb:aa:16:ef:d9:cb:a7:d6:b4:
06:0f:61:84:d8:e0:36:49:03:c7:ab:b0:02:46:2a:38:1f:3b:
97:66:60:2e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY95x3UFXdLLhN4GeVypACuhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE1MDEwNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGY2OGE3ZDlhZmE1YWY2MmVkZjFkNzM1NDVhZTMwZjg0ZWYxYjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoehwSu0s+U4nWhEqCYJhtzckst4E
DIgo3Ai923BxTDYp4dVMwWq7bPTVYa8Yys5j2pvifjQ9L64uS42FH/Th0mS/GVdT
AzTvUAXRvjYF8flZ0r211hWI5U/T+gWitnKKbncHhpvn2soeWUWOoiBIdmEXGG0d
2IUwQP6PbChVzCAqaPkhg0Kwkq5EnU5RH9zeV8L4v+cMSfqtvHDWAXpOzOJm0tg+
UMPJbZBdH0Nl+gZRH5BSea1gJdpCb+PIOwKoF5tSP4cNmMVe6MM1XWS4wRB5SZY0
pGbrK8xuWxy69dS9WAxZfBXnl1Df2r2K7gac8k4phuDQ+B6A49rUJKUE7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDj2in2a+lr2Lt8dc1Ra4w+E7xtxMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvT1BhS2ZacjZXdll1M3gxelZGcmpENFR2RzNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEbpI5yakD1D1oLSFR6S
oBq/5A5LBAa0QKlJ2DdM99p3C+aN9xO2KR8ofZfDUPyQ3ynfl3VN/T0sGxRy32jh
8zxY0Ze5ZP2z8dkEaomDw2f/i6/BWEMPTkvsokKGqXzzVh5t3OPsOLiOfPKzKfRF
cSBjnyShO1bB4rOIbczdj7G38f1FqERTYyXjGB01+0PjWrsrMrY6VKVvqIHQJK+U
uo+F9lw0gTUByBkAL/h9L1LWZ1IFerBHiM7cyyaklHcX0cVaq1hn4GHP/0IprXkU
jH3mZjl+riG+XFqJ2Reg6eN2duuqFu/Zy6fWtAYPYYTY4DZJA8ersAJGKjgfO5dm
YC4=
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:30:46 2025 by rpki-client