Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OWdDGE2qOAxrIHvayvmsbwwiexc.roa
File: OWdDGE2qOAxrIHvayvmsbwwiexc.roa (raw, json)
Hash identifier: KlcdEhN+ZabsxXU+sa8bgbaWpHWPSAlny4kBB5gmvVI=
Subject key identifier: 39:67:43:18:4D:AA:38:0C:6B:20:7B:DA:CA:F9:AC:6F:0C:22:7B:17
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F34120921729334E1D1CB64B852B43A9D
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OWdDGE2qOAxrIHvayvmsbwwiexc.roa
Signing time: Wed 01 May 2024 12:12:28 +0000
ROA not before: Wed 01 May 2024 12:12:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:34:12:09:21:72:93:34:e1:d1:cb:64:b8:52:b4:3a:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 1 12:12:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=396743184daa380c6b207bdacaf9ac6f0c227b17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a7:3a:68:1a:cd:3d:35:67:87:30:58:a3:ee:
cb:64:12:6a:3c:39:0b:ce:71:c0:c9:fa:44:c9:eb:
67:87:59:43:93:db:61:8e:86:fa:3b:82:75:d2:55:
d0:df:06:ec:27:83:35:21:83:8f:d3:b1:5d:e7:bc:
c7:95:6a:c2:68:0e:d4:d9:bb:ad:8a:a3:94:b8:47:
a2:12:0a:3b:8f:ff:91:3b:78:c1:79:c9:b4:d7:fc:
71:da:da:69:fa:3f:b0:90:d5:c4:91:cb:3d:15:54:
4b:a8:a6:7a:27:85:f0:17:9e:e3:dd:d3:a3:7c:4d:
f3:93:13:1f:90:da:78:f5:23:a9:b1:04:ac:ce:55:
d0:4b:8b:ef:28:cb:3b:a1:d6:d2:e5:d9:0b:78:56:
ed:72:1e:64:43:a3:f1:ee:f1:4e:e1:7c:de:01:8a:
87:43:45:0a:68:2a:bf:60:aa:ca:71:f8:be:57:59:
b1:2b:38:e2:0c:1c:b9:dc:6c:fc:fd:d5:62:b5:41:
f3:26:11:78:f9:24:9f:42:9d:76:3b:c3:aa:d5:d9:
4b:ab:12:60:da:68:14:b1:1d:95:97:b2:ee:15:5e:
be:10:f7:1e:3c:e7:8e:06:ea:84:b0:b9:1a:cb:02:
ee:72:e9:95:14:19:1d:77:6a:c4:d0:e7:83:76:d0:
63:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:67:43:18:4D:AA:38:0C:6B:20:7B:DA:CA:F9:AC:6F:0C:22:7B:17
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OWdDGE2qOAxrIHvayvmsbwwiexc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:62:83:31:a9:0e:e3:42:5d:71:63:a4:09:d6:2e:8d:90:d5:
ce:6d:0f:6a:f1:fb:32:02:d1:e2:c4:dd:66:2a:bd:ed:c5:b2:
64:97:79:62:c3:a7:49:3a:8e:18:c7:87:2c:1c:24:81:03:04:
4a:8f:1b:54:34:df:01:5d:94:7a:c1:90:d4:6e:c5:e6:a5:8e:
27:37:4c:3c:d8:a0:27:c2:01:4c:c0:9b:1e:54:32:82:f1:af:
c4:31:e4:f1:6e:53:44:e7:5d:62:9a:d9:6c:a3:09:0f:24:1b:
35:66:ee:83:5c:78:10:a1:f8:4c:8b:b9:4b:a2:78:20:5c:c5:
35:6f:a7:5d:6b:9b:6d:28:f0:c5:82:a8:12:df:9d:6e:da:0e:
5e:a9:94:fe:fd:bb:b0:7c:e4:48:20:6d:34:6e:ca:dd:cc:40:
ae:09:45:6a:86:27:cb:35:92:d0:29:c6:28:28:e5:2e:aa:54:
34:18:58:66:67:ed:38:df:17:97:36:89:48:32:67:29:5c:dc:
bb:88:2d:66:09:d6:47:81:ad:cd:81:1b:6e:ee:ed:01:72:74:
6e:74:71:3d:63:9f:a8:8f:68:15:09:ef:46:f2:67:f0:c3:d1:
4c:6e:9a:81:3c:cd:e2:21:76:ff:47:04:69:7c:54:df:d1:3d:
ac:bc:02:7d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY80EgkhcpM04dHLZLhStDqdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTAxMTIxMjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTY3NDMxODRkYWEzODBjNmIyMDdiZGFjYWY5YWM2ZjBjMjI3YjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApac6aBrNPTVnhzBYo+7LZBJqPDkL
znHAyfpEyetnh1lDk9thjob6O4J10lXQ3wbsJ4M1IYOP07Fd57zHlWrCaA7U2but
iqOUuEeiEgo7j/+RO3jBecm01/xx2tpp+j+wkNXEkcs9FVRLqKZ6J4XwF57j3dOj
fE3zkxMfkNp49SOpsQSszlXQS4vvKMs7odbS5dkLeFbtch5kQ6Px7vFO4XzeAYqH
Q0UKaCq/YKrKcfi+V1mxKzjiDBy53Gz8/dVitUHzJhF4+SSfQp12O8Oq1dlLqxJg
2mgUsR2Vl7LuFV6+EPcePOeOBuqEsLkaywLucumVFBkdd2rE0OeDdtBj6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDlnQxhNqjgMayB72sr5rG8MInsXMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvT1dkREdFMnFPQXhySUh2YXl2bXNid3dpZXhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABpigzGpDuNCXXFjpAnW
Lo2Q1c5tD2rx+zIC0eLE3WYqve3FsmSXeWLDp0k6jhjHhywcJIEDBEqPG1Q03wFd
lHrBkNRuxealjic3TDzYoCfCAUzAmx5UMoLxr8Qx5PFuU0TnXWKa2WyjCQ8kGzVm
7oNceBCh+EyLuUuieCBcxTVvp11rm20o8MWCqBLfnW7aDl6plP79u7B85EggbTRu
yt3MQK4JRWqGJ8s1ktApxigo5S6qVDQYWGZn7TjfF5c2iUgyZylc3LuILWYJ1keB
rc2BG27u7QFydG50cT1jn6iPaBUJ70byZ/DD0UxumoE8zeIhdv9HBGl8VN/RPay8
An0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:12 2025 by rpki-client