Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OciIw5W2CFfJmyCYv4WIzv4jUy0.roa
File: OciIw5W2CFfJmyCYv4WIzv4jUy0.roa (raw, json)
Hash identifier: V3K5WEDtVyAVfqEko3yj6RtzWiRqV/GG6KsBljAYuq4=
Subject key identifier: 39:C8:88:C3:95:B6:08:57:C9:9B:20:98:BF:85:88:CE:FE:23:53:2D
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F592FD0E6D7C74D33A8C3705E26B5478C
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OciIw5W2CFfJmyCYv4WIzv4jUy0.roa
Signing time: Wed 08 May 2024 17:10:56 +0000
ROA not before: Wed 08 May 2024 17:10:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:59:2f:d0:e6:d7:c7:4d:33:a8:c3:70:5e:26:b5:47:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 8 17:10:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39c888c395b60857c99b2098bf8588cefe23532d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a1:dd:3d:c9:ed:80:e8:17:5e:a2:1d:96:58:
9e:8a:cb:f3:eb:b9:8e:ef:d7:39:49:a2:d1:19:5b:
6e:18:23:ac:8f:a0:f6:4b:aa:0f:01:6f:8e:0a:0f:
a6:ab:26:9b:50:ea:81:b2:f6:41:04:48:d1:4e:05:
1f:f8:8b:c7:3d:3a:bc:f5:46:c3:9a:35:fa:0c:72:
c2:3c:90:7c:82:0e:89:8d:52:44:15:af:89:12:10:
ad:91:4d:64:87:8d:4b:b4:53:6b:7e:e4:ea:13:a1:
c5:56:87:cd:2f:b9:62:f2:4c:a6:ee:ce:a3:43:22:
9a:5f:80:8c:77:d7:73:59:41:aa:cc:f5:86:6f:a6:
c3:37:96:3b:3f:27:7d:b5:a0:dd:4b:05:5c:a2:ec:
66:93:76:ec:c5:ea:6c:79:09:72:be:70:e5:df:de:
6a:14:61:de:fb:a1:54:84:62:d7:58:87:56:e3:67:
b5:a6:23:1c:30:f9:b4:c1:e1:47:22:c7:c8:92:30:
d5:87:d9:d7:7f:3d:66:c8:7a:9d:c0:db:42:48:1a:
5c:6f:bb:53:06:ed:4e:61:30:6b:25:09:85:11:e3:
47:cd:8a:e5:62:ea:0c:60:91:6f:31:d6:74:fd:cd:
cf:96:ba:ac:7d:44:b4:56:1c:27:70:a0:cd:ae:16:
48:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:C8:88:C3:95:B6:08:57:C9:9B:20:98:BF:85:88:CE:FE:23:53:2D
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OciIw5W2CFfJmyCYv4WIzv4jUy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6a:93:ab:bc:53:48:4d:d7:96:40:51:4f:bd:82:be:e8:c4:2a:
b7:a6:2a:79:63:78:a3:97:7e:6c:ba:12:e3:34:45:3b:46:24:
22:80:94:f6:68:63:e1:b9:46:6b:d9:2d:28:ed:8d:c5:a0:d4:
43:ed:ae:c6:81:07:c4:7b:71:5a:d1:99:f4:46:97:a5:6e:b4:
28:b3:e8:a4:5c:9d:b9:c5:ad:35:c8:7d:00:cd:91:5e:89:e9:
9a:1b:b1:8b:ce:1a:27:2d:6a:07:b0:5b:63:a1:c0:d9:13:92:
74:2e:bf:92:8f:93:60:c3:46:f3:eb:cb:b7:a5:14:b7:55:2b:
b5:bf:ab:c0:c5:68:02:72:09:87:6b:02:6b:66:9d:1f:19:c8:
55:41:40:ad:b9:99:87:59:ae:58:df:97:4a:da:15:69:48:8a:
f5:74:34:75:16:ba:4b:3d:dc:34:a7:e7:87:2d:52:a3:08:24:
b4:c4:44:69:39:ea:a7:30:b2:c6:52:fe:e7:e4:6a:ef:2b:cc:
5e:eb:e2:0e:7b:8c:28:9c:06:f4:12:e2:ee:ed:f8:c2:58:51:
09:58:38:8c:5b:fd:e6:19:fd:5c:07:76:cd:3b:d4:4a:69:f5:
a7:ea:f1:2c:ab:47:3a:4f:3a:0c:29:e6:e4:f9:87:fb:2e:21:
b0:6a:38:6f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9ZL9Dm18dNM6jDcF4mtUeMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA4MTcxMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWM4ODhjMzk1YjYwODU3Yzk5YjIwOThiZjg1ODhjZWZlMjM1MzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKHdPcntgOgXXqIdllieisvz67mO
79c5SaLRGVtuGCOsj6D2S6oPAW+OCg+mqyabUOqBsvZBBEjRTgUf+IvHPTq89UbD
mjX6DHLCPJB8gg6JjVJEFa+JEhCtkU1kh41LtFNrfuTqE6HFVofNL7li8kym7s6j
QyKaX4CMd9dzWUGqzPWGb6bDN5Y7Pyd9taDdSwVcouxmk3bsxepseQlyvnDl395q
FGHe+6FUhGLXWIdW42e1piMcMPm0weFHIsfIkjDVh9nXfz1myHqdwNtCSBpcb7tT
Bu1OYTBrJQmFEeNHzYrlYuoMYJFvMdZ0/c3PlrqsfUS0VhwncKDNrhZIDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDnIiMOVtghXyZsgmL+FiM7+I1MtMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvT2NpSXc1VzJDRmZKbXlDWXY0V0l6djRqVXkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGqTq7xTSE3XlkBRT72C
vujEKremKnljeKOXfmy6EuM0RTtGJCKAlPZoY+G5RmvZLSjtjcWg1EPtrsaBB8R7
cVrRmfRGl6VutCiz6KRcnbnFrTXIfQDNkV6J6ZobsYvOGictagewW2OhwNkTknQu
v5KPk2DDRvPry7elFLdVK7W/q8DFaAJyCYdrAmtmnR8ZyFVBQK25mYdZrljfl0ra
FWlIivV0NHUWuks93DSn54ctUqMIJLTERGk56qcwssZS/ufkau8rzF7r4g57jCic
BvQS4u7t+MJYUQlYOIxb/eYZ/VwHds071Epp9afq8SyrRzpPOgwp5uT5h/suIbBq
OG8=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:22:19 2025 by rpki-client