Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OmHaMCgn5dzjh6cdn_45DQfulk4.roa
File: OmHaMCgn5dzjh6cdn_45DQfulk4.roa (raw, json)
Hash identifier: 3zsPjb1uxvndch6dd3bcRumbQW9FvbXXfvf+BLeW7Y0=
Subject key identifier: 3A:61:DA:30:28:27:E5:DC:E3:87:A7:1D:9F:FE:39:0D:07:EE:96:4E
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F44965FA66A62401B5BBE019DD75AAF54
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OmHaMCgn5dzjh6cdn_45DQfulk4.roa
Signing time: Sat 04 May 2024 17:10:56 +0000
ROA not before: Sat 04 May 2024 17:10:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:44:96:5f:a6:6a:62:40:1b:5b:be:01:9d:d7:5a:af:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 4 17:10:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a61da302827e5dce387a71d9ffe390d07ee964e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:da:44:cf:2e:c9:3c:e1:28:4e:73:17:52:5b:
9e:1f:3d:81:9e:cb:dd:11:67:00:9f:d6:cd:c9:84:
7d:1d:e4:93:e8:3d:c3:15:61:e0:26:f0:6c:ba:77:
33:b0:33:db:ac:87:cd:28:12:fe:23:7d:6c:6e:03:
d6:0f:25:6c:78:05:85:89:83:fc:de:6b:45:26:8a:
b7:8a:19:3d:cc:0f:17:0a:38:5f:5e:7c:2d:05:b6:
11:5d:90:7b:fa:cd:60:78:70:8b:a2:4f:47:de:4f:
bf:63:56:7b:00:9e:64:f7:89:c4:c5:92:4b:54:ae:
ee:6d:82:d3:1f:85:8b:12:25:b5:d9:1b:96:c3:6b:
b5:8d:ec:71:11:1a:4b:7b:e3:ff:c0:a8:90:67:e9:
45:1e:11:e3:9f:ba:b6:5d:7e:65:af:0a:70:ba:71:
1c:be:bc:d2:a1:bf:55:83:33:7c:8c:3c:80:80:6e:
ac:9c:4f:35:47:ec:a8:2d:c3:ed:8f:d0:a5:a6:f1:
73:a6:d0:42:ac:ad:69:c8:f2:db:d9:cf:16:78:4b:
84:44:18:1a:9f:f6:fc:25:f9:91:01:2c:35:d9:15:
f8:5e:09:63:cb:b5:2e:b8:ef:0a:1b:3c:9d:f1:ed:
3d:e7:1b:ed:5e:ef:47:2f:f1:00:24:a8:5f:2d:45:
27:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:61:DA:30:28:27:E5:DC:E3:87:A7:1D:9F:FE:39:0D:07:EE:96:4E
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OmHaMCgn5dzjh6cdn_45DQfulk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3e:90:6f:ae:f9:2b:93:a9:f0:75:b7:5a:86:c4:4a:98:99:1b:
b8:d4:4b:46:9c:d6:a6:c7:09:d8:84:ba:19:01:01:d9:51:22:
4e:02:83:99:8c:ea:ea:f3:f8:f4:6d:a9:3e:0b:65:a9:89:fc:
0c:a4:df:ef:78:f4:89:95:80:ad:99:fe:6c:be:44:01:46:bb:
a9:a6:79:d3:e0:0d:1e:b5:0b:da:24:83:73:73:e8:f2:1c:2a:
27:66:c6:98:4c:28:82:e3:2d:c7:1a:28:f6:41:ba:f1:1a:cf:
db:1c:1e:8e:ce:e9:e5:a0:44:22:20:40:8b:5b:92:39:5b:cc:
8e:1b:4f:73:27:29:71:58:3e:61:43:c4:c8:6a:c7:d6:57:76:
d2:65:5b:8b:d6:14:b8:0c:e9:e1:70:c4:35:9a:09:7f:4c:2a:
e2:dd:f6:f0:d5:f0:b1:50:cb:27:e6:a2:6b:be:5c:f7:40:da:
a7:29:49:03:36:75:45:da:95:53:25:dc:40:e1:b0:b8:52:dc:
33:7a:4d:fa:bc:70:57:41:c1:16:79:1b:76:d1:9b:ac:de:62:
79:fd:25:e5:e0:88:6c:b6:66:82:ac:8a:c6:be:7f:5f:0a:2d:
f6:e8:22:69:8e:05:43:d6:92:c0:23:6e:d0:19:2e:2b:b5:db:
f7:47:5c:67
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9Ell+mamJAG1u+AZ3XWq9UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA0MTcxMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTYxZGEzMDI4MjdlNWRjZTM4N2E3MWQ5ZmZlMzkwZDA3ZWU5NjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytpEzy7JPOEoTnMXUlueHz2Bnsvd
EWcAn9bNyYR9HeST6D3DFWHgJvBsunczsDPbrIfNKBL+I31sbgPWDyVseAWFiYP8
3mtFJoq3ihk9zA8XCjhfXnwtBbYRXZB7+s1geHCLok9H3k+/Y1Z7AJ5k94nExZJL
VK7ubYLTH4WLEiW12RuWw2u1jexxERpLe+P/wKiQZ+lFHhHjn7q2XX5lrwpwunEc
vrzSob9VgzN8jDyAgG6snE81R+yoLcPtj9ClpvFzptBCrK1pyPLb2c8WeEuERBga
n/b8JfmRASw12RX4Xgljy7UuuO8KGzyd8e095xvtXu9HL/EAJKhfLUUn+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDph2jAoJ+Xc44enHZ/+OQ0H7pZOMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvT21IYU1DZ241ZHpqaDZjZG5fNDVEUWZ1bGs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD6Qb675K5Op8HW3WobE
SpiZG7jUS0ac1qbHCdiEuhkBAdlRIk4Cg5mM6urz+PRtqT4LZamJ/Ayk3+949ImV
gK2Z/my+RAFGu6mmedPgDR61C9okg3Nz6PIcKidmxphMKILjLccaKPZBuvEaz9sc
Ho7O6eWgRCIgQItbkjlbzI4bT3MnKXFYPmFDxMhqx9ZXdtJlW4vWFLgM6eFwxDWa
CX9MKuLd9vDV8LFQyyfmomu+XPdA2qcpSQM2dUXalVMl3EDhsLhS3DN6Tfq8cFdB
wRZ5G3bRm6zeYnn9JeXgiGy2ZoKsisa+f18KLfboImmOBUPWksAjbtAZLiu12/dH
XGc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:08 2025 by rpki-client