Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OpxeBmNP-yIozg93vhTRIFszP3Y.roa
File: OpxeBmNP-yIozg93vhTRIFszP3Y.roa (raw, json)
Hash identifier: wj3tQRi73RAyDbZ2akw9aDYc3is+mTaShZArfw5iwUk=
Subject key identifier: 3A:9C:5E:06:63:4F:FB:22:28:CE:0F:77:BE:14:D1:20:5B:33:3F:76
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F265568FE4957918B358DEB6A6FBB7681
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OpxeBmNP-yIozg93vhTRIFszP3Y.roa
Signing time: Sun 28 Apr 2024 20:11:22 +0000
ROA not before: Sun 28 Apr 2024 20:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:26:55:68:fe:49:57:91:8b:35:8d:eb:6a:6f:bb:76:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 28 20:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a9c5e06634ffb2228ce0f77be14d1205b333f76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1e:20:96:76:85:f9:db:58:6a:16:8e:44:fd:
a4:7b:e8:13:c1:02:a1:16:09:cc:52:03:78:54:29:
43:77:8f:69:47:66:2f:a2:98:6e:3e:79:32:42:fa:
b0:e3:88:eb:f8:ca:ff:de:3c:20:84:2f:bd:39:15:
30:03:2d:8f:8a:00:e7:94:55:84:09:a4:d2:f9:11:
84:79:d8:f1:59:12:de:42:ae:e6:e5:f9:02:39:45:
9c:79:96:2e:52:e8:f9:30:9c:15:ee:c8:f2:2c:ac:
48:2c:85:e7:28:f9:41:c9:d9:06:01:43:73:fc:7f:
64:b1:5e:81:f1:85:76:36:b9:9b:5f:06:8f:61:69:
80:fc:c8:f2:c5:5b:8e:e1:58:3e:e0:9e:45:90:1e:
39:96:2a:59:4c:10:a7:52:48:05:35:aa:20:06:0a:
77:62:52:43:5c:41:95:3e:74:41:d9:d0:b1:c1:95:
aa:2d:2b:c7:ff:3e:f6:de:18:9f:f7:21:ea:66:b6:
30:75:0f:d1:04:86:97:f9:cf:55:95:f4:46:f5:ad:
b1:03:7a:65:c8:f1:5a:27:ce:a8:2a:ad:3b:30:6b:
17:32:63:14:9b:2a:4b:86:cd:09:9d:c6:bf:a6:3c:
99:bb:30:56:30:46:a8:30:58:45:70:f2:b6:d7:63:
77:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:9C:5E:06:63:4F:FB:22:28:CE:0F:77:BE:14:D1:20:5B:33:3F:76
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OpxeBmNP-yIozg93vhTRIFszP3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
Signature Algorithm: sha256WithRSAEncryption
ab:61:85:54:07:03:34:25:c9:92:f5:07:dc:88:23:53:e0:e6:
36:26:aa:6a:20:e1:6f:98:ed:b5:03:57:11:d8:a8:68:eb:57:
34:13:bc:de:b6:0d:db:54:f3:84:a8:72:a4:94:80:74:a2:23:
b9:86:ca:3a:97:69:36:e3:10:d6:b4:fd:46:10:e6:13:1f:c0:
20:13:ab:c6:48:3b:13:24:da:9b:23:da:10:bc:1b:7a:42:b3:
b6:b9:72:3b:ce:02:72:b5:bb:fa:c0:1c:3f:5b:fc:3d:72:af:
3a:fa:fe:89:1a:af:9c:b0:a2:55:56:ae:84:e7:7c:75:46:cc:
39:6f:5d:13:4c:8e:61:5a:e5:4a:72:7d:38:ec:38:ba:c8:98:
a5:e0:f2:9e:80:4c:07:88:e7:95:0f:89:36:8b:9a:03:71:26:
5d:1f:ad:72:db:14:70:5c:5a:79:98:93:71:2b:0d:db:42:2f:
0b:58:55:84:58:01:53:27:9f:cc:1b:ad:52:c9:fe:58:48:cb:
77:c0:d8:1d:97:00:51:bd:ab:b1:c9:1b:d5:8c:d8:3e:1c:09:
48:5d:3e:cc:b5:ff:b4:0d:6d:7b:6b:f4:5c:ae:c2:c9:d1:a0:
73:ea:72:c8:fe:ea:78:a1:54:6c:6a:01:84:77:f8:8b:18:7d:
86:ac:15:87
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8mVWj+SVeRizWN62pvu3aBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI4MjAxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTljNWUwNjYzNGZmYjIyMjhjZTBmNzdiZTE0ZDEyMDViMzMzZjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArB4glnaF+dtYahaORP2ke+gTwQKh
FgnMUgN4VClDd49pR2YvophuPnkyQvqw44jr+Mr/3jwghC+9ORUwAy2PigDnlFWE
CaTS+RGEedjxWRLeQq7m5fkCOUWceZYuUuj5MJwV7sjyLKxILIXnKPlBydkGAUNz
/H9ksV6B8YV2NrmbXwaPYWmA/MjyxVuO4Vg+4J5FkB45lipZTBCnUkgFNaogBgp3
YlJDXEGVPnRB2dCxwZWqLSvH/z723hif9yHqZrYwdQ/RBIaX+c9VlfRG9a2xA3pl
yPFaJ86oKq07MGsXMmMUmypLhs0Jnca/pjyZuzBWMEaoMFhFcPK212N3twIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDqcXgZjT/siKM4Pd74U0SBbMz92MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvT3B4ZUJtTlAteUlvemc5M3ZoVFJJRnN6UDNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQDwQAYMBkE
AgACMBMDEQAgAQZ8AGT//wAAAY8FQ55BMA0GCSqGSIb3DQEBCwUAA4IBAQCrYYVU
BwM0JcmS9QfciCNT4OY2JqpqIOFvmO21A1cR2Kho61c0E7zetg3bVPOEqHKklIB0
oiO5hso6l2k24xDWtP1GEOYTH8AgE6vGSDsTJNqbI9oQvBt6QrO2uXI7zgJytbv6
wBw/W/w9cq86+v6JGq+csKJVVq6E53x1Rsw5b10TTI5hWuVKcn047Di6yJil4PKe
gEwHiOeVD4k2i5oDcSZdH61y2xRwXFp5mJNxKw3bQi8LWFWEWAFTJ5/MG61Syf5Y
SMt3wNgdlwBRvauxyRvVjNg+HAlIXT7Mtf+0DW17a/RcrsLJ0aBz6nLI/up4oVRs
agGEd/iLGH2GrBWH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:44 2025 by rpki-client