Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/oP88-OLV2IVYsBJpGDehsDmNcTs.roa
File: oP88-OLV2IVYsBJpGDehsDmNcTs.roa (raw, json)
Hash identifier: 0I2K/jL5rgY7vdbUZJYcB0erYXHkNo+yT1B6ICeLoEg=
Subject key identifier: A0:FF:3C:F8:E2:D5:D8:85:58:B0:12:69:18:37:A1:B0:39:8D:71:3B
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F6A9146204E84C6D9C13AEB1AF289E5BE
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/oP88-OLV2IVYsBJpGDehsDmNcTs.roa
Signing time: Sun 12 May 2024 02:10:56 +0000
ROA not before: Sun 12 May 2024 02:10:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:6a:91:46:20:4e:84:c6:d9:c1:3a:eb:1a:f2:89:e5:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 12 02:10:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0ff3cf8e2d5d88558b012691837a1b0398d713b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ae:55:f8:43:93:7a:3d:70:c6:90:7d:b7:82:
58:13:65:a6:7e:b9:d1:a4:d7:d7:8f:f1:26:7b:a3:
e8:32:00:fd:91:20:79:50:dd:45:24:1c:ed:6c:79:
b3:21:c7:3f:80:fe:9c:76:da:a1:02:2e:94:33:7e:
28:cf:4e:cf:76:e0:a6:5f:a4:43:db:5c:c0:39:af:
9f:60:a9:89:5a:38:75:95:d8:97:c8:c7:b3:fc:1b:
51:8f:34:aa:5b:97:56:fd:85:d7:2f:d7:75:24:6e:
ca:3f:d5:84:1c:d7:17:81:0b:a5:22:01:cd:11:81:
dc:bd:86:e7:39:5e:2f:27:5c:0e:41:3a:90:e3:a6:
8c:c9:ca:7c:24:20:36:6b:ca:03:ae:98:df:59:88:
9a:ba:90:9a:a6:5c:26:b1:d1:d8:f8:7e:67:15:c3:
b5:d8:c8:00:f3:27:a3:8c:6d:2e:9f:05:42:a4:73:
a0:22:06:b4:3c:b1:0d:df:34:66:c8:f2:98:c1:f5:
d1:64:ec:f3:43:28:28:46:95:f0:29:1e:4a:ae:bb:
8d:cd:ec:f4:96:bd:9e:4f:ff:28:e2:f1:3f:96:18:
a8:e6:cf:fb:c2:73:e6:ac:75:bf:d2:e1:3b:38:b5:
29:d4:f8:68:8d:ed:6c:29:6e:2e:b9:4f:fc:4e:87:
44:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:FF:3C:F8:E2:D5:D8:85:58:B0:12:69:18:37:A1:B0:39:8D:71:3B
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/oP88-OLV2IVYsBJpGDehsDmNcTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
45:a4:d2:ad:d8:ad:29:60:b0:30:66:7f:7c:9e:a6:9d:6a:13:
f2:e5:94:c1:a6:b0:e7:bd:36:8c:3b:79:8e:83:eb:3d:de:73:
16:8a:f9:d2:5d:ba:50:3e:87:bb:eb:e5:b5:d6:c9:05:10:e6:
77:8a:d6:af:22:1d:ed:d4:2e:ad:2f:60:e5:15:dc:42:97:0a:
a3:d4:0e:bc:f8:c6:b2:32:62:86:8c:f5:f7:7e:ba:09:8b:61:
60:08:ba:c8:7c:94:2c:9e:41:12:16:e3:31:71:6d:ff:f9:1d:
00:71:39:40:a6:57:3b:c0:b2:8b:2d:73:07:1a:c2:82:9e:9e:
b0:e7:86:7f:b7:e5:2d:e8:f8:d5:33:c1:19:4f:c8:c0:60:28:
33:b1:41:ac:74:d9:1b:37:7c:2a:c4:cf:1e:bf:fd:7b:9c:35:
5c:3b:c6:f8:e1:b9:46:06:72:1f:06:13:58:cf:00:1a:80:b0:
14:83:84:27:c4:78:c3:fc:df:72:e2:28:b6:c3:48:3e:f4:95:
69:70:e6:6c:e2:c3:ab:a5:5a:eb:5b:f9:90:09:0a:71:32:ec:
69:c7:66:27:d2:92:b2:f0:eb:42:52:7d:5a:1f:7e:e1:e4:6e:
e4:5c:c7:21:f3:7a:ec:a4:f6:87:57:fd:6d:c2:f4:4b:74:ef:
a4:e3:ad:bd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9qkUYgToTG2cE66xryieW+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTEyMDIxMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGZmM2NmOGUyZDVkODg1NThiMDEyNjkxODM3YTFiMDM5OGQ3MTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta5V+EOTej1wxpB9t4JYE2WmfrnR
pNfXj/Eme6PoMgD9kSB5UN1FJBztbHmzIcc/gP6cdtqhAi6UM34oz07PduCmX6RD
21zAOa+fYKmJWjh1ldiXyMez/BtRjzSqW5dW/YXXL9d1JG7KP9WEHNcXgQulIgHN
EYHcvYbnOV4vJ1wOQTqQ46aMycp8JCA2a8oDrpjfWYiaupCaplwmsdHY+H5nFcO1
2MgA8yejjG0unwVCpHOgIga0PLEN3zRmyPKYwfXRZOzzQygoRpXwKR5KrruNzez0
lr2eT/8o4vE/lhio5s/7wnPmrHW/0uE7OLUp1Phoje1sKW4uuU/8TodErQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKD/PPji1diFWLASaRg3obA5jXE7MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvb1A4OC1PTFYySVZZc0JKcEdEZWhzRG1OY1RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEWk0q3YrSlgsDBmf3ye
pp1qE/LllMGmsOe9Now7eY6D6z3ecxaK+dJdulA+h7vr5bXWyQUQ5neK1q8iHe3U
Lq0vYOUV3EKXCqPUDrz4xrIyYoaM9fd+ugmLYWAIush8lCyeQRIW4zFxbf/5HQBx
OUCmVzvAsostcwcawoKenrDnhn+35S3o+NUzwRlPyMBgKDOxQax02Rs3fCrEzx6/
/XucNVw7xvjhuUYGch8GE1jPABqAsBSDhCfEeMP833LiKLbDSD70lWlw5mziw6ul
Wutb+ZAJCnEy7GnHZifSkrLw60JSfVoffuHkbuRcxyHzeuyk9odX/W3C9Et076Tj
rb0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:26 2025 by rpki-client