Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/oYko2Z5-FhTQQt5rm9i2SPM0NgQ.roa
File: oYko2Z5-FhTQQt5rm9i2SPM0NgQ.roa (raw, json)
Hash identifier: hFldyOy21bhVTHyNQ39s1lXeHXNkKbQoYhEzYXUVW/c=
Subject key identifier: A1:89:28:D9:9E:7E:16:14:D0:42:DE:6B:9B:D8:B6:48:F3:34:36:04
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F9D2F43CC633A90892B0C1C9FA070D3FF
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/oYko2Z5-FhTQQt5rm9i2SPM0NgQ.roa
Signing time: Tue 21 May 2024 22:04:31 +0000
ROA not before: Tue 21 May 2024 22:04:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:9689:3f54/128 maxlen: 128
2001:67c:64:ffff:0:18f:9d2f:c83/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9d:2f:43:cc:63:3a:90:89:2b:0c:1c:9f:a0:70:d3:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 21 22:04:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a18928d99e7e1614d042de6b9bd8b648f3343604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f5:38:2e:bb:0e:4d:2e:e5:6f:53:dc:c0:08:
9b:cc:b7:6d:6f:cb:c0:c0:4e:7a:70:75:67:0b:36:
5e:f8:2d:65:24:86:86:e0:da:c1:58:dd:c3:d3:c9:
c5:37:29:de:80:84:b5:f4:3b:e0:30:62:66:3a:2c:
c8:0c:96:63:cc:a2:e5:0d:de:3b:cf:5f:dd:a5:31:
6e:00:01:52:d9:04:23:8f:b5:4a:52:4b:56:0b:08:
22:c6:7c:34:96:65:74:38:58:b2:03:0b:84:c8:58:
b6:bc:eb:fa:36:62:36:bc:e2:1b:83:13:31:63:20:
77:54:1b:3b:04:a8:5d:9f:41:f5:59:9d:e2:8e:99:
b3:90:18:28:67:41:83:f0:40:12:6d:d4:44:de:9e:
4a:68:87:86:39:21:b9:a8:98:ae:30:4b:32:1a:01:
3c:42:19:06:1a:63:75:5a:b2:1a:39:2b:5a:c3:1f:
33:bd:30:fa:04:dc:4a:c3:fd:e4:4d:8b:eb:95:9a:
aa:53:e6:19:58:9f:67:b1:ef:35:83:59:20:56:41:
02:6b:3a:1a:68:de:ad:b8:b7:62:a3:f0:7c:37:eb:
63:b1:65:b0:43:5a:f2:9e:bf:1c:15:b5:e2:32:0b:
17:56:91:73:06:6a:80:5f:21:62:29:24:f7:88:96:
98:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:89:28:D9:9E:7E:16:14:D0:42:DE:6B:9B:D8:B6:48:F3:34:36:04
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/oYko2Z5-FhTQQt5rm9i2SPM0NgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4f:e8:a0:1e:1c:38:59:93:ba:4b:c1:36:78:1c:33:d0:eb:a5:
96:10:4b:97:d5:c6:2c:c2:ca:5c:e8:73:13:0b:b7:57:2a:f7:
27:08:4f:7f:ae:64:18:ad:6b:5f:18:a0:d4:ee:fb:cc:58:9b:
23:a3:c4:6c:d9:f6:13:fa:29:98:dd:05:f3:84:a5:55:f9:dd:
ed:bc:6b:56:2c:c5:e0:ed:22:27:36:42:c7:22:14:6f:1b:f2:
f2:69:d4:2b:46:bd:f6:bc:af:f7:f2:c2:c2:d8:e8:bd:8b:73:
bb:cf:11:15:1f:ff:1d:6d:98:1b:1d:51:fb:3f:7a:5e:ce:88:
65:b7:32:e0:45:7d:cf:53:d4:3a:87:8c:39:9d:b1:9d:e4:dc:
05:e4:d5:de:7f:05:c1:74:95:a0:21:c3:f1:e2:bd:37:5c:59:
93:1f:e9:d7:4c:6b:c0:75:cc:1b:1b:dd:3d:7b:ab:1a:2b:65:
1f:25:b9:3e:02:76:bc:f8:6d:e8:18:df:e5:36:1a:ba:91:ca:
17:50:e0:80:43:ce:3c:bb:0a:eb:27:40:70:40:03:b9:d9:cc:
a5:b5:3e:1c:85:09:7f:6b:9f:41:89:b3:71:20:78:25:b5:23:
e6:53:8c:d1:3b:7f:1e:16:3b:06:cf:60:ec:07:ad:94:e5:fd:
26:85:26:26
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+dL0PMYzqQiSsMHJ+gcNP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTIxMjIwNDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTg5MjhkOTllN2UxNjE0ZDA0MmRlNmI5YmQ4YjY0OGYzMzQzNjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvU4LrsOTS7lb1PcwAibzLdtb8vA
wE56cHVnCzZe+C1lJIaG4NrBWN3D08nFNynegIS19DvgMGJmOizIDJZjzKLlDd47
z1/dpTFuAAFS2QQjj7VKUktWCwgixnw0lmV0OFiyAwuEyFi2vOv6NmI2vOIbgxMx
YyB3VBs7BKhdn0H1WZ3ijpmzkBgoZ0GD8EASbdRE3p5KaIeGOSG5qJiuMEsyGgE8
QhkGGmN1WrIaOStawx8zvTD6BNxKw/3kTYvrlZqqU+YZWJ9nse81g1kgVkECazoa
aN6tuLdio/B8N+tjsWWwQ1rynr8cFbXiMgsXVpFzBmqAXyFiKST3iJaYxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKGJKNmefhYU0ELea5vYtkjzNDYEMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvb1lrbzJaNS1GaFRRUXQ1cm05aTJTUE0wTmdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE/ooB4cOFmTukvBNngc
M9DrpZYQS5fVxizCylzocxMLt1cq9ycIT3+uZBita18YoNTu+8xYmyOjxGzZ9hP6
KZjdBfOEpVX53e28a1YsxeDtIic2QsciFG8b8vJp1CtGvfa8r/fywsLY6L2Lc7vP
ERUf/x1tmBsdUfs/el7OiGW3MuBFfc9T1DqHjDmdsZ3k3AXk1d5/BcF0laAhw/Hi
vTdcWZMf6ddMa8B1zBsb3T17qxorZR8luT4Cdrz4begY3+U2GrqRyhdQ4IBDzjy7
CusnQHBAA7nZzKW1PhyFCX9rn0GJs3EgeCW1I+ZTjNE7fx4WOwbPYOwHrZTl/SaF
JiY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:28 2025 by rpki-client