Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OMUYGcwkmq39CgPYkmYtnbVtmKs.roa
File: OMUYGcwkmq39CgPYkmYtnbVtmKs.roa (raw, json)
Hash identifier: NynFBpHenmh00WYyiw4VojBh0cbMx//iRjBAFyTyubo=
Subject key identifier: 38:C5:18:19:CC:24:9A:AD:FD:0A:03:D8:92:66:2D:9D:B5:6D:98:AB
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EB16425C1DCDB1C0CF95003D39CE44907
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OMUYGcwkmq39CgPYkmYtnbVtmKs.roa
Signing time: Sat 06 Apr 2024 03:11:54 +0000
ROA not before: Sat 06 Apr 2024 03:11:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b1:64:25:c1:dc:db:1c:0c:f9:50:03:d3:9c:e4:49:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 6 03:11:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38c51819cc249aadfd0a03d892662d9db56d98ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:92:18:4d:bf:af:8a:6b:ab:54:9b:9a:0a:b3:
79:d7:d5:2e:e5:e1:ce:36:d6:82:62:6a:e9:6c:79:
06:99:6d:2c:7f:3c:8e:f2:93:65:2a:c8:09:af:e7:
9f:3d:d5:e3:13:c5:92:86:88:8c:44:14:1b:a2:ad:
58:c2:67:05:30:dc:1b:67:53:08:48:49:d1:2f:7d:
0a:6c:e2:fa:d3:3b:b3:2e:68:f0:16:f0:d6:4d:1a:
53:48:8d:31:7b:93:5c:81:4b:51:37:79:9a:ab:0c:
9d:4d:39:6c:ad:9d:a5:ce:ef:04:7b:96:29:e2:60:
3b:95:f5:f3:9e:eb:ac:b0:ac:2e:a4:0c:b4:54:9e:
e9:8a:ec:09:ad:4b:8f:20:ed:71:4b:d1:60:70:81:
81:7a:b5:8c:69:ca:dd:1e:6e:93:8d:de:7d:b8:ce:
22:0d:8a:c2:9c:ca:9c:77:a7:f2:31:a6:11:9f:5b:
69:c1:98:54:63:d1:eb:bc:c0:26:bb:e4:37:35:23:
2f:2a:06:0f:dc:98:d6:b0:d9:69:e2:73:b9:dc:3b:
0c:47:34:fd:41:15:dd:93:d0:8f:83:49:29:8a:26:
49:2e:b5:8c:7d:6f:46:2d:97:94:91:33:55:f3:ce:
21:e0:e1:9a:4d:84:95:84:33:f4:26:22:f0:da:bf:
23:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:C5:18:19:CC:24:9A:AD:FD:0A:03:D8:92:66:2D:9D:B5:6D:98:AB
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OMUYGcwkmq39CgPYkmYtnbVtmKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6f:99:84:5d:ff:f7:35:71:80:70:76:7d:8b:17:a5:50:d2:f9:
bf:0e:8b:98:ad:9c:fa:7c:e8:cf:db:15:1f:ed:98:d0:46:1e:
02:e8:61:c1:b0:b3:28:fc:2e:4c:8b:86:07:51:89:40:af:fb:
40:fa:59:b8:e7:5a:68:c9:8b:38:1c:78:6f:e9:b4:28:c9:dc:
1c:cc:bd:ee:93:d3:5b:b8:f4:ce:23:5d:9f:5f:4e:27:78:79:
4b:1e:4f:4a:a3:05:00:ed:9e:c5:41:b0:b8:19:a9:fc:44:13:
09:37:a1:12:fb:f6:dc:74:b7:49:0d:50:e7:d2:35:b6:5f:c4:
80:6c:b9:f8:6b:6f:4c:9f:84:b6:18:d8:e9:95:57:1f:11:83:
51:bb:b2:79:4c:f3:81:42:ee:3b:10:cc:97:29:d2:53:93:ac:
0d:96:64:37:2e:37:2c:c5:63:18:d8:83:a7:20:9b:e8:6b:a4:
07:62:72:61:b6:91:3b:df:bb:58:af:c4:77:bf:b0:08:77:87:
47:8a:f5:61:82:66:a0:8b:ac:a3:2a:6a:23:a2:bb:cf:d6:2e:
d2:0d:2d:1e:8a:32:e0:0a:b0:2a:ea:90:cf:df:64:4b:0e:ce:
85:20:6e:5e:ce:7e:1f:07:e3:2a:34:b2:84:30:3d:2c:2d:d1:
9b:e1:35:33
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6xZCXB3NscDPlQA9Oc5EkHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA2MDMxMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGM1MTgxOWNjMjQ5YWFkZmQwYTAzZDg5MjY2MmQ5ZGI1NmQ5OGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJIYTb+vimurVJuaCrN519Uu5eHO
NtaCYmrpbHkGmW0sfzyO8pNlKsgJr+efPdXjE8WShoiMRBQboq1YwmcFMNwbZ1MI
SEnRL30KbOL60zuzLmjwFvDWTRpTSI0xe5NcgUtRN3maqwydTTlsrZ2lzu8Ee5Yp
4mA7lfXznuussKwupAy0VJ7piuwJrUuPIO1xS9FgcIGBerWMacrdHm6Tjd59uM4i
DYrCnMqcd6fyMaYRn1tpwZhUY9HrvMAmu+Q3NSMvKgYP3JjWsNlp4nO53DsMRzT9
QRXdk9CPg0kpiiZJLrWMfW9GLZeUkTNV884h4OGaTYSVhDP0JiLw2r8j9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDjFGBnMJJqt/QoD2JJmLZ21bZirMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvT01VWUdjd2ttcTM5Q2dQWWttWXRuYlZ0bUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG+ZhF3/9zVxgHB2fYsX
pVDS+b8Oi5itnPp86M/bFR/tmNBGHgLoYcGwsyj8LkyLhgdRiUCv+0D6WbjnWmjJ
izgceG/ptCjJ3BzMve6T01u49M4jXZ9fTid4eUseT0qjBQDtnsVBsLgZqfxEEwk3
oRL79tx0t0kNUOfSNbZfxIBsufhrb0yfhLYY2OmVVx8Rg1G7snlM84FC7jsQzJcp
0lOTrA2WZDcuNyzFYxjYg6cgm+hrpAdicmG2kTvfu1ivxHe/sAh3h0eK9WGCZqCL
rKMqaiOiu8/WLtINLR6KMuAKsCrqkM/fZEsOzoUgbl7Ofh8H4yo0soQwPSwt0Zvh
NTM=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:08:38 2025 by rpki-client