Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OQL53C7Altw8ZLR3m0l6Cocgx7I.roa
File: OQL53C7Altw8ZLR3m0l6Cocgx7I.roa (raw, json)
Hash identifier: vy2Nz1b1hBqtK8F2pSXFXkqsGd1gIgVM6xGzWlSWEDg=
Subject key identifier: 39:02:F9:DC:2E:C0:96:DC:3C:64:B4:77:9B:49:7A:0A:87:20:C7:B2
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D2A3BB1FE34EE71FEEA10E777D4AB40BE
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OQL53C7Altw8ZLR3m0l6Cocgx7I.roa
Signing time: Sun 21 Jan 2024 04:16:11 +0000
ROA not before: Sun 21 Jan 2024 04:16:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2a:3b:b1:fe:34:ee:71:fe:ea:10:e7:77:d4:ab:40:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 21 04:16:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3902f9dc2ec096dc3c64b4779b497a0a8720c7b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d4:ff:7a:c9:ce:d3:f9:1e:92:2a:fd:e3:81:
c8:0e:de:2d:cb:cf:62:ba:3d:60:24:11:07:8f:a1:
cb:a0:d8:ff:61:73:8a:4b:e3:3a:66:1d:67:c3:6f:
38:01:35:57:af:03:36:15:ff:4a:41:ce:4a:59:80:
70:8e:93:2e:5d:1b:65:4b:a2:18:d8:fd:bb:dc:ac:
1d:ae:98:f7:06:33:a4:61:65:c1:66:03:d1:68:7c:
5a:09:f8:36:c5:b8:07:2c:ee:65:16:9e:42:07:23:
49:58:d3:f4:a0:f7:24:1e:71:f6:32:5e:48:04:73:
73:8b:55:45:39:c9:f0:df:b0:17:ad:b2:b2:77:f1:
a7:3b:9f:d3:13:6b:63:e3:45:b9:7a:36:1a:d1:3a:
38:b3:ed:71:08:a3:4c:59:95:e7:20:b7:52:65:b0:
52:27:0b:89:0a:23:41:30:5b:d4:d1:07:33:b2:e2:
6f:0e:ff:79:9e:00:ac:11:08:ef:a0:c5:c5:84:b5:
bd:80:62:4d:3a:ca:81:96:34:21:7a:67:1e:e9:ca:
e0:58:31:fe:45:9b:f0:3d:21:0b:ef:24:c8:90:de:
71:75:d2:1e:07:ac:e6:af:20:21:ad:98:33:bc:e7:
f5:ef:0a:af:58:d1:65:b7:ab:93:58:a0:19:b5:19:
c0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:02:F9:DC:2E:C0:96:DC:3C:64:B4:77:9B:49:7A:0A:87:20:C7:B2
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OQL53C7Altw8ZLR3m0l6Cocgx7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7b:57:16:2e:17:12:56:7b:17:80:94:e2:7d:94:ef:1e:f7:c9:
83:fc:24:df:73:79:12:1d:04:9a:28:af:25:9b:e2:3d:98:5d:
88:15:75:a4:36:41:c7:4c:c2:db:ec:d3:59:fa:1f:eb:e3:c6:
25:0d:be:a5:e6:a5:11:e2:0d:34:3a:cc:7e:8a:ad:e9:75:16:
5b:97:78:81:db:a0:dd:8b:d8:fb:47:69:66:b6:f3:2c:c1:87:
eb:83:2e:41:91:08:d6:a3:d2:90:bc:08:c4:92:34:c2:b9:11:
8c:ea:45:12:02:7c:71:a5:d2:bc:f4:d8:51:c0:a1:13:cd:4d:
5f:e3:9b:0d:93:39:34:ce:52:a1:a7:f3:5f:b0:6e:69:16:bd:
f9:f7:23:15:b5:f0:f6:d1:25:b8:7e:14:2f:5d:aa:db:51:29:
f2:40:07:fc:04:f9:44:f0:8a:1f:62:1c:03:81:dc:13:7c:63:
a2:a8:0e:34:96:4d:46:66:72:b1:75:55:7a:99:71:50:f7:05:
56:bd:08:9e:03:69:8f:ef:59:ef:db:13:1d:83:72:6a:55:e2:
47:d9:02:9d:0d:e8:fb:1b:3b:eb:ea:8d:96:92:f1:ef:69:2c:
4c:79:5f:12:99:32:a6:3a:b1:c9:0a:3a:a0:2e:d3:19:f2:7e:
ec:a0:cb:e0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0qO7H+NO5x/uoQ53fUq0C+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIxMDQxNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTAyZjlkYzJlYzA5NmRjM2M2NGI0Nzc5YjQ5N2EwYTg3MjBjN2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotT/esnO0/kekir944HIDt4ty89i
uj1gJBEHj6HLoNj/YXOKS+M6Zh1nw284ATVXrwM2Ff9KQc5KWYBwjpMuXRtlS6IY
2P273Kwdrpj3BjOkYWXBZgPRaHxaCfg2xbgHLO5lFp5CByNJWNP0oPckHnH2Ml5I
BHNzi1VFOcnw37AXrbKyd/GnO5/TE2tj40W5ejYa0To4s+1xCKNMWZXnILdSZbBS
JwuJCiNBMFvU0QczsuJvDv95ngCsEQjvoMXFhLW9gGJNOsqBljQhemce6crgWDH+
RZvwPSEL7yTIkN5xddIeB6zmryAhrZgzvOf17wqvWNFlt6uTWKAZtRnA+wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDkC+dwuwJbcPGS0d5tJegqHIMeyMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvT1FMNTNDN0FsdHc4WkxSM20wbDZDb2NneDdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHtXFi4XElZ7F4CU4n2U
7x73yYP8JN9zeRIdBJooryWb4j2YXYgVdaQ2QcdMwtvs01n6H+vjxiUNvqXmpRHi
DTQ6zH6Krel1FluXeIHboN2L2PtHaWa28yzBh+uDLkGRCNaj0pC8CMSSNMK5EYzq
RRICfHGl0rz02FHAoRPNTV/jmw2TOTTOUqGn81+wbmkWvfn3IxW18PbRJbh+FC9d
qttRKfJAB/wE+UTwih9iHAOB3BN8Y6KoDjSWTUZmcrF1VXqZcVD3BVa9CJ4DaY/v
We/bEx2DcmpV4kfZAp0N6PsbO+vqjZaS8e9pLEx5XxKZMqY6sckKOqAu0xnyfuyg
y+A=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:09:00 2025 by rpki-client