Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/oej_cdfZ-t5a-YchNO7MPklhMuM.roa
File: oej_cdfZ-t5a-YchNO7MPklhMuM.roa (raw, json)
Hash identifier: mHNSDUTuZ1++mEXywNyWC7Vh2+/H6tuQih0Ay0PECRQ=
Subject key identifier: A1:E8:FF:71:D7:D9:FA:DE:5A:F9:87:21:34:EE:CC:3E:49:61:32:E3
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C9586F231F1048B508FB4A8A4AAA6299C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/oej_cdfZ-t5a-YchNO7MPklhMuM.roa
Signing time: Sat 23 Dec 2023 07:14:58 +0000
ROA not before: Sat 23 Dec 2023 07:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:95:86:f2:31:f1:04:8b:50:8f:b4:a8:a4:aa:a6:29:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 23 07:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1e8ff71d7d9fade5af9872134eecc3e496132e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bd:a7:09:6b:72:ed:57:a4:80:62:d7:b1:e8:
98:e3:95:48:2e:ed:6a:4d:0c:1a:77:00:71:ad:1b:
24:ef:5d:50:d6:4d:4c:36:e4:4a:94:55:a6:8d:4f:
c9:79:fb:a6:e0:2f:d4:00:33:64:32:ee:e9:34:5d:
2e:6c:f6:ae:d0:a7:4d:c2:91:fb:49:5f:8f:89:70:
16:d1:1a:df:8f:09:3e:da:98:8e:43:af:a7:f1:19:
f9:b5:37:04:94:26:7b:61:3c:5c:8f:3f:6f:b3:bb:
3f:0f:53:b5:96:89:a6:61:43:96:cb:1f:1f:3c:18:
30:db:ff:cc:b5:7e:d0:35:0a:36:3f:8a:a3:fc:1b:
39:47:f1:0f:1a:d5:57:25:db:57:e6:b0:78:53:8b:
e9:43:3f:f7:18:cb:59:12:35:b6:9e:06:17:fd:5a:
c2:eb:6b:94:a1:a2:57:41:ad:63:6d:eb:91:40:dc:
02:61:cc:b4:c3:a5:ed:45:b3:97:f3:82:37:0f:62:
28:ca:8d:89:c4:45:47:0b:69:2a:c3:95:97:52:d7:
eb:5e:68:ef:8b:cb:d3:b9:14:5d:f0:c8:4d:bc:bf:
8c:c7:b2:71:3e:eb:58:2b:d8:3d:43:13:7a:1f:15:
88:93:92:96:7a:0d:e6:a6:ec:e6:16:51:e6:af:67:
d5:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:E8:FF:71:D7:D9:FA:DE:5A:F9:87:21:34:EE:CC:3E:49:61:32:E3
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/oej_cdfZ-t5a-YchNO7MPklhMuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a8:1e:a8:16:89:74:9c:d8:b3:1a:91:cb:73:44:78:74:98:51:
40:0b:89:aa:e2:95:59:12:98:cd:7c:21:3b:f3:f3:7c:1f:bc:
e1:9f:cd:26:9e:20:2b:03:4b:64:63:e2:45:6c:ac:a0:dd:aa:
e0:54:6e:56:03:eb:e5:d6:1a:ec:6d:07:19:aa:f0:75:60:96:
b4:5f:56:da:73:87:2b:8b:83:1c:38:cb:8a:92:b5:8f:1e:9d:
9a:6f:b8:47:de:ee:38:9f:d4:a9:04:11:da:a4:1d:64:60:f2:
dc:bc:d2:a7:0c:4f:c5:19:22:7c:7b:f9:9a:ba:33:47:03:9d:
ae:9f:60:c2:8b:18:f9:f4:56:73:82:88:e6:0c:1e:ac:39:34:
4e:52:ce:0d:a9:e5:e7:cf:fb:fc:77:6d:f4:b6:bc:95:df:ee:
ba:d5:a8:2c:8d:01:2c:b0:32:34:66:af:17:ef:5d:72:5f:f9:
7a:11:fa:a2:8d:db:52:b9:d0:32:4a:fc:32:b6:8e:e4:83:f7:
30:00:13:ad:ca:21:aa:6d:b2:28:98:74:cd:b4:7e:c5:84:1d:
18:19:d3:74:55:81:af:4c:80:54:e2:db:1f:2c:fd:db:8f:11:
0a:d9:15:78:a5:4f:3d:64:f5:1b:fe:bc:f0:a6:11:08:fa:06:
a3:6c:2f:3d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyVhvIx8QSLUI+0qKSqpimcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIzMDcxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWU4ZmY3MWQ3ZDlmYWRlNWFmOTg3MjEzNGVlY2MzZTQ5NjEzMmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp72nCWty7VekgGLXseiY45VILu1q
TQwadwBxrRsk711Q1k1MNuRKlFWmjU/Jefum4C/UADNkMu7pNF0ubPau0KdNwpH7
SV+PiXAW0Rrfjwk+2piOQ6+n8Rn5tTcElCZ7YTxcjz9vs7s/D1O1lommYUOWyx8f
PBgw2//MtX7QNQo2P4qj/Bs5R/EPGtVXJdtX5rB4U4vpQz/3GMtZEjW2ngYX/VrC
62uUoaJXQa1jbeuRQNwCYcy0w6XtRbOX84I3D2Ioyo2JxEVHC2kqw5WXUtfrXmjv
i8vTuRRd8MhNvL+Mx7JxPutYK9g9QxN6HxWIk5KWeg3mpuzmFlHmr2fVXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKHo/3HX2freWvmHITTuzD5JYTLjMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvb2VqX2NkZlotdDVhLVljaE5PN01Qa2xoTXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKgeqBaJdJzYsxqRy3NE
eHSYUUALiarilVkSmM18ITvz83wfvOGfzSaeICsDS2Rj4kVsrKDdquBUblYD6+XW
GuxtBxmq8HVglrRfVtpzhyuLgxw4y4qStY8enZpvuEfe7jif1KkEEdqkHWRg8ty8
0qcMT8UZInx7+Zq6M0cDna6fYMKLGPn0VnOCiOYMHqw5NE5Szg2p5efP+/x3bfS2
vJXf7rrVqCyNASywMjRmrxfvXXJf+XoR+qKN21K50DJK/DK2juSD9zAAE63KIapt
siiYdM20fsWEHRgZ03RVga9MgFTi2x8s/duPEQrZFXilTz1k9Rv+vPCmEQj6BqNs
Lz0=
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:17:24 2025 by rpki-client