Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/OddrOx13vvsP-MjoaXq-KCb41KY.roa
File: OddrOx13vvsP-MjoaXq-KCb41KY.roa (raw, json)
Hash identifier: R25B52CMcN908C4dY8rH+I6MUmXTuXkRZaDIC8wOLsY=
Subject key identifier: 39:D7:6B:3B:1D:77:BE:FB:0F:F8:C8:E8:69:7A:BE:28:26:F8:D4:A6
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EF3AB2F848F2DD982212346272F2FF6C9
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/OddrOx13vvsP-MjoaXq-KCb41KY.roa
Signing time: Fri 19 Apr 2024 00:04:25 +0000
ROA not before: Fri 19 Apr 2024 00:04:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:f1f3:8b1f/128 maxlen: 128
2001:67c:64:ffff:0:18e:f3ab:f7e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f3:ab:2f:84:8f:2d:d9:82:21:23:46:27:2f:2f:f6:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 19 00:04:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39d76b3b1d77befb0ff8c8e8697abe2826f8d4a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:9a:e3:e5:1f:28:c0:c5:14:04:64:db:18:e1:
1a:3b:9f:be:65:88:ef:a4:09:da:13:2c:87:6a:19:
2d:1e:6e:92:f6:f9:51:a4:c1:c5:85:06:dd:a0:0d:
a3:74:d9:3f:f5:d2:8c:10:f6:19:b3:b0:cd:3d:e7:
8b:7b:3c:9a:18:ea:75:3d:e5:fb:1f:1e:a4:93:b7:
05:cd:07:87:01:34:ad:9a:5a:eb:ab:15:9c:17:5a:
a0:97:70:62:33:8d:77:5e:5a:83:31:2f:1f:e1:7c:
68:18:e7:63:ae:f3:28:bb:88:e1:5d:43:30:25:e8:
d8:83:e6:52:c4:5e:3c:2d:85:a5:23:e5:c5:79:d9:
f6:cd:4c:6c:7a:58:d9:24:a1:c4:6e:0f:41:16:a9:
06:d8:4b:d5:c1:07:7f:60:f0:9b:b3:45:a0:34:c2:
6a:cc:27:53:25:ce:8b:6f:16:f6:e8:31:08:e9:bf:
b7:0e:69:f6:46:7a:43:8b:70:71:3c:0b:a1:40:d5:
09:f5:44:0a:65:1f:1d:5c:50:d2:ca:74:4f:b1:3f:
1c:00:03:e3:e3:5d:db:59:e8:50:f8:3f:21:a3:74:
79:96:61:8d:46:4b:b8:e2:e5:4e:2f:fc:30:5a:0f:
45:6e:d0:69:39:c6:0f:9a:45:44:7c:ff:28:ff:9a:
fa:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:D7:6B:3B:1D:77:BE:FB:0F:F8:C8:E8:69:7A:BE:28:26:F8:D4:A6
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/OddrOx13vvsP-MjoaXq-KCb41KY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:1f:d4:8f:0f:28:42:cf:51:54:95:14:20:f7:a6:11:6f:30:
88:bf:32:44:5f:bc:6e:6d:e8:7d:03:a5:0f:99:43:b2:64:41:
af:60:0a:50:46:16:b6:8c:34:b8:6e:3e:d6:9e:23:5b:df:cd:
e5:a3:f6:b5:b6:59:33:be:4d:df:80:d8:f3:98:8c:c7:11:f3:
41:21:e6:d9:8c:20:52:9f:1c:43:3e:d5:5b:80:12:bd:0b:66:
11:77:32:44:cc:ea:2a:85:e2:89:ac:d2:c7:5c:9f:02:08:4a:
e9:29:2a:df:bc:f9:21:fe:79:25:32:e8:45:65:f1:7e:b6:ad:
fe:2a:cc:0e:b2:a4:03:7a:ac:19:d9:f0:8a:9d:0f:f5:b7:d4:
5f:23:03:7c:e6:5a:c8:c5:23:3e:eb:96:e9:48:27:99:bb:19:
e3:39:02:44:b1:8c:9d:93:72:ce:d1:1f:ad:f8:45:7a:8e:5e:
d7:77:82:e6:5c:17:6a:20:26:d3:01:0c:86:06:87:8a:0b:2c:
79:78:45:cd:34:7d:c2:31:eb:ec:52:46:c3:eb:a5:24:82:b1:
e1:90:62:72:39:77:29:14:63:56:50:ba:b5:83:78:96:1d:18:
fc:6c:9b:96:d2:d5:b2:db:b8:dc:73:d5:26:1a:d1:1c:59:c9:
d7:f7:f1:0c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7zqy+Ejy3ZgiEjRicvL/bJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE5MDAwNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWQ3NmIzYjFkNzdiZWZiMGZmOGM4ZTg2OTdhYmUyODI2ZjhkNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJrj5R8owMUUBGTbGOEaO5++ZYjv
pAnaEyyHahktHm6S9vlRpMHFhQbdoA2jdNk/9dKMEPYZs7DNPeeLezyaGOp1PeX7
Hx6kk7cFzQeHATStmlrrqxWcF1qgl3BiM413XlqDMS8f4XxoGOdjrvMou4jhXUMw
JejYg+ZSxF48LYWlI+XFedn2zUxseljZJKHEbg9BFqkG2EvVwQd/YPCbs0WgNMJq
zCdTJc6Lbxb26DEI6b+3Dmn2RnpDi3BxPAuhQNUJ9UQKZR8dXFDSynRPsT8cAAPj
413bWehQ+D8ho3R5lmGNRku44uVOL/wwWg9FbtBpOcYPmkVEfP8o/5r64QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDnXazsdd777D/jI6Gl6vigm+NSmMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvT2Rkck94MTN2dnNQLU1qb2FYcS1LQ2I0MUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADsf1I8PKELPUVSVFCD3
phFvMIi/MkRfvG5t6H0DpQ+ZQ7JkQa9gClBGFraMNLhuPtaeI1vfzeWj9rW2WTO+
Td+A2POYjMcR80Eh5tmMIFKfHEM+1VuAEr0LZhF3MkTM6iqF4oms0sdcnwIISukp
Kt+8+SH+eSUy6EVl8X62rf4qzA6ypAN6rBnZ8IqdD/W31F8jA3zmWsjFIz7rlulI
J5m7GeM5AkSxjJ2Tcs7RH634RXqOXtd3guZcF2ogJtMBDIYGh4oLLHl4Rc00fcIx
6+xSRsPrpSSCseGQYnI5dykUY1ZQurWDeJYdGPxsm5bS1bLbuNxz1SYa0RxZydf3
8Qw=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:17:34 2025 by rpki-client