Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/oEZWD6GEIqF6F-kLvpr74gF48X0.roa
File: oEZWD6GEIqF6F-kLvpr74gF48X0.roa (raw, json)
Hash identifier: Zl2YTpla2uNnEn0WBMn5HADgrsDU80eHLzntz306mDE=
Subject key identifier: A0:46:56:0F:A1:84:22:A1:7A:17:E9:0B:BE:9A:FB:E2:01:78:F1:7D
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F22E77B3E87E4A3D6544DDE29CACFCE67
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/oEZWD6GEIqF6F-kLvpr74gF48X0.roa
Signing time: Sun 28 Apr 2024 04:12:26 +0000
ROA not before: Sun 28 Apr 2024 04:12:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:22:e7:7b:3e:87:e4:a3:d6:54:4d:de:29:ca:cf:ce:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 28 04:12:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a046560fa18422a17a17e90bbe9afbe20178f17d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:fd:b9:68:cb:ec:ec:8a:b4:67:77:5d:47:ce:
04:72:5a:93:05:ed:d4:0b:21:c3:b5:f3:3d:94:ed:
2a:70:8f:4c:3c:f0:42:0b:0c:a5:9e:8f:a2:84:07:
9b:af:46:6e:87:43:16:c0:18:24:6d:3b:9a:b7:b8:
79:00:e8:bc:57:d2:28:51:5d:0b:8b:dd:56:ce:86:
e2:45:f7:f3:44:e9:83:7c:da:64:2a:5a:00:c7:7f:
6a:05:09:69:33:13:03:38:42:d5:fa:62:be:a7:42:
ea:82:52:0f:f1:bf:9b:a6:21:c2:fa:17:95:d7:91:
df:9b:8b:b4:0d:dc:86:12:ff:5b:c4:fc:6a:5b:85:
14:f4:4e:28:34:e4:51:9f:f0:8f:52:c8:18:e4:34:
7e:70:86:76:97:43:9a:5a:5c:5e:d1:60:cb:55:2c:
e8:5f:3d:66:8e:a5:fe:22:ca:8f:87:54:69:56:22:
84:ae:b0:83:80:38:bc:03:42:cc:6c:32:5b:d2:77:
77:e7:90:46:3c:2e:26:09:e6:ce:40:3d:3e:9e:1d:
37:fb:e0:9f:3c:18:96:04:9e:0a:58:c9:51:0f:e1:
3c:de:c8:55:15:d2:10:b0:8a:72:b9:a5:15:09:7c:
49:e6:00:11:bb:4d:6c:34:2d:1f:ca:d2:06:8f:4c:
91:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:46:56:0F:A1:84:22:A1:7A:17:E9:0B:BE:9A:FB:E2:01:78:F1:7D
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/oEZWD6GEIqF6F-kLvpr74gF48X0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64:ffff:0:18f:543:9e41/128
Signature Algorithm: sha256WithRSAEncryption
af:be:30:62:1d:01:6c:88:2d:30:7e:2a:04:36:93:4d:3d:f9:
bf:1f:95:ba:fb:ce:6e:7b:8f:3a:c5:50:4f:24:3f:40:7e:55:
5f:0b:86:b9:b2:8d:65:93:1e:ba:49:3d:f1:01:c3:45:90:83:
c4:a3:45:c0:ea:6b:f1:ef:e5:b5:78:a0:e8:7a:30:c6:19:60:
88:56:58:1c:6f:bd:ce:a5:49:08:a2:b8:8f:a0:45:de:9a:75:
3a:08:4a:fc:35:58:c2:b3:da:0d:0e:49:9a:e6:a0:fc:6c:e2:
6d:b5:5e:7b:06:c7:82:2a:ab:8a:eb:04:7c:98:f6:c6:4e:84:
38:ec:d9:a5:2c:71:3d:45:af:0f:7c:02:97:7f:ed:c1:02:5b:
9f:0c:af:f0:75:bb:84:91:a1:c7:e9:99:62:aa:ce:a9:74:95:
b6:49:c7:d5:5c:87:e2:4b:17:a1:15:17:2b:9e:c8:c3:1e:4e:
72:6d:70:09:5d:0f:3b:46:79:5f:75:e9:78:e0:47:58:c1:bc:
2d:a8:a5:08:66:c4:80:66:1a:de:a1:2c:b9:77:42:9b:ab:55:
58:d1:2d:94:08:df:82:9f:4f:21:4e:11:25:77:23:72:df:29:
f1:df:a0:85:52:91:af:b6:cf:41:0b:bd:e6:95:a7:08:a8:b9:
94:98:38:5a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY8i53s+h+Sj1lRN3inKz85nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDI4MDQxMjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDQ2NTYwZmExODQyMmExN2ExN2U5MGJiZTlhZmJlMjAxNzhmMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhf25aMvs7Iq0Z3ddR84EclqTBe3U
CyHDtfM9lO0qcI9MPPBCCwylno+ihAebr0Zuh0MWwBgkbTuat7h5AOi8V9IoUV0L
i91WzobiRffzROmDfNpkKloAx39qBQlpMxMDOELV+mK+p0LqglIP8b+bpiHC+heV
15Hfm4u0DdyGEv9bxPxqW4UU9E4oNORRn/CPUsgY5DR+cIZ2l0OaWlxe0WDLVSzo
Xz1mjqX+IsqPh1RpViKErrCDgDi8A0LMbDJb0nd355BGPC4mCebOQD0+nh03++Cf
PBiWBJ4KWMlRD+E83shVFdIQsIpyuaUVCXxJ5gARu01sNC0fytIGj0yRYQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKBGVg+hhCKhehfpC76a++IBePF9MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvb0VaV0Q2R0VJcUY2Ri1rTHZwcjc0Z0Y0OFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAMBAIAATAGAwQDwQAYMBkE
AgACMBMDEQAgAQZ8AGT//wAAAY8FQ55BMA0GCSqGSIb3DQEBCwUAA4IBAQCvvjBi
HQFsiC0wfioENpNNPfm/H5W6+85ue486xVBPJD9AflVfC4a5so1lkx66ST3xAcNF
kIPEo0XA6mvx7+W1eKDoejDGGWCIVlgcb73OpUkIoriPoEXemnU6CEr8NVjCs9oN
Dkma5qD8bOJttV57BseCKquK6wR8mPbGToQ47NmlLHE9Ra8PfAKXf+3BAlufDK/w
dbuEkaHH6Zliqs6pdJW2ScfVXIfiSxehFRcrnsjDHk5ybXAJXQ87Rnlfdel44EdY
wbwtqKUIZsSAZhreoSy5d0Kbq1VY0S2UCN+Cn08hThEldyNy3ynx36CFUpGvts9B
C73mlacIqLmUmDha
-----END CERTIFICATE-----
Generated at Sat May 10 13:41:42 2025 by rpki-client