Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/oPwxIpDRqPX3ffLzkAat3Bmsybo.roa
File: oPwxIpDRqPX3ffLzkAat3Bmsybo.roa (raw, json)
Hash identifier: ym0MVgWKZ0ofZIto72NHDWJ1oSGkSDP/wJBZ4nJX5A4=
Subject key identifier: A0:FC:31:22:90:D1:A8:F5:F7:7D:F2:F3:90:06:AD:DC:19:AC:C9:BA
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F80DE7824D44A3C58693E6EEAFB9D4BBB
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/oPwxIpDRqPX3ffLzkAat3Bmsybo.roa
Signing time: Thu 16 May 2024 10:06:54 +0000
ROA not before: Thu 16 May 2024 10:06:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:80dc:2f45/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:80:de:78:24:d4:4a:3c:58:69:3e:6e:ea:fb:9d:4b:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 16 10:06:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0fc312290d1a8f5f77df2f39006addc19acc9ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:cd:65:5e:dc:f4:fb:42:4a:9a:6c:48:d1:d4:
3c:83:8a:f8:5d:2e:07:d5:13:7a:9f:dc:5d:db:ac:
9e:11:e9:e1:e5:0c:59:38:3d:69:cd:62:13:23:42:
a5:cc:e8:c2:48:dd:f3:e3:31:a6:63:5b:a5:df:f4:
2f:0d:74:a7:a5:12:25:9d:31:93:86:80:4b:58:55:
e5:4e:51:f6:ba:f0:82:2c:95:a0:c9:de:e4:d8:1b:
a2:99:53:a1:cb:6c:3a:54:af:88:c7:00:a5:b0:97:
a0:66:52:22:19:de:ec:00:88:45:6c:5c:14:cc:f7:
94:e5:b6:b6:f4:38:38:39:7f:de:36:7f:e2:c8:d7:
82:58:dd:5b:ae:99:95:8a:4d:c8:b9:33:b4:f2:c4:
ab:2f:3e:a9:f9:ad:55:92:da:7c:5c:c3:a9:e0:18:
4e:8e:8b:4c:c5:5c:ed:3c:cb:11:5f:57:c7:17:5c:
39:41:a3:b7:63:bb:0e:e0:63:51:70:62:7f:0f:ea:
c0:07:db:5c:c5:97:b8:5e:5a:f7:f6:74:e8:1b:09:
14:89:9c:ed:08:e9:22:e8:5d:71:05:ec:60:9d:8e:
2b:56:23:d4:f0:81:f4:8a:20:84:f2:85:46:69:fe:
17:14:a7:e9:02:eb:92:d7:65:28:d8:3f:21:25:64:
a7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:FC:31:22:90:D1:A8:F5:F7:7D:F2:F3:90:06:AD:DC:19:AC:C9:BA
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/oPwxIpDRqPX3ffLzkAat3Bmsybo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:a2:a0:3c:13:42:23:27:34:0a:5c:85:59:5c:b3:34:e3:4a:
d4:64:cf:c0:b9:6f:fe:e7:62:48:8b:5f:f0:3a:d0:19:cb:bb:
1f:8d:e0:f6:16:5d:60:cd:b0:18:9a:c2:d9:29:58:31:11:1c:
6b:ad:d9:48:6f:13:db:95:b7:00:d0:41:b2:ea:1b:d0:a6:a1:
40:05:5d:fe:c2:82:e7:1a:83:0c:ed:bc:12:d1:d8:d0:25:70:
21:59:ef:bf:22:04:a5:cc:83:c9:86:63:81:8c:c3:65:b3:6d:
2c:7c:a1:f0:26:2c:04:38:5e:3b:9b:12:d1:1d:3c:69:9b:41:
01:39:82:50:a8:c9:23:f4:cf:2c:1e:94:20:78:53:f5:eb:66:
4f:ee:13:11:64:f9:70:50:25:a8:2f:17:28:33:26:18:df:06:
48:70:42:4a:e8:e3:7c:d1:99:27:55:63:1f:98:0b:62:03:bb:
4c:fc:ae:45:54:b9:60:df:50:4c:cc:d7:11:f0:e6:70:65:ed:
63:62:0b:0f:42:4a:c5:48:2c:ab:01:32:e0:23:77:01:a2:49:
05:be:b6:2a:70:2b:6a:59:e1:f9:c4:4e:59:4e:80:26:f8:4f:
fb:9c:26:63:22:8e:ad:13:3e:2b:d1:8a:4f:cc:30:0c:27:f9:
9a:9d:22:15
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY+A3ngk1Eo8WGk+bur7nUu7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTE2MTAwNjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGZjMzEyMjkwZDFhOGY1Zjc3ZGYyZjM5MDA2YWRkYzE5YWNjOWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt81lXtz0+0JKmmxI0dQ8g4r4XS4H
1RN6n9xd26yeEenh5QxZOD1pzWITI0KlzOjCSN3z4zGmY1ul3/QvDXSnpRIlnTGT
hoBLWFXlTlH2uvCCLJWgyd7k2BuimVOhy2w6VK+IxwClsJegZlIiGd7sAIhFbFwU
zPeU5ba29Dg4OX/eNn/iyNeCWN1brpmVik3IuTO08sSrLz6p+a1Vktp8XMOp4BhO
jotMxVztPMsRX1fHF1w5QaO3Y7sO4GNRcGJ/D+rAB9tcxZe4Xlr39nToGwkUiZzt
COki6F1xBexgnY4rViPU8IH0iiCE8oVGaf4XFKfpAuuS12Uo2D8hJWSnrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKD8MSKQ0aj1933y85AGrdwZrMm6MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvb1B3eElwRFJxUFgzZmZMemtBYXQzQm1zeWJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGCioDwTQiMnNApchVlc
szTjStRkz8C5b/7nYkiLX/A60BnLux+N4PYWXWDNsBiawtkpWDERHGut2UhvE9uV
twDQQbLqG9CmoUAFXf7CgucagwztvBLR2NAlcCFZ778iBKXMg8mGY4GMw2WzbSx8
ofAmLAQ4XjubEtEdPGmbQQE5glCoySP0zywelCB4U/XrZk/uExFk+XBQJagvFygz
JhjfBkhwQkro43zRmSdVYx+YC2IDu0z8rkVUuWDfUEzM1xHw5nBl7WNiCw9CSsVI
LKsBMuAjdwGiSQW+tipwK2pZ4fnETllOgCb4T/ucJmMijq0TPivRik/MMAwn+Zqd
IhU=
-----END CERTIFICATE-----
Generated at Sat May 10 13:24:39 2025 by rpki-client