Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OG-jYMv42546HjFxol7AxQKO2rY.roa
File: OG-jYMv42546HjFxol7AxQKO2rY.roa (raw, json)
Hash identifier: BVAr3AU7hnsQwjJFhEKfTojQiEiiENLFIpYfM+HgRf4=
Subject key identifier: 38:6F:A3:60:CB:F8:DB:9E:3A:1E:31:71:A2:5E:C0:C5:02:8E:DA:B6
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018F551DF0E3B3D7E16D71AEC3760725BE00
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OG-jYMv42546HjFxol7AxQKO2rY.roa
Signing time: Tue 07 May 2024 22:12:56 +0000
ROA not before: Tue 07 May 2024 22:12:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18f:543:9e41/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:55:1d:f0:e3:b3:d7:e1:6d:71:ae:c3:76:07:25:be:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: May 7 22:12:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=386fa360cbf8db9e3a1e3171a25ec0c5028edab6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:08:31:98:83:b1:b2:07:99:37:1c:71:c1:1d:
10:78:47:e8:c8:47:b5:55:db:45:68:ee:14:75:16:
21:8f:24:de:aa:28:a3:e3:fc:e3:9d:d2:22:98:7e:
09:80:d1:c7:58:fa:2b:cf:de:e7:38:66:70:d2:13:
88:be:ef:03:68:fd:5a:b0:df:73:5a:97:9c:5a:d6:
6f:ca:39:b9:a4:b6:32:97:18:e8:55:55:5c:86:69:
a2:dd:1f:46:11:13:9e:bc:f5:d3:a6:5e:86:ce:94:
15:43:8a:b4:24:be:bb:24:b7:99:98:f8:f3:cd:18:
93:6a:d4:5a:13:15:2d:bb:9a:18:0f:58:44:1a:1e:
aa:4c:3f:59:1d:dc:c5:f4:a5:1a:15:f4:b3:b7:7f:
dc:7a:46:19:95:bd:2b:fb:cc:3c:de:09:dc:17:d3:
15:3f:84:e8:7e:61:9c:87:76:c8:a1:33:a6:32:ac:
ed:75:b9:e5:b2:e0:e4:7b:8f:d5:ae:5a:d0:20:92:
a4:20:0b:78:c0:ad:d8:45:02:6a:5a:c0:7e:71:29:
16:be:d0:f6:b1:6e:5a:66:5f:33:6b:bf:be:ac:92:
aa:d4:48:4f:d1:02:08:a4:94:38:f2:b8:5a:2f:d3:
28:e3:27:70:57:f1:b0:68:f2:a4:54:c0:8e:83:65:
fb:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:6F:A3:60:CB:F8:DB:9E:3A:1E:31:71:A2:5E:C0:C5:02:8E:DA:B6
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/OG-jYMv42546HjFxol7AxQKO2rY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
19:26:ad:b4:bd:83:f6:85:e3:31:8b:d8:c8:63:d0:5d:ef:d0:
60:7a:bb:23:2b:c8:43:c5:44:36:32:84:19:67:2b:45:27:22:
65:35:43:8f:f2:89:e5:91:c9:ad:ec:6c:3f:20:f4:e9:4d:11:
1a:ab:07:ee:7a:d3:67:d9:0c:9a:a7:cf:60:10:e7:f6:c7:ba:
28:fe:fc:c4:56:2d:3d:67:c6:cb:42:5d:ad:6a:ab:97:d9:d8:
40:a1:74:b9:4e:18:e5:ba:89:85:a6:b7:31:ae:84:28:6f:9d:
cf:d4:75:bc:c7:87:3c:87:c8:c3:02:b6:1a:a6:5f:fb:b8:e4:
aa:b6:65:c7:16:43:e6:2e:bb:74:bd:b3:07:ce:b4:4a:db:ec:
14:47:fc:2b:4d:7d:76:2c:dd:98:d9:7c:d5:71:95:d8:1a:2b:
bf:b1:85:ee:be:bd:21:5d:a5:2d:ec:36:d6:45:4d:c7:4c:62:
05:29:9f:16:74:bd:5b:6a:f7:be:ce:c9:e2:0c:6e:27:2c:ce:
b1:82:af:37:c9:a2:f1:a8:b9:76:99:ef:0a:02:46:02:7e:d0:
2b:f7:cf:98:1f:c0:c2:f9:c3:7c:6e:5d:52:b3:75:c7:22:51:
db:f8:58:56:21:28:66:cd:0f:ed:0e:aa:09:9c:2c:72:a7:5d:
2a:27:43:0b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY9VHfDjs9fhbXGuw3YHJb4AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNTA3MjIxMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODZmYTM2MGNiZjhkYjllM2ExZTMxNzFhMjVlYzBjNTAyOGVkYWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QgxmIOxsgeZNxxxwR0QeEfoyEe1
VdtFaO4UdRYhjyTeqiij4/zjndIimH4JgNHHWPorz97nOGZw0hOIvu8DaP1asN9z
WpecWtZvyjm5pLYylxjoVVVchmmi3R9GEROevPXTpl6GzpQVQ4q0JL67JLeZmPjz
zRiTatRaExUtu5oYD1hEGh6qTD9ZHdzF9KUaFfSzt3/cekYZlb0r+8w83gncF9MV
P4TofmGch3bIoTOmMqztdbnlsuDke4/VrlrQIJKkIAt4wK3YRQJqWsB+cSkWvtD2
sW5aZl8za7++rJKq1EhP0QIIpJQ48rhaL9Mo4ydwV/GwaPKkVMCOg2X7DQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDhvo2DL+NueOh4xcaJewMUCjtq2MB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvT0ctallNdjQyNTQ2SGpGeG9sN0F4UUtPMnJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABkmrbS9g/aF4zGL2Mhj
0F3v0GB6uyMryEPFRDYyhBlnK0UnImU1Q4/yieWRya3sbD8g9OlNERqrB+5602fZ
DJqnz2AQ5/bHuij+/MRWLT1nxstCXa1qq5fZ2EChdLlOGOW6iYWmtzGuhChvnc/U
dbzHhzyHyMMCthqmX/u45Kq2ZccWQ+Yuu3S9swfOtErb7BRH/CtNfXYs3ZjZfNVx
ldgaK7+xhe6+vSFdpS3sNtZFTcdMYgUpnxZ0vVtq977OyeIMbicszrGCrzfJovGo
uXaZ7woCRgJ+0Cv3z5gfwML5w3xuXVKzdcciUdv4WFYhKGbND+0OqgmcLHKnXSon
Qws=
-----END CERTIFICATE-----
Generated at Wed Apr 30 00:55:29 2025 by rpki-client