Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OSG8ChXm9DmrHChAzHx1HzwRdKQ.roa
File: OSG8ChXm9DmrHChAzHx1HzwRdKQ.roa (raw, json)
Hash identifier: Ma6DUQTyOt0sA8D8oP4Gl3b9d5XgElRUI2AKPvN6hew=
Subject key identifier: 39:21:BC:0A:15:E6:F4:39:AB:1C:28:40:CC:7C:75:1F:3C:11:74:A4
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185F8129DFF0175BA589F65A24DF2FB1313
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OSG8ChXm9DmrHChAzHx1HzwRdKQ.roa
Signing time: Sat 28 Jan 2023 11:10:47 +0000
ROA not before: Sat 28 Jan 2023 11:10:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f8:12:9d:ff:01:75:ba:58:9f:65:a2:4d:f2:fb:13:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 28 11:10:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3921bc0a15e6f439ab1c2840cc7c751f3c1174a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c7:cb:e5:b1:98:f4:b8:e1:db:fd:0b:22:7e:
75:f9:b6:b1:0b:12:7b:de:7c:b7:78:51:3b:ce:a7:
e8:02:e9:c8:7e:ba:d1:87:2d:fc:51:bb:79:77:f5:
c8:16:ae:ca:f7:53:26:db:d4:ce:1b:da:b5:79:ab:
c7:b7:aa:31:45:99:52:b7:65:05:bd:d4:76:08:43:
b9:b8:ae:30:cf:3e:0a:8c:7c:a8:f2:32:32:95:84:
32:a2:ec:d3:2e:2c:f7:cd:af:61:42:69:9f:c2:a9:
e0:f1:b7:24:e2:42:d1:48:d4:da:25:6e:22:37:b4:
54:df:ce:9f:69:a5:78:71:4c:10:ad:bb:ad:f6:e8:
b1:7e:9b:b4:57:0f:de:10:54:78:6e:a3:c7:dd:a0:
c3:2d:cb:1d:18:7f:1f:ee:d5:37:b6:1a:fc:08:ea:
bf:52:ce:d9:70:dc:4b:57:49:43:fc:c0:ca:ac:7c:
ed:fa:a6:eb:84:9a:d0:10:c1:8c:7c:be:0f:71:1b:
bd:20:5d:e2:df:b0:dc:76:0f:14:03:a0:98:b7:86:
eb:05:a6:34:d3:d8:62:b8:4a:68:6c:49:7e:b2:e5:
8b:c1:3f:b2:6e:de:31:08:f0:76:61:8c:cb:57:43:
9e:b3:d4:b4:f4:9b:59:98:bd:6d:ae:7f:d3:63:28:
85:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:21:BC:0A:15:E6:F4:39:AB:1C:28:40:CC:7C:75:1F:3C:11:74:A4
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/OSG8ChXm9DmrHChAzHx1HzwRdKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:95:c6:e8:98:f4:8b:c5:d1:72:61:58:21:18:53:f9:fc:4d:
58:16:63:bd:b7:ed:c6:79:d1:58:97:f3:ce:81:e9:5c:c3:48:
d5:7d:68:f9:e4:22:39:3e:e0:ca:99:da:4e:94:09:69:4b:85:
5f:15:91:13:53:5b:1b:50:6b:31:69:64:75:96:2f:6f:65:66:
d5:25:44:02:1b:fd:f7:8f:5b:55:ec:09:9f:91:a2:9c:c7:ef:
65:1e:2e:c7:9b:68:aa:d5:31:3a:6e:58:30:4b:e6:36:6b:1e:
a0:a5:e7:74:60:8c:51:e0:42:82:ba:79:28:d7:9d:3a:6c:0a:
4e:32:22:49:f3:f8:d8:d8:be:2a:5c:e8:5d:7e:8e:5a:47:b8:
68:86:00:9e:93:5c:01:84:bf:6d:bc:d3:7b:06:76:37:34:c1:
60:12:8c:cc:d5:38:d8:ef:16:08:c9:c8:88:f5:db:e3:9c:80:
e6:89:ae:f2:d3:b9:7d:b4:0f:32:72:d6:27:94:4a:7d:5a:cc:
35:54:ba:b6:44:3f:f0:bb:9d:b3:82:71:37:1f:46:06:bf:b2:
aa:36:08:c3:37:d0:59:51:96:f5:23:62:9a:a1:35:65:0f:42:
45:92:dc:9d:9e:ee:79:b1:f9:ac:d9:2b:68:01:26:83:01:1a:
8c:6b:c9:f5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYX4Ep3/AXW6WJ9lok3y+xMTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTI4MTExMDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTIxYmMwYTE1ZTZmNDM5YWIxYzI4NDBjYzdjNzUxZjNjMTE3NGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMfL5bGY9Ljh2/0LIn51+baxCxJ7
3ny3eFE7zqfoAunIfrrRhy38Ubt5d/XIFq7K91Mm29TOG9q1eavHt6oxRZlSt2UF
vdR2CEO5uK4wzz4KjHyo8jIylYQyouzTLiz3za9hQmmfwqng8bck4kLRSNTaJW4i
N7RU386faaV4cUwQrbut9uixfpu0Vw/eEFR4bqPH3aDDLcsdGH8f7tU3thr8COq/
Us7ZcNxLV0lD/MDKrHzt+qbrhJrQEMGMfL4PcRu9IF3i37Dcdg8UA6CYt4brBaY0
09hiuEpobEl+suWLwT+ybt4xCPB2YYzLV0Oes9S09JtZmL1trn/TYyiF3wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDkhvAoV5vQ5qxwoQMx8dR88EXSkMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvT1NHOENoWG05RG1ySENoQXpIeDFIendSZEtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFiVxuiY9IvF0XJhWCEY
U/n8TVgWY7237cZ50ViX886B6VzDSNV9aPnkIjk+4MqZ2k6UCWlLhV8VkRNTWxtQ
azFpZHWWL29lZtUlRAIb/fePW1XsCZ+RopzH72UeLsebaKrVMTpuWDBL5jZrHqCl
53RgjFHgQoK6eSjXnTpsCk4yIknz+NjYvipc6F1+jlpHuGiGAJ6TXAGEv22803sG
djc0wWASjMzVONjvFgjJyIj12+OcgOaJrvLTuX20DzJy1ieUSn1azDVUurZEP/C7
nbOCcTcfRga/sqo2CMM30FlRlvUjYpqhNWUPQkWS3J2e7nmx+azZK2gBJoMBGoxr
yfU=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:40:49 2025 by rpki-client