Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3YQgwSSC4mRU5NByad_KTyJdouk.roa
File: 3YQgwSSC4mRU5NByad_KTyJdouk.roa (raw, json)
Hash identifier: W/0tIR1i80KHy/JR7QYXWCo4jxJuln3tEeSjYRJeYPg=
Subject key identifier: DD:84:20:C1:24:82:E2:64:54:E4:D0:72:69:DF:CA:4F:22:5D:A2:E9
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018ECB5CE6BDD6F3687986603EAFBF902DC8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3YQgwSSC4mRU5NByad_KTyJdouk.roa
Signing time: Thu 11 Apr 2024 04:14:06 +0000
ROA not before: Thu 11 Apr 2024 04:14:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cb:5c:e6:bd:d6:f3:68:79:86:60:3e:af:bf:90:2d:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 11 04:14:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd8420c12482e26454e4d07269dfca4f225da2e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:51:cb:a4:1f:b9:5f:7e:bc:69:2f:28:92:ed:
28:d2:00:ca:1e:04:60:95:23:51:ad:ab:e1:82:1a:
33:9e:7c:49:53:f8:1b:9e:bf:13:07:1e:0b:f2:85:
d3:4c:9b:f7:67:96:5c:92:ee:31:04:07:e2:f6:b1:
b8:c6:0e:56:06:e5:fe:c2:c3:77:41:68:5c:21:f7:
71:b0:57:67:f7:fd:1c:83:9a:53:d9:26:31:8b:42:
dc:e5:50:cd:0e:1a:bf:8f:61:71:37:4b:a0:cb:91:
fe:5e:82:03:76:3c:a9:8f:99:7c:65:34:60:68:5c:
53:2b:26:38:b4:66:f2:a1:f5:cf:20:3d:73:a7:a3:
39:66:f7:66:30:8e:7c:d1:38:3b:12:57:12:e1:4b:
16:ca:68:77:31:a9:94:03:bc:02:f6:e9:0a:be:9b:
fa:13:b1:2c:e9:2f:8d:66:ff:1d:be:77:15:a7:58:
65:26:21:80:be:97:66:30:8e:d1:6d:59:f5:0e:12:
4f:a0:0a:af:87:21:e9:34:07:98:e4:10:59:5a:ef:
f7:69:5d:72:4e:18:55:2d:b3:52:89:ea:f2:d8:ad:
f6:8d:53:db:da:11:ff:27:77:74:99:f0:19:98:21:
6b:01:07:3f:26:da:8f:ef:de:03:fd:3e:45:14:e3:
9a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:84:20:C1:24:82:E2:64:54:E4:D0:72:69:DF:CA:4F:22:5D:A2:E9
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3YQgwSSC4mRU5NByad_KTyJdouk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
49:3e:98:f8:a7:66:fe:d0:56:01:3a:ac:6c:11:ee:11:e4:72:
b7:38:f5:59:24:cc:09:2f:4e:b8:d7:0a:b3:00:95:5d:85:9d:
7b:1b:25:fe:3a:99:24:a6:d9:31:5b:63:75:57:d7:41:36:9b:
8b:0f:29:b0:5a:29:b8:89:5b:71:9f:77:cd:45:a7:0d:30:87:
f1:98:1c:62:2f:60:d6:69:1a:af:30:de:4a:c9:3f:23:01:7b:
11:87:bc:f8:db:23:2a:99:8a:fa:3a:40:2c:dd:de:88:74:14:
07:da:1d:0c:11:04:d1:8c:fd:46:5e:11:5f:2c:e8:fd:f7:ef:
57:e6:82:40:97:b0:44:f5:bd:dd:26:fb:98:a5:ee:e3:de:bf:
bb:b6:99:14:4a:93:96:14:52:f1:36:38:b8:e2:93:7f:cb:ab:
a1:e5:b3:2e:76:3a:4e:fd:57:39:1e:2f:1a:fb:40:e0:3c:d8:
61:8d:5b:cc:d8:61:7c:09:37:46:40:c8:b3:9c:e6:2a:8f:4b:
00:95:b7:89:ce:46:39:3e:9f:a1:1b:b3:b3:6e:dc:e8:a0:c0:
02:30:2c:b5:d9:74:3e:32:0c:bc:53:14:46:89:f4:9a:3b:7a:
58:dd:b3:d8:e7:61:62:f1:44:f0:87:c7:2e:e5:4c:68:d0:4f:
1f:9e:11:3d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7LXOa91vNoeYZgPq+/kC3IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDExMDQxNDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDg0MjBjMTI0ODJlMjY0NTRlNGQwNzI2OWRmY2E0ZjIyNWRhMmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1HLpB+5X368aS8oku0o0gDKHgRg
lSNRravhghoznnxJU/gbnr8TBx4L8oXTTJv3Z5Zcku4xBAfi9rG4xg5WBuX+wsN3
QWhcIfdxsFdn9/0cg5pT2SYxi0Lc5VDNDhq/j2FxN0ugy5H+XoIDdjypj5l8ZTRg
aFxTKyY4tGbyofXPID1zp6M5ZvdmMI580Tg7ElcS4UsWymh3MamUA7wC9ukKvpv6
E7Es6S+NZv8dvncVp1hlJiGAvpdmMI7RbVn1DhJPoAqvhyHpNAeY5BBZWu/3aV1y
ThhVLbNSiery2K32jVPb2hH/J3d0mfAZmCFrAQc/JtqP794D/T5FFOOajQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN2EIMEkguJkVOTQcmnfyk8iXaLpMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvM1lRZ3dTU0M0bVJVNU5CeWFkX0tUeUpkb3VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEk+mPinZv7QVgE6rGwR
7hHkcrc49VkkzAkvTrjXCrMAlV2FnXsbJf46mSSm2TFbY3VX10E2m4sPKbBaKbiJ
W3Gfd81Fpw0wh/GYHGIvYNZpGq8w3krJPyMBexGHvPjbIyqZivo6QCzd3oh0FAfa
HQwRBNGM/UZeEV8s6P3371fmgkCXsET1vd0m+5il7uPev7u2mRRKk5YUUvE2OLji
k3/Lq6Hlsy52Ok79VzkeLxr7QOA82GGNW8zYYXwJN0ZAyLOc5iqPSwCVt4nORjk+
n6Ebs7Nu3OigwAIwLLXZdD4yDLxTFEaJ9Jo7eljds9jnYWLxRPCHxy7lTGjQTx+e
ET0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:44 2025 by rpki-client