Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5yCuIwZiqKrWEg833VmsAOaxEXA.roa
File: 5yCuIwZiqKrWEg833VmsAOaxEXA.roa (raw, json)
Hash identifier: m5BX05SlW6wMwp5JLb8lCvVckP8AlIah89aURwsqK3Y=
Subject key identifier: E7:20:AE:23:06:62:A8:AA:D6:12:0F:37:DD:59:AC:00:E6:B1:11:70
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E7360C3B1A8E667063E78E6C27B0A68A1
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5yCuIwZiqKrWEg833VmsAOaxEXA.roa
Signing time: Mon 25 Mar 2024 02:11:45 +0000
ROA not before: Mon 25 Mar 2024 02:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:73:60:c3:b1:a8:e6:67:06:3e:78:e6:c2:7b:0a:68:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 25 02:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e720ae230662a8aad6120f37dd59ac00e6b11170
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4b:04:ff:d0:cd:6d:24:29:f2:0c:3b:b3:e6:
d8:9b:cc:9b:9d:9b:34:d8:fb:a3:fd:24:48:3a:c2:
7a:6e:ad:7c:8b:22:54:63:74:9e:a2:23:09:11:da:
93:9d:ee:31:91:c4:95:5a:9a:3b:30:f2:17:31:02:
90:17:c1:f4:cc:e7:2a:3b:1d:5d:18:34:60:3b:01:
c5:90:ca:33:ee:7d:c3:e9:ea:96:ac:33:fc:08:0e:
34:73:10:a2:94:9a:2a:17:f7:cc:11:19:fd:a4:dd:
33:7a:48:9c:08:a5:5e:97:97:b6:ac:50:35:c7:90:
6e:e1:19:a4:45:8e:53:4d:3c:33:67:c0:4f:f8:34:
ad:2f:18:54:6f:a8:84:d5:7e:77:7d:ca:55:9e:b4:
c2:4c:62:65:88:8b:e7:0f:43:38:2f:17:55:f0:f5:
ff:ba:a1:17:11:07:22:3e:07:a2:ae:35:97:9d:53:
bb:82:d5:4c:fc:bf:9c:7c:86:71:c2:55:bf:49:91:
8c:4f:cb:78:b5:85:2a:55:9d:a1:f9:83:81:2e:ef:
23:69:a1:32:0c:e7:c3:2b:53:61:fb:9f:66:bf:87:
8f:9a:0f:d7:6b:e8:c2:26:dc:cc:38:25:80:79:04:
02:f5:a0:f4:4f:8c:d8:ed:35:28:92:74:30:cb:ba:
95:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:20:AE:23:06:62:A8:AA:D6:12:0F:37:DD:59:AC:00:E6:B1:11:70
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5yCuIwZiqKrWEg833VmsAOaxEXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
84:0f:79:97:22:ef:fc:3b:a2:99:0d:5d:1c:d7:4e:55:b9:77:
cd:64:99:31:4c:21:9a:b0:17:3b:96:f1:a8:6c:e7:ce:1b:ad:
9f:13:5c:64:42:6d:7e:0e:b4:95:d3:24:7a:da:06:7a:b2:89:
56:f4:3c:2b:69:1a:dd:b1:88:24:0b:09:2b:d6:eb:4c:e7:ba:
df:e3:ba:99:19:d7:61:24:59:e3:93:be:d9:d4:e4:55:df:68:
78:b2:b1:43:75:08:17:78:e1:0a:09:ec:99:0a:00:44:9a:27:
69:08:bc:44:c7:01:28:50:2c:d8:30:e4:95:8c:1d:6e:1c:76:
94:6e:fb:da:51:a1:d5:04:4f:75:1a:c9:1f:b6:26:bc:5a:c7:
09:48:2c:0e:09:a6:22:b2:2a:9c:b0:91:46:7b:43:25:20:7a:
30:93:18:fe:d3:ce:15:b1:33:c6:36:16:16:88:fd:a8:cd:54:
a5:e8:80:9d:07:32:d7:42:13:87:08:2e:8a:73:ff:13:2d:01:
6e:90:42:65:ec:d4:de:0d:a8:c8:fb:fa:04:ba:fd:ab:0c:dd:
22:65:66:af:ba:eb:f6:27:8c:dc:66:16:37:9e:f3:ba:ac:27:
eb:99:6f:3a:cc:8d:6d:77:00:61:5b:77:46:ed:98:78:32:17:
f7:9f:0c:c6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5zYMOxqOZnBj545sJ7CmihMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI1MDIxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzIwYWUyMzA2NjJhOGFhZDYxMjBmMzdkZDU5YWMwMGU2YjExMTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUsE/9DNbSQp8gw7s+bYm8ybnZs0
2Puj/SRIOsJ6bq18iyJUY3SeoiMJEdqTne4xkcSVWpo7MPIXMQKQF8H0zOcqOx1d
GDRgOwHFkMoz7n3D6eqWrDP8CA40cxCilJoqF/fMERn9pN0zekicCKVel5e2rFA1
x5Bu4RmkRY5TTTwzZ8BP+DStLxhUb6iE1X53fcpVnrTCTGJliIvnD0M4LxdV8PX/
uqEXEQciPgeirjWXnVO7gtVM/L+cfIZxwlW/SZGMT8t4tYUqVZ2h+YOBLu8jaaEy
DOfDK1Nh+59mv4ePmg/Xa+jCJtzMOCWAeQQC9aD0T4zY7TUoknQwy7qVvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOcgriMGYqiq1hIPN91ZrADmsRFwMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNXlDdUl3WmlxS3JXRWc4MzNWbXNBT2F4RVhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIQPeZci7/w7opkNXRzX
TlW5d81kmTFMIZqwFzuW8ahs584brZ8TXGRCbX4OtJXTJHraBnqyiVb0PCtpGt2x
iCQLCSvW60znut/jupkZ12EkWeOTvtnU5FXfaHiysUN1CBd44QoJ7JkKAESaJ2kI
vETHAShQLNgw5JWMHW4cdpRu+9pRodUET3UayR+2JrxaxwlILA4JpiKyKpywkUZ7
QyUgejCTGP7TzhWxM8Y2FhaI/ajNVKXogJ0HMtdCE4cILopz/xMtAW6QQmXs1N4N
qMj7+gS6/asM3SJlZq+66/YnjNxmFjee87qsJ+uZbzrMjW13AGFbd0btmHgyF/ef
DMY=
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:33:18 2025 by rpki-client