Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PYokXasOHdlogjV3riHifEsqULk.roa
File: PYokXasOHdlogjV3riHifEsqULk.roa (raw, json)
Hash identifier: SrthhAf4ql7nhAOvIzCLReeLTc4F/gtHPewT37y/xwI=
Subject key identifier: 3D:8A:24:5D:AB:0E:1D:D9:68:82:35:77:AE:21:E2:7C:4B:2A:50:B9
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D92F34EBFBA70999A9AA722B9A07BC04C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PYokXasOHdlogjV3riHifEsqULk.roa
Signing time: Sat 10 Feb 2024 12:17:15 +0000
ROA not before: Sat 10 Feb 2024 12:17:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:92:f3:4e:bf:ba:70:99:9a:9a:a7:22:b9:a0:7b:c0:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 10 12:17:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d8a245dab0e1dd968823577ae21e27c4b2a50b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:23:7f:20:e4:68:a4:9c:6e:95:99:a3:7e:4a:
d8:f4:76:df:92:c4:d5:b4:ab:9d:74:ce:06:60:4d:
f4:41:aa:ec:8d:f1:c1:bd:57:37:cc:e4:64:1e:86:
ce:a9:1b:ee:30:00:1f:1d:67:10:f9:bf:f0:3a:a3:
66:8c:21:2e:4a:4b:35:00:af:46:44:7f:4c:d3:75:
47:ec:8e:f9:fd:1f:50:75:9b:61:d1:71:74:98:24:
01:96:96:da:c3:3a:31:a3:6b:45:cf:c0:fb:f6:5e:
35:53:7c:12:8a:87:72:3d:87:b2:ec:82:32:08:7d:
6e:6a:ab:ec:bd:4c:8f:8a:f9:94:61:49:b4:d4:52:
68:4f:54:da:ea:e9:87:5d:ee:71:5c:35:51:6a:64:
3d:4a:7a:3b:8e:00:b5:70:34:47:83:41:36:bc:9b:
a2:53:9c:89:1b:4c:a8:eb:04:0b:68:0b:ce:53:ef:
56:3f:d0:93:a6:04:67:0d:13:7b:65:8d:b1:82:97:
fa:41:38:ec:19:ca:ef:5a:06:10:68:f4:1f:c5:ae:
06:8d:8c:09:8c:2c:25:11:52:57:07:bb:af:c6:56:
c7:19:aa:69:dc:61:de:65:bf:07:1f:39:cc:17:e7:
96:7e:07:b0:8f:7a:e0:5b:98:ef:52:0d:27:c8:f7:
74:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8A:24:5D:AB:0E:1D:D9:68:82:35:77:AE:21:E2:7C:4B:2A:50:B9
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PYokXasOHdlogjV3riHifEsqULk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4f:52:e7:cc:eb:2a:ca:1a:8c:95:8c:30:00:78:d0:9f:35:fe:
46:b5:da:4a:d0:de:01:ab:bc:59:49:24:b4:7d:31:0e:4e:39:
bc:9d:c9:61:86:fa:81:d3:e4:84:80:6a:23:b2:a2:f4:78:85:
b2:48:11:67:e3:90:79:75:3c:b7:68:07:25:08:9d:1c:03:de:
ee:34:96:21:10:3b:32:94:a3:ea:da:be:2e:2b:05:97:e6:55:
04:0b:1b:2d:9a:99:a9:1d:cd:0a:e4:d0:0c:b3:48:3b:8e:67:
29:03:6a:a5:26:70:03:9b:ec:8e:9c:ad:87:5e:60:b6:b2:1a:
e6:1d:29:bc:c1:b9:6c:59:aa:70:fb:72:28:a3:04:df:77:83:
46:1e:4d:12:b9:0a:1b:cf:5f:b1:1a:34:97:0c:2c:60:dc:4c:
88:3d:65:14:30:63:a0:a1:0b:c9:60:d3:a2:a5:65:88:63:07:
93:ff:37:37:28:59:f6:38:20:b4:f3:e9:88:a7:70:41:40:17:
fe:fd:e9:2c:fa:d8:4a:d5:4b:bc:b7:29:cd:42:58:0c:46:ba:
94:ee:7f:3d:15:9e:29:0f:14:b3:e0:a7:02:1c:68:61:f5:01:
82:e3:27:d6:4c:a6:1f:64:da:b2:95:69:4c:1f:9e:87:b4:9f:
7b:b7:2e:79
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2S806/unCZmpqnIrmge8BMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjEwMTIxNzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDhhMjQ1ZGFiMGUxZGQ5Njg4MjM1NzdhZTIxZTI3YzRiMmE1MGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyN/IORopJxulZmjfkrY9HbfksTV
tKuddM4GYE30QarsjfHBvVc3zORkHobOqRvuMAAfHWcQ+b/wOqNmjCEuSks1AK9G
RH9M03VH7I75/R9QdZth0XF0mCQBlpbawzoxo2tFz8D79l41U3wSiodyPYey7IIy
CH1uaqvsvUyPivmUYUm01FJoT1Ta6umHXe5xXDVRamQ9Sno7jgC1cDRHg0E2vJui
U5yJG0yo6wQLaAvOU+9WP9CTpgRnDRN7ZY2xgpf6QTjsGcrvWgYQaPQfxa4GjYwJ
jCwlEVJXB7uvxlbHGapp3GHeZb8HHznMF+eWfgewj3rgW5jvUg0nyPd0kwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD2KJF2rDh3ZaII1d64h4nxLKlC5MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUFlva1hhc09IZGxvZ2pWM3JpSGlmRXNxVUxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE9S58zrKsoajJWMMAB4
0J81/ka12krQ3gGrvFlJJLR9MQ5OObydyWGG+oHT5ISAaiOyovR4hbJIEWfjkHl1
PLdoByUInRwD3u40liEQOzKUo+ravi4rBZfmVQQLGy2amakdzQrk0AyzSDuOZykD
aqUmcAOb7I6crYdeYLayGuYdKbzBuWxZqnD7ciijBN93g0YeTRK5ChvPX7EaNJcM
LGDcTIg9ZRQwY6ChC8lg06KlZYhjB5P/NzcoWfY4ILTz6YincEFAF/796Sz62ErV
S7y3Kc1CWAxGupTufz0VnikPFLPgpwIcaGH1AYLjJ9ZMph9k2rKVaUwfnoe0n3u3
Lnk=
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:35:12 2025 by rpki-client