Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UkoCYiZC-w0xNQaYNhnUOOS4bZs.roa
File: UkoCYiZC-w0xNQaYNhnUOOS4bZs.roa (raw, json)
Hash identifier: t7h72f2D/BGJVs2uihj1/d5eWAwEPNcAshWy6Bw7xXA=
Subject key identifier: 52:4A:02:62:26:42:FB:0D:31:35:06:98:36:19:D4:38:E4:B8:6D:9B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E53CF677774EB58E443921DED321BEEB1
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UkoCYiZC-w0xNQaYNhnUOOS4bZs.roa
Signing time: Mon 18 Mar 2024 23:04:45 +0000
ROA not before: Mon 18 Mar 2024 23:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:53cf:386c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:53:cf:67:77:74:eb:58:e4:43:92:1d:ed:32:1b:ee:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 18 23:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=524a02622642fb0d313506983619d438e4b86d9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d3:0f:e1:3a:bf:03:db:a2:6a:4d:a9:a8:01:
d0:9e:ca:12:34:c6:2f:69:4e:72:7e:29:f1:5d:5b:
2b:3f:07:5b:fd:d5:8d:df:ef:18:ff:f4:fe:f1:6c:
18:77:89:32:e2:47:c6:03:af:0e:aa:b3:9e:c6:f6:
e5:a1:65:73:68:f7:d1:f0:31:d1:c6:ff:e8:c9:4e:
60:20:9a:28:87:f1:a9:e9:c4:6e:38:8e:79:f9:2d:
90:27:ae:40:73:4e:b3:ff:b1:15:ac:ec:37:aa:79:
7c:b0:dc:be:d5:c2:9b:11:2f:5d:32:c8:6b:0b:07:
05:bd:c1:62:08:52:de:9e:4a:db:dc:b7:34:d1:fc:
45:7f:e2:3d:39:71:13:a6:d6:71:1c:87:15:13:cd:
8e:b6:89:8b:33:92:c9:f4:7e:93:8d:b6:a7:24:ac:
40:4f:bf:09:ae:54:44:61:f1:dd:b7:09:63:d2:0e:
56:16:79:a1:e5:73:dd:d6:2e:e6:fe:25:30:1a:da:
04:ab:9c:c4:22:c8:b7:2c:70:93:dc:9a:60:98:a6:
a1:7b:18:b2:ce:67:da:fe:07:1e:6b:67:70:e5:9b:
d6:6a:9f:35:6e:f7:d7:44:1b:8a:03:bb:77:c9:dc:
f2:14:63:c6:7e:d4:6f:7c:d5:8a:93:58:c7:c3:e8:
20:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:4A:02:62:26:42:FB:0D:31:35:06:98:36:19:D4:38:E4:B8:6D:9B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UkoCYiZC-w0xNQaYNhnUOOS4bZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6f:5a:2d:40:a5:e6:01:e7:a3:dc:4d:c4:59:6d:71:2a:cc:d1:
a8:c2:cd:b5:f6:fc:a3:d7:d7:f8:f9:16:6c:5c:a5:15:d0:d1:
13:51:bc:e5:5f:c6:22:aa:43:a2:f1:e8:39:f2:62:b5:e9:e7:
84:78:26:b8:78:6d:75:a6:b8:e7:ea:5f:b4:9e:c3:79:2f:73:
18:1b:51:07:81:7b:59:16:74:70:96:11:45:93:23:d4:6b:ac:
ba:5d:17:33:04:e6:26:78:6b:cc:80:0a:68:0c:6a:16:ba:47:
d0:e0:9a:42:a2:d3:a9:ef:6b:9c:5d:1f:07:b5:9c:cb:f0:71:
ec:00:f3:4e:b6:32:df:58:0a:c7:3c:cc:5a:90:fc:25:67:93:
41:e2:dc:3d:49:c0:6c:94:43:09:14:40:7e:b6:c8:0f:e2:6c:
44:b6:51:85:b1:3e:09:3d:23:32:b7:7f:e8:2b:94:d4:1d:dd:
3f:0f:09:cc:fe:d0:de:10:00:14:1d:93:25:76:67:86:73:2a:
58:94:e6:13:c3:42:68:f5:ed:7b:a3:29:78:d5:93:5f:a9:25:
bf:35:ad:30:5a:d3:71:81:1c:68:1b:10:94:98:79:3d:df:ef:
60:8b:6d:7e:00:fe:dc:86:cb:0c:83:3d:b9:a6:e4:92:f5:4d:
3c:0d:91:ef
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5Tz2d3dOtY5EOSHe0yG+6xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE4MjMwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjRhMDI2MjI2NDJmYjBkMzEzNTA2OTgzNjE5ZDQzOGU0Yjg2ZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNMP4Tq/A9uiak2pqAHQnsoSNMYv
aU5yfinxXVsrPwdb/dWN3+8Y//T+8WwYd4ky4kfGA68OqrOexvbloWVzaPfR8DHR
xv/oyU5gIJooh/Gp6cRuOI55+S2QJ65Ac06z/7EVrOw3qnl8sNy+1cKbES9dMshr
CwcFvcFiCFLenkrb3Lc00fxFf+I9OXETptZxHIcVE82OtomLM5LJ9H6TjbanJKxA
T78JrlREYfHdtwlj0g5WFnmh5XPd1i7m/iUwGtoEq5zEIsi3LHCT3JpgmKahexiy
zmfa/gcea2dw5ZvWap81bvfXRBuKA7t3ydzyFGPGftRvfNWKk1jHw+ggIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFJKAmImQvsNMTUGmDYZ1DjkuG2bMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVWtvQ1lpWkMtdzB4TlFhWU5oblVPT1M0YlpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG9aLUCl5gHno9xNxFlt
cSrM0ajCzbX2/KPX1/j5FmxcpRXQ0RNRvOVfxiKqQ6Lx6DnyYrXp54R4Jrh4bXWm
uOfqX7Sew3kvcxgbUQeBe1kWdHCWEUWTI9RrrLpdFzME5iZ4a8yACmgMaha6R9Dg
mkKi06nva5xdHwe1nMvwcewA8062Mt9YCsc8zFqQ/CVnk0Hi3D1JwGyUQwkUQH62
yA/ibES2UYWxPgk9IzK3f+grlNQd3T8PCcz+0N4QABQdkyV2Z4ZzKliU5hPDQmj1
7XujKXjVk1+pJb81rTBa03GBHGgbEJSYeT3f72CLbX4A/tyGywyDPbmm5JL1TTwN
ke8=
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:17:39 2025 by rpki-client