Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Y9E1oTk_sivArCBN0P2UIM7LwWk.roa
File: Y9E1oTk_sivArCBN0P2UIM7LwWk.roa (raw, json)
Hash identifier: GxSPCbyqHMIbr/hSYaMrJJ6XUgpnDjSb1AA74uPjlfU=
Subject key identifier: 63:D1:35:A1:39:3F:B2:2B:C0:AC:20:4D:D0:FD:94:20:CE:CB:C1:69
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D0698E993CCDDA5B2EBF477A7AD1220E2
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Y9E1oTk_sivArCBN0P2UIM7LwWk.roa
Signing time: Sun 14 Jan 2024 06:11:40 +0000
ROA not before: Sun 14 Jan 2024 06:11:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:06:98:e9:93:cc:dd:a5:b2:eb:f4:77:a7:ad:12:20:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 14 06:11:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63d135a1393fb22bc0ac204dd0fd9420cecbc169
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1c:21:83:6a:96:08:80:f4:77:c0:05:9b:f2:
10:ef:e4:a3:11:43:a9:b6:39:99:31:81:cc:a9:58:
f7:fc:c9:4e:1a:37:82:23:20:6d:4d:bc:d1:c3:69:
bf:5b:17:77:cf:6e:aa:08:b7:2f:1e:e9:58:58:05:
e0:8a:51:ae:67:2d:30:1b:56:e3:c0:70:28:04:26:
7e:8e:79:98:bc:79:d4:94:87:61:94:2c:48:41:ca:
0b:6f:01:30:a0:71:82:5a:ec:fd:2c:50:83:6d:df:
17:b2:75:25:e8:3a:41:58:62:97:f3:31:0b:c1:5b:
1a:65:48:0c:10:df:cc:c7:41:30:86:a8:2e:98:e4:
a8:68:ae:f7:58:66:da:7a:db:c8:d5:6f:0b:70:2d:
43:e4:72:ca:32:69:a8:0f:db:6d:69:04:ea:e3:6e:
6e:f6:f9:34:7e:4e:40:ad:85:41:cf:6f:1b:cf:81:
19:c1:8b:4c:37:eb:59:ea:2e:4b:16:ac:b4:7a:4a:
df:c8:6f:57:1a:fb:f0:d0:c7:27:88:47:88:70:ec:
e9:ff:fe:ca:60:b2:64:e2:2b:ad:d5:e2:93:20:c5:
94:ec:8c:56:00:30:ed:19:11:d3:7a:7d:0c:6c:09:
9f:06:78:65:32:91:37:6f:df:5b:b4:86:33:11:59:
1e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:D1:35:A1:39:3F:B2:2B:C0:AC:20:4D:D0:FD:94:20:CE:CB:C1:69
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Y9E1oTk_sivArCBN0P2UIM7LwWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9d:c7:1b:91:06:9b:64:5e:dd:3e:1c:fb:22:a5:2c:5f:7b:33:
fb:24:e2:6d:56:83:6f:06:32:ee:ce:24:c5:5c:16:13:50:da:
0f:72:42:19:22:69:a7:a6:9e:5f:80:8a:31:b4:a2:18:e6:7a:
4d:42:b1:77:5c:76:d7:26:98:3d:75:c1:0b:b0:17:34:68:76:
38:5c:04:38:93:2a:62:f2:5d:b7:d5:58:2f:0b:4e:59:a8:1d:
bc:79:ec:28:d8:90:4b:da:64:56:ea:ca:4b:c4:bf:96:29:a4:
ef:39:09:60:19:43:7b:e6:0b:1f:fe:aa:4b:30:02:55:a9:44:
12:f5:7a:ec:f7:d4:a3:04:02:f0:d1:e0:16:70:1c:e2:1f:0b:
e1:96:69:f3:d1:e5:38:d1:a6:20:a5:7b:68:13:8e:9a:4e:c0:
a2:48:16:0e:70:d2:5a:89:e2:25:6d:4e:1a:4c:f6:18:10:64:
03:5b:11:48:b0:e2:63:60:2c:66:5b:2c:e0:10:f0:04:8a:72:
84:7e:56:06:ea:1e:c3:af:ef:33:26:8b:93:7f:b5:19:0e:28:
23:cb:23:9a:c0:d7:be:19:86:d5:5b:0c:a3:13:a3:4f:b8:f9:
01:bb:83:e6:74:bb:06:be:4f:d5:87:99:e0:ae:2a:25:0f:5a:
1f:ef:33:5b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0GmOmTzN2lsuv0d6etEiDiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE0MDYxMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2QxMzVhMTM5M2ZiMjJiYzBhYzIwNGRkMGZkOTQyMGNlY2JjMTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRwhg2qWCID0d8AFm/IQ7+SjEUOp
tjmZMYHMqVj3/MlOGjeCIyBtTbzRw2m/Wxd3z26qCLcvHulYWAXgilGuZy0wG1bj
wHAoBCZ+jnmYvHnUlIdhlCxIQcoLbwEwoHGCWuz9LFCDbd8XsnUl6DpBWGKX8zEL
wVsaZUgMEN/Mx0EwhqgumOSoaK73WGbaetvI1W8LcC1D5HLKMmmoD9ttaQTq425u
9vk0fk5ArYVBz28bz4EZwYtMN+tZ6i5LFqy0ekrfyG9XGvvw0McniEeIcOzp//7K
YLJk4iut1eKTIMWU7IxWADDtGRHTen0MbAmfBnhlMpE3b99btIYzEVkeAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGPRNaE5P7IrwKwgTdD9lCDOy8FpMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWTlFMW9Ua19zaXZBckNCTjBQMlVJTTdMd1drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ3HG5EGm2Re3T4c+yKl
LF97M/sk4m1Wg28GMu7OJMVcFhNQ2g9yQhkiaaemnl+AijG0ohjmek1CsXdcdtcm
mD11wQuwFzRodjhcBDiTKmLyXbfVWC8LTlmoHbx57CjYkEvaZFbqykvEv5YppO85
CWAZQ3vmCx/+qkswAlWpRBL1euz31KMEAvDR4BZwHOIfC+GWafPR5TjRpiCle2gT
jppOwKJIFg5w0lqJ4iVtThpM9hgQZANbEUiw4mNgLGZbLOAQ8ASKcoR+VgbqHsOv
7zMmi5N/tRkOKCPLI5rA174ZhtVbDKMTo0+4+QG7g+Z0uwa+T9WHmeCuKiUPWh/v
M1s=
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:19:33 2025 by rpki-client