Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YBmdestxO77CWth8BN0DW18_IIg.roa
File: YBmdestxO77CWth8BN0DW18_IIg.roa (raw, json)
Hash identifier: 8K0WEv/B0VcNmbjqlJAoFFOAXuspzgcwsWL8ZoVI1dg=
Subject key identifier: 60:19:9D:7A:CB:71:3B:BE:C2:5A:D8:7C:04:DD:03:5B:5F:3F:20:88
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D276FC06F369B19117D6CDA4385BB1660
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YBmdestxO77CWth8BN0DW18_IIg.roa
Signing time: Sat 20 Jan 2024 15:14:11 +0000
ROA not before: Sat 20 Jan 2024 15:14:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:27:6f:c0:6f:36:9b:19:11:7d:6c:da:43:85:bb:16:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 20 15:14:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60199d7acb713bbec25ad87c04dd035b5f3f2088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:39:bc:dd:25:aa:df:88:9e:41:47:13:de:58:
0d:2d:38:85:48:2b:4a:12:e8:d6:e9:2e:35:a7:33:
43:67:61:80:4f:5e:90:e8:25:1b:ee:8f:8a:d7:4d:
86:54:b0:b7:b0:73:cc:81:05:5c:d0:9d:ae:e2:66:
03:89:b8:e9:23:cf:31:29:37:af:df:eb:91:98:72:
b5:f1:52:01:82:8c:0d:27:f7:3a:4f:32:6b:8f:ab:
89:5a:a8:d5:bb:d9:33:c3:18:1e:8c:53:c9:3a:18:
97:9e:11:4a:fa:d2:a1:da:02:45:ac:93:99:fa:8e:
aa:a3:50:e5:75:bd:20:a7:55:b1:7b:83:f2:69:c5:
77:ba:f4:55:91:7b:d1:99:a2:a3:74:fd:13:7f:94:
3b:f3:82:23:9e:eb:1f:75:8f:23:a0:88:9b:1c:58:
44:0c:bd:31:4a:1b:b7:12:16:50:95:32:da:c2:4e:
70:30:cc:bb:46:18:67:38:32:c4:91:e5:da:07:ed:
5d:57:10:37:32:12:fb:92:1a:10:c8:d3:c2:32:ba:
e1:ff:7e:cb:8a:e0:fa:54:87:0a:a2:f0:0e:85:4d:
78:28:de:fc:4a:9e:08:a2:b7:3a:41:47:25:2e:65:
fb:ec:bb:d6:a1:3a:cd:79:27:2b:0a:09:01:d1:5c:
6c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:19:9D:7A:CB:71:3B:BE:C2:5A:D8:7C:04:DD:03:5B:5F:3F:20:88
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YBmdestxO77CWth8BN0DW18_IIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
09:d1:b2:40:70:17:f8:30:88:f9:26:86:95:ec:66:cf:81:58:
ff:79:0d:6b:98:97:e1:88:a0:cb:f1:c4:4f:e1:96:d7:73:36:
0e:1d:a3:16:be:17:d2:f7:aa:17:3a:de:1d:43:1b:b4:31:ee:
cb:11:2d:79:d2:29:b2:5b:52:99:92:9f:6e:b9:1f:01:46:54:
3e:56:ef:f3:71:95:e5:19:a3:dd:b5:b9:72:62:c3:51:12:7c:
c9:a6:fa:6a:dc:34:f6:a0:e2:f3:6c:d2:71:3c:65:26:b8:02:
3d:6c:5e:51:77:12:20:02:f5:b9:b0:14:3e:1f:13:ef:03:85:
97:fe:7e:b6:a8:8c:00:32:d9:1a:94:e7:96:55:f6:7b:87:4d:
ba:a3:e1:39:df:81:46:95:3c:f3:65:e5:07:72:89:76:60:ff:
f4:fa:80:e4:99:ae:29:80:75:c0:26:d0:fb:a7:5b:43:cf:92:
8a:8b:6e:8d:de:ca:cc:c2:66:f4:a3:4b:5c:47:e8:b6:bf:40:
d8:c0:4d:63:6b:ce:cf:99:cb:87:71:ae:c1:1f:7a:4f:5f:63:
b1:c5:4c:f7:71:bb:56:01:24:22:9d:f8:76:7f:f7:4b:95:74:
38:ff:c4:66:16:86:37:69:59:43:6f:5e:2f:69:7c:19:2e:89:
23:dc:47:81
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0nb8BvNpsZEX1s2kOFuxZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIwMTUxNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDE5OWQ3YWNiNzEzYmJlYzI1YWQ4N2MwNGRkMDM1YjVmM2YyMDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTm83SWq34ieQUcT3lgNLTiFSCtK
EujW6S41pzNDZ2GAT16Q6CUb7o+K102GVLC3sHPMgQVc0J2u4mYDibjpI88xKTev
3+uRmHK18VIBgowNJ/c6TzJrj6uJWqjVu9kzwxgejFPJOhiXnhFK+tKh2gJFrJOZ
+o6qo1Dldb0gp1Wxe4PyacV3uvRVkXvRmaKjdP0Tf5Q784IjnusfdY8joIibHFhE
DL0xShu3EhZQlTLawk5wMMy7RhhnODLEkeXaB+1dVxA3MhL7khoQyNPCMrrh/37L
iuD6VIcKovAOhU14KN78Sp4Iorc6QUclLmX77LvWoTrNeScrCgkB0VxsAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGAZnXrLcTu+wlrYfATdA1tfPyCIMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWUJtZGVzdHhPNzdDV3RoOEJOMERXMThfSUlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAnRskBwF/gwiPkmhpXs
Zs+BWP95DWuYl+GIoMvxxE/hltdzNg4doxa+F9L3qhc63h1DG7Qx7ssRLXnSKbJb
UpmSn265HwFGVD5W7/NxleUZo921uXJiw1ESfMmm+mrcNPag4vNs0nE8ZSa4Aj1s
XlF3EiAC9bmwFD4fE+8DhZf+fraojAAy2RqU55ZV9nuHTbqj4TnfgUaVPPNl5Qdy
iXZg//T6gOSZrimAdcAm0PunW0PPkoqLbo3eyszCZvSjS1xH6La/QNjATWNrzs+Z
y4dxrsEfek9fY7HFTPdxu1YBJCKd+HZ/90uVdDj/xGYWhjdpWUNvXi9pfBkuiSPc
R4E=
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:59:35 2025 by rpki-client