Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YDBU_i45EGKvR-4ojyr-kpzV11U.roa
File: YDBU_i45EGKvR-4ojyr-kpzV11U.roa (raw, json)
Hash identifier: oyMbDCIe9c/yJ+Vxmm6Ly6V8HjP1XCt7k4gfZ2zHpog=
Subject key identifier: 60:30:54:FE:2E:39:10:62:AF:47:EE:28:8F:2A:FE:92:9C:D5:D7:55
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E961D476DB3C260C8CC10EFD725C1512A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YDBU_i45EGKvR-4ojyr-kpzV11U.roa
Signing time: Sun 31 Mar 2024 20:04:44 +0000
ROA not before: Sun 31 Mar 2024 20:04:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
2001:67c:64:ffff:0:18e:961c:c2be/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:96:1d:47:6d:b3:c2:60:c8:cc:10:ef:d7:25:c1:51:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 31 20:04:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=603054fe2e391062af47ee288f2afe929cd5d755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:04:58:84:6d:c2:8c:ac:7c:e6:d4:8f:7f:97:
06:79:2c:e2:1c:60:9e:5f:58:33:38:79:46:4d:32:
01:bf:f1:f4:c5:0c:5a:32:d1:2a:36:fc:bc:d3:de:
8e:3b:93:68:65:de:4d:73:90:a0:13:5c:0c:87:f5:
ce:ed:a9:e3:96:51:83:78:ef:d9:81:72:80:92:b5:
48:b3:96:df:e7:88:6a:d7:90:31:ad:8d:78:80:ea:
0a:fe:85:c5:ac:ed:7b:d4:1b:e6:b0:89:36:ae:4a:
22:d4:81:a8:27:12:74:b2:90:94:be:a3:97:c2:f7:
5f:d1:ee:78:4c:59:e2:b6:bd:38:55:3e:d9:42:b0:
74:cf:c0:92:e6:c0:4f:ed:f6:ba:53:1c:1c:d6:1a:
4a:e5:82:a8:10:0f:93:da:35:5f:23:cd:0b:64:08:
02:1d:23:28:86:32:1b:01:eb:66:00:0a:19:16:cd:
73:a9:d2:72:78:25:21:ba:c6:10:87:a1:14:74:62:
d5:cb:d4:f8:65:ce:bb:f7:d0:e8:d6:80:85:c3:43:
36:de:71:29:4c:d3:b9:71:5e:35:87:dc:31:22:b1:
aa:56:23:cb:63:9a:fb:7b:b5:fa:bb:0e:b6:ae:dc:
a6:25:f1:9a:ee:ef:2c:2a:ae:e2:d6:7e:43:28:10:
66:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:30:54:FE:2E:39:10:62:AF:47:EE:28:8F:2A:FE:92:9C:D5:D7:55
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YDBU_i45EGKvR-4ojyr-kpzV11U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
94:c1:a7:20:13:e3:8f:10:98:3b:60:98:c8:a3:c9:8d:a2:76:
86:8e:64:54:a1:1b:10:14:fc:ef:78:31:04:19:8a:90:f2:72:
d3:97:2b:12:9d:e4:2a:59:46:72:87:45:9e:fd:46:78:0e:78:
86:29:c9:ae:43:97:7e:1d:17:69:2d:7f:00:28:49:89:e1:0f:
42:e5:a8:e9:da:bc:f6:0c:fc:b4:81:ac:78:db:3d:f4:a4:a8:
68:3b:84:22:9e:83:8f:1a:f1:b0:b3:05:41:9b:91:e7:fc:6e:
b5:85:9b:1d:8a:ca:9d:a8:12:5f:b9:81:66:47:b0:c5:b7:5c:
9e:a5:2f:6a:c5:27:29:e3:07:a9:5e:e9:6a:c4:dd:1c:7c:3f:
85:c7:16:fc:8c:40:92:2e:d5:85:9a:37:c5:c8:6f:be:81:41:
f7:14:4f:a6:6b:92:a5:53:60:cf:1a:9d:f2:28:b0:fc:af:f3:
e3:d4:74:4d:bf:52:76:bc:ae:12:95:39:a8:18:6d:f4:5e:74:
b4:07:89:85:e7:51:64:70:5a:81:ac:f0:92:f1:f8:02:3b:e5:
0c:e7:69:9d:af:f6:15:61:4f:ea:c2:13:cb:13:b9:c5:c1:f6:
85:9d:d4:11:fb:9d:ca:b7:a3:7b:d2:94:c0:50:be:48:ff:17:
03:ce:8c:74
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6WHUdts8JgyMwQ79clwVEqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzMxMjAwNDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDMwNTRmZTJlMzkxMDYyYWY0N2VlMjg4ZjJhZmU5MjljZDVkNzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywRYhG3CjKx85tSPf5cGeSziHGCe
X1gzOHlGTTIBv/H0xQxaMtEqNvy8096OO5NoZd5Nc5CgE1wMh/XO7anjllGDeO/Z
gXKAkrVIs5bf54hq15AxrY14gOoK/oXFrO171BvmsIk2rkoi1IGoJxJ0spCUvqOX
wvdf0e54TFnitr04VT7ZQrB0z8CS5sBP7fa6Uxwc1hpK5YKoEA+T2jVfI80LZAgC
HSMohjIbAetmAAoZFs1zqdJyeCUhusYQh6EUdGLVy9T4Zc6799Do1oCFw0M23nEp
TNO5cV41h9wxIrGqViPLY5r7e7X6uw62rtymJfGa7u8sKq7i1n5DKBBmnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGAwVP4uORBir0fuKI8q/pKc1ddVMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWURCVV9pNDVFR0t2Ui00b2p5ci1rcHpWMTFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJTBpyAT448QmDtgmMij
yY2idoaOZFShGxAU/O94MQQZipDyctOXKxKd5CpZRnKHRZ79RngOeIYpya5Dl34d
F2ktfwAoSYnhD0LlqOnavPYM/LSBrHjbPfSkqGg7hCKeg48a8bCzBUGbkef8brWF
mx2Kyp2oEl+5gWZHsMW3XJ6lL2rFJynjB6le6WrE3Rx8P4XHFvyMQJIu1YWaN8XI
b76BQfcUT6ZrkqVTYM8anfIosPyv8+PUdE2/Una8rhKVOagYbfRedLQHiYXnUWRw
WoGs8JLx+AI75QznaZ2v9hVhT+rCE8sTucXB9oWd1BH7ncq3o3vSlMBQvkj/FwPO
jHQ=
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:57:50 2025 by rpki-client