Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YN-o5-yYGNG7ABZGgA8p8VepUdQ.roa
File: YN-o5-yYGNG7ABZGgA8p8VepUdQ.roa (raw, json)
Hash identifier: MKhXiVrHgHJALwRwWfFPrbdy9PfySUUQZjYUbKAAwEA=
Subject key identifier: 60:DF:A8:E7:EC:98:18:D1:BB:00:16:46:80:0F:29:F1:57:A9:51:D4
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D9DE56EACFAE431531CDC8AAED5A815CE
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YN-o5-yYGNG7ABZGgA8p8VepUdQ.roa
Signing time: Mon 12 Feb 2024 15:17:55 +0000
ROA not before: Mon 12 Feb 2024 15:17:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9d:e5:6e:ac:fa:e4:31:53:1c:dc:8a:ae:d5:a8:15:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 12 15:17:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60dfa8e7ec9818d1bb001646800f29f157a951d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9d:c1:58:a5:2a:c2:91:4e:ae:a9:01:e4:6b:
53:44:b9:55:5a:30:1e:77:ee:84:d9:2e:36:8c:fd:
f1:f2:e3:a6:24:e8:1e:4c:57:50:58:d3:60:2b:77:
28:b7:08:3d:6c:78:10:30:dd:87:a5:26:83:85:b4:
26:c0:17:f9:74:71:31:bd:d9:79:4f:80:d2:16:88:
df:28:76:0b:26:b4:f7:15:40:9d:15:1e:dc:0f:6b:
28:bd:c3:80:d1:73:e9:11:5e:04:e7:97:81:dc:d2:
8c:20:33:60:48:26:14:45:fe:62:43:1f:eb:ab:4e:
94:be:f3:08:f6:06:81:fd:60:37:0b:fc:2c:9f:35:
7f:86:6d:be:da:9d:0c:6f:b1:4b:df:8e:29:0c:a9:
89:25:5f:43:72:72:f6:ad:d6:5c:d9:ce:9e:a0:0b:
c4:c0:d8:87:11:de:42:f4:7e:91:db:3e:ae:e5:31:
8e:c4:af:fb:7a:70:06:5f:d6:5a:72:88:8b:10:91:
9f:46:25:6c:40:3b:6e:0c:97:2f:36:37:27:ca:8c:
b3:4e:e7:04:38:e8:e6:eb:4f:2f:ed:0f:18:f5:c9:
d7:21:c8:9e:79:82:03:9a:58:a1:f4:ae:fd:e2:96:
d1:03:49:0d:01:33:ee:a9:36:7e:79:e9:7c:ce:a2:
8c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:DF:A8:E7:EC:98:18:D1:BB:00:16:46:80:0F:29:F1:57:A9:51:D4
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YN-o5-yYGNG7ABZGgA8p8VepUdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
36:1e:59:7b:1b:af:da:dd:7f:16:46:dc:89:ce:33:d5:81:86:
e0:dd:e0:29:21:84:e8:0b:23:c4:38:fb:8c:5c:ca:be:39:b0:
bf:f5:f4:dd:55:8e:9c:48:06:7b:4a:b6:21:5b:0d:03:ca:52:
eb:d3:a6:fa:0c:8e:69:2d:22:3e:59:b7:8d:46:12:40:06:a0:
0a:d9:eb:65:bb:6f:03:75:65:4d:14:0a:ca:d0:cf:48:9d:63:
e9:5c:0e:6f:5f:b9:f5:89:05:b7:8f:ae:c7:0b:fb:14:4c:a0:
6e:68:f1:5e:da:e1:c8:4b:d5:b1:b9:83:fc:c6:eb:7d:d9:98:
e7:2b:f8:bb:39:2f:75:21:d5:d5:ee:c1:71:25:50:63:08:be:
42:b6:f3:a2:30:60:49:9b:cd:51:95:3c:cb:61:77:07:da:56:
5f:e5:76:6f:f8:35:31:8e:dd:0e:06:60:33:22:9b:d0:2f:37:
d8:33:3b:d5:bc:bb:f5:87:82:77:bb:36:fd:aa:2b:e2:e2:ff:
d8:b9:ed:87:2f:d2:ea:6c:90:ed:8b:57:95:1e:23:9b:1c:58:
45:ee:35:04:24:f5:d7:b6:42:79:3a:92:09:3f:dd:43:4e:46:
06:82:51:9c:8e:42:2b:10:b5:1f:1d:27:c1:20:d2:b5:c1:e2:
12:9d:4d:39
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2d5W6s+uQxUxzciq7VqBXOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjEyMTUxNzU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGRmYThlN2VjOTgxOGQxYmIwMDE2NDY4MDBmMjlmMTU3YTk1MWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Z3BWKUqwpFOrqkB5GtTRLlVWjAe
d+6E2S42jP3x8uOmJOgeTFdQWNNgK3cotwg9bHgQMN2HpSaDhbQmwBf5dHExvdl5
T4DSFojfKHYLJrT3FUCdFR7cD2sovcOA0XPpEV4E55eB3NKMIDNgSCYURf5iQx/r
q06UvvMI9gaB/WA3C/wsnzV/hm2+2p0Mb7FL344pDKmJJV9DcnL2rdZc2c6eoAvE
wNiHEd5C9H6R2z6u5TGOxK/7enAGX9ZacoiLEJGfRiVsQDtuDJcvNjcnyoyzTucE
OOjm608v7Q8Y9cnXIcieeYIDmlih9K794pbRA0kNATPuqTZ+eel8zqKMSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGDfqOfsmBjRuwAWRoAPKfFXqVHUMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWU4tbzUteVlHTkc3QUJaR2dBOHA4VmVwVWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADYeWXsbr9rdfxZG3InO
M9WBhuDd4CkhhOgLI8Q4+4xcyr45sL/19N1VjpxIBntKtiFbDQPKUuvTpvoMjmkt
Ij5Zt41GEkAGoArZ62W7bwN1ZU0UCsrQz0idY+lcDm9fufWJBbePrscL+xRMoG5o
8V7a4chL1bG5g/zG633ZmOcr+Ls5L3Uh1dXuwXElUGMIvkK286IwYEmbzVGVPMth
dwfaVl/ldm/4NTGO3Q4GYDMim9AvN9gzO9W8u/WHgne7Nv2qK+Li/9i57Ycv0ups
kO2LV5UeI5scWEXuNQQk9de2Qnk6kgk/3UNORgaCUZyOQisQtR8dJ8Eg0rXB4hKd
TTk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:51 2024 by rpki-client on console-ams.rpki-client.org