Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YW-BxOgzCtriYOOuad48ckSpv74.roa
File: YW-BxOgzCtriYOOuad48ckSpv74.roa (raw, json)
Hash identifier: sVvw9YXVDHnIA+kdBtQ6og21yofPCxgZVYsrZJlfoK4=
Subject key identifier: 61:6F:81:C4:E8:33:0A:DA:E2:60:E3:AE:69:DE:3C:72:44:A9:BF:BE
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CCB2A069A8FA14E9FFF01B9B33FC904C0
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YW-BxOgzCtriYOOuad48ckSpv74.roa
Signing time: Tue 02 Jan 2024 17:12:58 +0000
ROA not before: Tue 02 Jan 2024 17:12:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cb:2a:06:9a:8f:a1:4e:9f:ff:01:b9:b3:3f:c9:04:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 2 17:12:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=616f81c4e8330adae260e3ae69de3c7244a9bfbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:47:f6:f5:80:1c:af:23:14:51:f2:f5:41:70:
23:4c:1f:5d:e8:65:db:08:b4:d6:06:2c:c6:41:41:
76:5d:5e:99:76:5f:e2:a0:b7:cf:16:bf:04:4f:94:
0a:f4:c5:27:42:90:f8:6f:d8:db:66:4b:e3:b5:81:
ae:ae:93:0f:ab:54:dc:00:34:92:00:dd:29:0f:d9:
e2:a4:03:7b:44:96:64:e5:e8:ec:3a:8f:03:21:d7:
d6:bd:20:71:e7:d0:7c:ee:67:7f:01:05:ab:0e:47:
e6:1c:49:b9:07:bd:08:3c:15:cb:0e:2f:d6:6c:ec:
f1:52:28:7f:f3:d3:20:2a:6d:d2:58:26:a3:f7:60:
ee:8f:49:a0:48:5a:a3:a1:25:92:74:fe:02:90:2a:
b3:31:0c:62:45:60:da:c0:66:51:f9:b4:aa:cb:f8:
c5:e2:1f:58:37:05:32:71:33:5c:2a:da:06:5b:61:
25:3a:b7:36:1c:ed:99:3e:05:18:ff:8f:27:15:32:
bc:02:74:8e:7c:af:1a:42:40:4f:1f:24:53:e4:bb:
84:49:c9:86:5e:3b:78:36:56:f8:41:4b:7e:e6:78:
76:49:94:a6:6d:dd:8d:c7:ad:e7:b6:86:b0:0e:bf:
c2:3f:ea:25:60:37:a8:24:f8:d0:90:87:01:b1:c6:
e5:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:6F:81:C4:E8:33:0A:DA:E2:60:E3:AE:69:DE:3C:72:44:A9:BF:BE
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YW-BxOgzCtriYOOuad48ckSpv74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
90:70:10:45:b2:71:56:0a:2b:6e:ce:13:9a:75:79:6d:1f:d0:
a4:1a:88:4b:db:80:3b:4f:92:f7:e9:71:10:ec:e0:2b:17:78:
6b:dc:93:1b:6a:cd:b7:35:db:e5:d4:a6:da:e3:a6:44:eb:f5:
37:d3:50:b4:d9:0e:b2:79:93:a9:0a:76:c6:24:50:e6:71:7c:
06:d9:ec:92:f0:f6:f1:cb:37:72:3c:61:4d:8d:e2:54:8a:47:
eb:0e:3a:2a:c6:09:c1:d7:ca:0a:2a:b2:a0:da:34:0e:01:83:
65:a1:d7:67:55:e2:a3:15:37:a4:c3:5d:74:d3:13:f1:59:34:
e8:1c:08:1d:8e:f5:47:16:a6:26:20:9d:b2:11:e9:29:f5:54:
6b:cf:89:e8:2e:87:ec:3b:5f:52:e8:f0:19:6c:80:b9:70:82:
63:15:f6:44:5f:92:c6:75:0e:03:36:a0:10:db:08:a3:8d:6e:
44:61:13:15:e0:3c:02:df:6e:6a:db:7b:be:17:a3:fa:59:b2:
e0:70:5c:dd:c2:a7:61:9b:19:56:68:02:a5:e5:d9:0c:a5:85:
f3:27:5f:50:84:88:c4:b2:04:fd:72:e5:8f:1b:7e:f7:0e:e8:
d6:c4:ad:c5:fe:93:4d:67:9c:f4:f7:83:4a:c3:89:0e:5f:73:
14:ac:52:57
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzLKgaaj6FOn/8BubM/yQTAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAyMTcxMjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTZmODFjNGU4MzMwYWRhZTI2MGUzYWU2OWRlM2M3MjQ0YTliZmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0f29YAcryMUUfL1QXAjTB9d6GXb
CLTWBizGQUF2XV6Zdl/ioLfPFr8ET5QK9MUnQpD4b9jbZkvjtYGurpMPq1TcADSS
AN0pD9nipAN7RJZk5ejsOo8DIdfWvSBx59B87md/AQWrDkfmHEm5B70IPBXLDi/W
bOzxUih/89MgKm3SWCaj92Duj0mgSFqjoSWSdP4CkCqzMQxiRWDawGZR+bSqy/jF
4h9YNwUycTNcKtoGW2ElOrc2HO2ZPgUY/48nFTK8AnSOfK8aQkBPHyRT5LuEScmG
Xjt4Nlb4QUt+5nh2SZSmbd2Nx63ntoawDr/CP+olYDeoJPjQkIcBscbl1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGFvgcToMwra4mDjrmnePHJEqb++MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWVctQnhPZ3pDdHJpWU9PdWFkNDhja1Nwdjc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJBwEEWycVYKK27OE5p1
eW0f0KQaiEvbgDtPkvfpcRDs4CsXeGvckxtqzbc12+XUptrjpkTr9TfTULTZDrJ5
k6kKdsYkUOZxfAbZ7JLw9vHLN3I8YU2N4lSKR+sOOirGCcHXygoqsqDaNA4Bg2Wh
12dV4qMVN6TDXXTTE/FZNOgcCB2O9UcWpiYgnbIR6Sn1VGvPieguh+w7X1Lo8Bls
gLlwgmMV9kRfksZ1DgM2oBDbCKONbkRhExXgPALfbmrbe74Xo/pZsuBwXN3Cp2Gb
GVZoAqXl2QylhfMnX1CEiMSyBP1y5Y8bfvcO6NbErcX+k01nnPT3g0rDiQ5fcxSs
Ulc=
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:04:13 2025 by rpki-client