Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YZqmQewVxUa6xEdTYnE4GQA1O-A.roa
File: YZqmQewVxUa6xEdTYnE4GQA1O-A.roa (raw, json)
Hash identifier: XF4Ben51CYEDPpYJqxHlRtgzA3CGnwidQa714nZxHt8=
Subject key identifier: 61:9A:A6:41:EC:15:C5:46:BA:C4:47:53:62:71:38:19:00:35:3B:E0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E287EEAEAF697DD4122D92865E2FC0C23
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YZqmQewVxUa6xEdTYnE4GQA1O-A.roa
Signing time: Sun 10 Mar 2024 13:13:10 +0000
ROA not before: Sun 10 Mar 2024 13:13:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:28:7e:ea:ea:f6:97:dd:41:22:d9:28:65:e2:fc:0c:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 10 13:13:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=619aa641ec15c546bac447536271381900353be0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:0d:81:d6:49:02:57:43:ca:5b:e0:f6:a9:c5:
47:28:eb:7b:05:b9:3f:a4:b4:85:15:c7:96:6b:39:
5e:fd:4d:0c:fb:7f:e8:ee:3d:db:41:29:98:67:69:
99:42:48:8e:eb:0a:28:77:b8:44:b9:50:bf:3c:c6:
9c:d9:f6:0b:27:a0:de:39:d6:b1:85:3b:aa:07:0c:
db:97:02:b3:81:06:fa:ad:c9:7b:84:52:99:17:6c:
17:a5:eb:f7:19:b3:fa:1a:ce:3e:c7:93:aa:e9:22:
80:a4:24:7f:8e:27:b4:69:d2:74:88:b1:05:97:a0:
78:53:4c:5f:8e:03:c5:55:54:85:77:f1:07:82:bb:
95:1f:d0:3e:d1:44:29:e4:7e:db:dc:e1:00:e4:97:
1c:ee:af:83:08:b7:6c:ee:46:7a:d9:0f:ce:d0:72:
7f:80:8a:41:b2:c0:69:72:64:3c:53:c4:d1:02:76:
23:47:3d:3b:e0:ea:05:dc:87:a8:ea:ec:6c:6c:5b:
5f:35:ee:a3:e5:29:1f:ce:76:f0:5b:d0:39:7f:53:
bb:e6:c9:66:61:98:46:48:ae:3d:bd:ce:2e:c6:38:
7e:36:05:b6:87:62:35:dc:36:c9:48:ec:98:50:9e:
cf:97:b7:c0:48:01:73:3a:f5:37:e1:3d:05:1b:7b:
70:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:9A:A6:41:EC:15:C5:46:BA:C4:47:53:62:71:38:19:00:35:3B:E0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YZqmQewVxUa6xEdTYnE4GQA1O-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:72:03:7c:15:a3:e0:44:6d:ff:f2:9e:3e:8c:54:20:cf:fe:
65:dd:2c:55:d1:ad:a9:6e:ef:8a:52:81:2f:0e:a7:f6:8d:2a:
11:fc:16:29:37:8d:1b:1c:1d:03:69:16:21:30:d2:85:6c:11:
1f:df:f9:fa:e0:b5:46:7f:cd:be:1d:c8:c1:6b:ed:b7:2a:63:
bc:3b:6f:df:92:55:c8:37:0c:80:c2:27:4b:09:dc:7c:e5:d0:
11:a8:97:68:62:64:69:03:76:64:bc:fb:b1:20:8d:23:06:4c:
64:e8:12:13:f9:c4:51:74:c0:16:53:b2:be:14:3a:06:9b:40:
dc:48:a9:86:b6:b2:97:9d:be:04:db:f4:d9:fa:ae:45:30:3a:
df:ac:62:17:3f:79:45:bc:84:dc:8c:03:b2:9b:cd:b5:56:4e:
af:77:3b:1e:cc:30:b7:83:21:93:ca:50:57:d5:e7:32:4a:1f:
a9:d9:e1:b2:88:85:39:bd:6d:eb:68:2e:13:90:f6:68:01:49:
e0:d5:64:9a:98:33:d6:b2:d7:28:75:68:55:04:5c:e5:fa:f6:
8c:6e:eb:cd:b0:dc:11:c5:5b:0a:4c:5e:84:08:23:74:f4:49:
ad:35:54:92:9c:43:2d:d0:95:2d:65:43:9b:e8:23:23:f7:0a:
ee:68:9c:b3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4ofurq9pfdQSLZKGXi/AwjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEwMTMxMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTlhYTY0MWVjMTVjNTQ2YmFjNDQ3NTM2MjcxMzgxOTAwMzUzYmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmg2B1kkCV0PKW+D2qcVHKOt7Bbk/
pLSFFceWazle/U0M+3/o7j3bQSmYZ2mZQkiO6wood7hEuVC/PMac2fYLJ6DeOdax
hTuqBwzblwKzgQb6rcl7hFKZF2wXpev3GbP6Gs4+x5Oq6SKApCR/jie0adJ0iLEF
l6B4U0xfjgPFVVSFd/EHgruVH9A+0UQp5H7b3OEA5Jcc7q+DCLds7kZ62Q/O0HJ/
gIpBssBpcmQ8U8TRAnYjRz074OoF3Ieo6uxsbFtfNe6j5SkfznbwW9A5f1O75slm
YZhGSK49vc4uxjh+NgW2h2I13DbJSOyYUJ7Pl7fASAFzOvU34T0FG3tw6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGGapkHsFcVGusRHU2JxOBkANTvgMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWVpxbVFld1Z4VWE2eEVkVFluRTRHUUExTy1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABxyA3wVo+BEbf/ynj6M
VCDP/mXdLFXRralu74pSgS8Op/aNKhH8Fik3jRscHQNpFiEw0oVsER/f+frgtUZ/
zb4dyMFr7bcqY7w7b9+SVcg3DIDCJ0sJ3Hzl0BGol2hiZGkDdmS8+7EgjSMGTGTo
EhP5xFF0wBZTsr4UOgabQNxIqYa2spedvgTb9Nn6rkUwOt+sYhc/eUW8hNyMA7Kb
zbVWTq93Ox7MMLeDIZPKUFfV5zJKH6nZ4bKIhTm9betoLhOQ9mgBSeDVZJqYM9ay
1yh1aFUEXOX69oxu682w3BHFWwpMXoQII3T0Sa01VJKcQy3QlS1lQ5voIyP3Cu5o
nLM=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:00 2025 by rpki-client