Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YaH3ZMfeE_m0GVVPvnVep0xDIo8.roa
File: YaH3ZMfeE_m0GVVPvnVep0xDIo8.roa (raw, json)
Hash identifier: dF/mcduesk9xnxHUDBeOEK6Z1sL7vXsN6mC5iSxiwJk=
Subject key identifier: 61:A1:F7:64:C7:DE:13:F9:B4:19:55:4F:BE:75:5E:A7:4C:43:22:8F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D9BBDACCD7A1348796FED79FE38A01427
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YaH3ZMfeE_m0GVVPvnVep0xDIo8.roa
Signing time: Mon 12 Feb 2024 05:15:15 +0000
ROA not before: Mon 12 Feb 2024 05:15:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9b:bd:ac:cd:7a:13:48:79:6f:ed:79:fe:38:a0:14:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 12 05:15:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=61a1f764c7de13f9b419554fbe755ea74c43228f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6f:74:e2:be:31:e9:5a:4f:55:9f:7c:78:35:
72:b6:0d:52:9e:b4:df:b4:5b:aa:bb:e1:1c:50:1b:
57:40:43:bf:b0:8f:86:67:a8:3e:8f:6d:a1:0b:c0:
c3:88:27:01:cf:ac:00:bb:5f:30:bc:41:62:ea:7e:
e2:e9:bc:00:c4:d8:ea:e1:34:8f:a2:93:80:a5:c9:
11:1b:6b:64:a1:c9:1d:d8:35:27:0f:e2:50:9b:a4:
12:fb:54:9b:45:c2:3a:eb:69:b8:da:54:b0:f2:e9:
84:0e:9f:b1:81:77:da:c0:c4:13:3d:ed:95:ff:50:
22:1f:fa:69:72:91:92:cc:f1:99:a1:f0:e9:92:c6:
ba:d3:b3:8c:70:02:7e:db:4b:c0:85:d3:d0:a5:90:
86:fc:48:7b:26:17:5a:7a:ad:49:99:1d:00:8c:e2:
a2:72:7f:3c:b4:18:0b:0d:e7:45:dd:2f:3f:15:2a:
6c:b4:64:b1:32:ce:31:7e:cf:b7:d5:9f:0f:50:5e:
d8:81:4f:5f:74:7b:4c:13:b8:05:70:67:72:8e:2b:
16:d4:74:d6:2d:c3:78:4a:0e:34:c3:2e:dd:a5:2b:
1f:2f:6b:00:a3:cc:e8:9a:6b:76:04:45:1f:d3:ed:
2f:3e:25:d2:0b:d2:8d:38:51:2e:65:8a:4a:34:65:
7e:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:A1:F7:64:C7:DE:13:F9:B4:19:55:4F:BE:75:5E:A7:4C:43:22:8F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YaH3ZMfeE_m0GVVPvnVep0xDIo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a5:f0:bc:81:b6:7b:27:72:2a:0f:dd:91:1a:17:96:fb:81:75:
11:bf:4d:81:59:b6:02:3f:de:69:37:5a:8e:a9:1d:62:58:27:
ea:a0:82:55:95:87:63:39:4b:93:ad:30:cc:93:50:1b:9d:10:
51:b3:ee:f0:2f:ca:06:82:f5:5c:ed:98:64:2f:1d:00:61:25:
90:6b:a3:f8:19:b9:41:e5:9a:2a:ff:27:5a:05:88:42:25:6a:
d0:8c:5a:38:42:48:c4:91:61:d1:0d:91:1e:17:ca:31:e6:bf:
38:8d:2c:f7:08:7a:16:dc:a1:03:59:18:28:02:61:10:e9:f4:
f8:f8:04:93:c3:e2:58:c7:1d:94:07:40:c5:96:7d:42:b5:93:
76:f0:74:3a:3e:3a:3f:39:c9:27:c8:b2:fc:ac:70:f7:bf:2a:
65:49:7f:0c:6b:77:f1:fc:bd:e9:b6:b3:04:91:7a:11:85:ed:
d7:7f:52:40:18:6f:4e:db:04:39:aa:30:c2:15:f8:c0:87:8b:
59:c5:34:4e:bd:f3:76:4f:5c:fa:74:82:d3:a4:d2:b8:49:1f:
3d:f6:5a:ec:2c:b8:dd:56:e6:9c:4a:4c:42:6a:7c:8b:29:63:
3c:47:de:83:dd:48:0f:29:e6:f6:d7:ee:9f:7d:a8:3c:05:a9:
7f:6d:7d:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2bvazNehNIeW/tef44oBQnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjEyMDUxNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWExZjc2NGM3ZGUxM2Y5YjQxOTU1NGZiZTc1NWVhNzRjNDMyMjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtG904r4x6VpPVZ98eDVytg1SnrTf
tFuqu+EcUBtXQEO/sI+GZ6g+j22hC8DDiCcBz6wAu18wvEFi6n7i6bwAxNjq4TSP
opOApckRG2tkockd2DUnD+JQm6QS+1SbRcI662m42lSw8umEDp+xgXfawMQTPe2V
/1AiH/ppcpGSzPGZofDpksa607OMcAJ+20vAhdPQpZCG/Eh7Jhdaeq1JmR0AjOKi
cn88tBgLDedF3S8/FSpstGSxMs4xfs+31Z8PUF7YgU9fdHtME7gFcGdyjisW1HTW
LcN4Sg40wy7dpSsfL2sAo8zommt2BEUf0+0vPiXSC9KNOFEuZYpKNGV+dwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGGh92TH3hP5tBlVT751XqdMQyKPMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWWFIM1pNZmVFX20wR1ZWUHZuVmVwMHhESW84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKXwvIG2eydyKg/dkRoX
lvuBdRG/TYFZtgI/3mk3Wo6pHWJYJ+qgglWVh2M5S5OtMMyTUBudEFGz7vAvygaC
9VztmGQvHQBhJZBro/gZuUHlmir/J1oFiEIlatCMWjhCSMSRYdENkR4XyjHmvziN
LPcIehbcoQNZGCgCYRDp9Pj4BJPD4ljHHZQHQMWWfUK1k3bwdDo+Oj85ySfIsvys
cPe/KmVJfwxrd/H8vem2swSRehGF7dd/UkAYb07bBDmqMMIV+MCHi1nFNE6983ZP
XPp0gtOk0rhJHz32WuwsuN1W5pxKTEJqfIspYzxH3oPdSA8p5vbX7p99qDwFqX9t
faE=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:21:22 2025 by rpki-client