Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Yg-B0YSYCM3UaJYhhLuEwZfXCEM.roa
File: Yg-B0YSYCM3UaJYhhLuEwZfXCEM.roa (raw, json)
Hash identifier: 3ip+O07+lf8OieRmLfDh9yNiaTL7RJi4JIc3QxsIlFo=
Subject key identifier: 62:0F:81:D1:84:98:08:CD:D4:68:96:21:84:BB:84:C1:97:D7:08:43
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D7E571FE464AA33A2565B4E794FFCBE9E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Yg-B0YSYCM3UaJYhhLuEwZfXCEM.roa
Signing time: Tue 06 Feb 2024 12:14:15 +0000
ROA not before: Tue 06 Feb 2024 12:14:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7e:57:1f:e4:64:aa:33:a2:56:5b:4e:79:4f:fc:be:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 6 12:14:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=620f81d1849808cdd468962184bb84c197d70843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:60:d8:7a:99:0e:d9:45:b8:2e:a2:10:4b:d4:
71:97:7d:13:58:a5:c3:a5:61:56:69:82:47:b6:7a:
d2:b6:a1:a9:82:88:b6:31:a5:a3:a9:4a:0f:32:13:
4f:c9:6d:c4:01:fb:67:d7:d1:38:04:29:85:d3:11:
a2:9d:7f:8f:c8:49:2f:91:3e:2d:ad:4d:08:bb:25:
7a:b6:bf:49:56:84:de:c3:df:40:23:65:f2:ab:1c:
c7:59:99:5b:db:12:d4:da:86:82:ab:98:78:3f:37:
f9:2e:db:cc:bd:84:6f:ca:c3:fb:da:c4:eb:b4:ba:
f7:3e:97:c6:f9:eb:29:2b:aa:1f:e9:47:d4:31:04:
ab:ee:fc:03:7a:94:cf:c4:76:14:3d:61:5a:38:da:
fc:ac:04:54:77:12:2a:f8:18:89:54:fe:6a:59:d0:
34:bf:e2:e4:1f:43:fc:b3:9b:b5:04:e1:ae:9f:a1:
80:5a:dd:a7:b5:4a:ac:54:57:ca:a8:c9:10:f3:b2:
91:2c:79:6c:b4:24:b7:a4:7d:98:6c:80:df:ef:e5:
49:c9:4d:d9:a1:3c:a1:41:fa:b7:54:99:f0:7a:90:
a4:bb:84:f3:81:39:48:b8:7a:e7:f9:eb:42:a1:95:
c9:bf:dd:09:4f:e5:46:1c:51:b7:1b:3d:10:f9:e6:
15:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:0F:81:D1:84:98:08:CD:D4:68:96:21:84:BB:84:C1:97:D7:08:43
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Yg-B0YSYCM3UaJYhhLuEwZfXCEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
78:fc:f2:00:3d:df:7a:d0:cf:da:6f:dd:af:dd:01:f9:c3:19:
66:42:de:e8:8f:e3:d7:f4:65:fa:8b:82:8f:28:46:59:72:9f:
40:78:5e:81:6b:9e:bc:3c:e4:15:4a:ff:a1:fc:21:de:23:72:
6d:1d:8b:a1:a9:88:55:80:1a:f3:30:2e:9d:1d:1b:a3:7d:9d:
6c:de:9d:4a:38:03:fb:c5:dc:d2:c8:d5:9e:b5:68:19:42:54:
2d:5d:7e:bc:f6:5d:9f:69:a5:81:21:6f:85:1c:ec:77:b8:ff:
d6:27:31:d1:83:76:bf:14:f7:5e:26:45:9d:23:53:89:54:91:
da:61:f9:a5:40:0e:3e:cb:86:89:4c:3f:c9:67:c7:04:13:0a:
0a:79:70:ee:32:40:4a:ee:02:15:cb:2b:d0:0c:0f:31:c1:35:
47:3b:e0:33:ff:87:04:d1:33:24:e5:57:ad:91:8e:d6:9c:c7:
fa:85:96:10:43:e0:30:b3:f3:04:1a:63:7f:47:10:28:f1:48:
71:82:b6:99:41:74:07:91:84:76:e2:3d:16:11:9e:67:29:7e:
72:71:8f:d6:e1:e7:aa:a3:a3:5a:c7:c2:97:5a:6b:10:aa:2c:
47:02:e9:12:78:ba:66:b2:9f:2d:54:90:68:51:1c:10:42:66:
45:3d:24:e6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1+Vx/kZKozolZbTnlP/L6eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA2MTIxNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjBmODFkMTg0OTgwOGNkZDQ2ODk2MjE4NGJiODRjMTk3ZDcwODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWDYepkO2UW4LqIQS9Rxl30TWKXD
pWFWaYJHtnrStqGpgoi2MaWjqUoPMhNPyW3EAftn19E4BCmF0xGinX+PyEkvkT4t
rU0IuyV6tr9JVoTew99AI2XyqxzHWZlb2xLU2oaCq5h4Pzf5LtvMvYRvysP72sTr
tLr3PpfG+espK6of6UfUMQSr7vwDepTPxHYUPWFaONr8rARUdxIq+BiJVP5qWdA0
v+LkH0P8s5u1BOGun6GAWt2ntUqsVFfKqMkQ87KRLHlstCS3pH2YbIDf7+VJyU3Z
oTyhQfq3VJnwepCku4TzgTlIuHrn+etCoZXJv90JT+VGHFG3Gz0Q+eYVFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGIPgdGEmAjN1GiWIYS7hMGX1whDMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWWctQjBZU1lDTTNVYUpZaGhMdUV3WmZYQ0VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHj88gA933rQz9pv3a/d
AfnDGWZC3uiP49f0ZfqLgo8oRllyn0B4XoFrnrw85BVK/6H8Id4jcm0di6GpiFWA
GvMwLp0dG6N9nWzenUo4A/vF3NLI1Z61aBlCVC1dfrz2XZ9ppYEhb4Uc7He4/9Yn
MdGDdr8U914mRZ0jU4lUkdph+aVADj7LholMP8lnxwQTCgp5cO4yQEruAhXLK9AM
DzHBNUc74DP/hwTRMyTlV62Rjtacx/qFlhBD4DCz8wQaY39HECjxSHGCtplBdAeR
hHbiPRYRnmcpfnJxj9bh56qjo1rHwpdaaxCqLEcC6RJ4umayny1UkGhRHBBCZkU9
JOY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:48 2025 by rpki-client