Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Ym31chk29Uki-b6_EcE0iCLcbBE.roa
File: Ym31chk29Uki-b6_EcE0iCLcbBE.roa (raw, json)
Hash identifier: zYpoP/WH0Zao4+hVcU0E5RtgojiZK6eDwAryo0i7uhg=
Subject key identifier: 62:6D:F5:72:19:36:F5:49:22:F9:BE:BF:11:C1:34:88:22:DC:6C:11
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CD65426C21109E531AF96F7C17F638B53
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Ym31chk29Uki-b6_EcE0iCLcbBE.roa
Signing time: Thu 04 Jan 2024 21:14:48 +0000
ROA not before: Thu 04 Jan 2024 21:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d6:54:26:c2:11:09:e5:31:af:96:f7:c1:7f:63:8b:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 4 21:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=626df5721936f54922f9bebf11c1348822dc6c11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ff:22:d9:69:d5:61:c3:83:d3:7c:83:b8:9c:
3e:54:f2:ed:52:d7:f5:05:14:68:c4:66:5c:d9:c6:
86:28:b3:c9:1a:81:d1:69:e1:1a:01:e1:b6:2c:8c:
d5:50:00:e6:79:04:c4:94:4d:08:1a:e1:26:b5:b9:
ed:eb:4f:12:1f:28:06:c9:14:b0:76:6a:b3:11:68:
7a:38:79:7b:d7:0f:bc:42:e7:cc:a8:d1:5f:81:b1:
ee:de:c9:4f:a4:c9:cd:69:04:5b:2f:7e:24:34:c5:
f1:1b:9d:b9:af:6a:25:c2:ac:36:37:5f:79:1f:0a:
7b:50:68:54:04:d0:03:18:ed:b9:13:2c:b8:73:da:
43:d0:12:3d:c1:ff:14:8d:93:6c:f1:e7:b1:bb:e7:
d6:60:14:14:e9:38:d8:b5:18:08:1b:eb:2c:b2:8e:
ad:4d:38:5a:e9:cc:2c:58:c8:11:36:29:47:11:6f:
a8:e5:3d:93:f4:b1:0b:97:a2:e0:26:f0:fa:c3:e2:
15:bc:35:a4:4a:2e:52:49:53:69:6e:41:8f:5e:18:
5e:4c:46:de:53:5d:ac:b8:e5:8b:68:57:6f:4e:5f:
a2:41:bf:dd:9b:49:9c:46:be:f9:9d:b0:dd:d3:e1:
96:b1:f2:54:b4:35:a3:16:0d:e4:d3:28:89:22:59:
65:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:6D:F5:72:19:36:F5:49:22:F9:BE:BF:11:C1:34:88:22:DC:6C:11
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Ym31chk29Uki-b6_EcE0iCLcbBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
85:65:b2:55:7d:aa:c4:8f:69:db:e0:fa:2d:c5:ae:b4:ae:4e:
f8:da:ad:7b:5d:ae:2a:bb:e0:f5:d5:4c:af:e5:96:b2:e3:72:
f9:cf:ab:71:cb:ac:f7:16:63:a0:c4:59:cd:30:65:79:6d:a2:
72:c8:31:79:80:eb:bd:e7:b4:a1:e3:61:b8:26:6e:b9:a5:32:
28:c2:8a:7e:3e:bd:5e:bf:f3:80:1a:85:e9:98:5b:dd:65:12:
6b:03:40:6a:81:aa:fc:d1:2f:73:14:d1:78:72:f1:1a:a4:c4:
19:3c:55:f8:ba:f2:c1:54:b5:ed:15:90:0b:a6:ea:a7:32:97:
5c:b6:d2:ed:28:ee:30:b6:48:73:2f:b0:09:b7:66:13:1a:d4:
b6:dc:ca:75:87:c9:4f:a2:fe:ce:bb:6c:11:ee:85:f3:78:b8:
ce:f4:61:e3:d8:01:fe:bc:13:b2:0d:be:98:f3:03:d5:3f:11:
bc:cd:05:03:9f:e7:f6:98:23:5a:65:61:3d:62:e7:af:21:83:
02:00:c4:72:74:8e:fd:9c:4d:22:51:a3:3e:ef:a2:ae:b8:0f:
33:41:fa:1b:15:e4:86:78:f1:57:ad:e7:f4:41:f6:ef:20:82:
77:11:8e:15:1d:a0:b7:92:98:0a:5e:ad:ed:79:60:5f:ad:cf:
a8:63:f7:e8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzWVCbCEQnlMa+W98F/Y4tTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA0MjExNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjZkZjU3MjE5MzZmNTQ5MjJmOWJlYmYxMWMxMzQ4ODIyZGM2YzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjv8i2WnVYcOD03yDuJw+VPLtUtf1
BRRoxGZc2caGKLPJGoHRaeEaAeG2LIzVUADmeQTElE0IGuEmtbnt608SHygGyRSw
dmqzEWh6OHl71w+8QufMqNFfgbHu3slPpMnNaQRbL34kNMXxG525r2olwqw2N195
Hwp7UGhUBNADGO25Eyy4c9pD0BI9wf8UjZNs8eexu+fWYBQU6TjYtRgIG+ssso6t
TTha6cwsWMgRNilHEW+o5T2T9LELl6LgJvD6w+IVvDWkSi5SSVNpbkGPXhheTEbe
U12suOWLaFdvTl+iQb/dm0mcRr75nbDd0+GWsfJUtDWjFg3k0yiJIllloQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGJt9XIZNvVJIvm+vxHBNIgi3GwRMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWW0zMWNoazI5VWtpLWI2X0VjRTBpQ0xjYkJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIVlslV9qsSPadvg+i3F
rrSuTvjarXtdriq74PXVTK/llrLjcvnPq3HLrPcWY6DEWc0wZXltonLIMXmA673n
tKHjYbgmbrmlMijCin4+vV6/84AahemYW91lEmsDQGqBqvzRL3MU0Xhy8RqkxBk8
Vfi68sFUte0VkAum6qcyl1y20u0o7jC2SHMvsAm3ZhMa1LbcynWHyU+i/s67bBHu
hfN4uM70YePYAf68E7INvpjzA9U/EbzNBQOf5/aYI1plYT1i568hgwIAxHJ0jv2c
TSJRoz7voq64DzNB+hsV5IZ48Vet5/RB9u8ggncRjhUdoLeSmApere15YF+tz6hj
9+g=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:43:56 2025 by rpki-client