Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Yo1bAhb0ut35GZ2lcYzVL-7-L7Y.roa
File: Yo1bAhb0ut35GZ2lcYzVL-7-L7Y.roa (raw, json)
Hash identifier: AFnRmIPChhqGdmNOfuGDGwR9I7IUSoPieUTp1MhnkmM=
Subject key identifier: 62:8D:5B:02:16:F4:BA:DD:F9:19:9D:A5:71:8C:D5:2F:EE:FE:2F:B6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D62042949B2E1F6DD5D1B4B263FB587B1
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Yo1bAhb0ut35GZ2lcYzVL-7-L7Y.roa
Signing time: Thu 01 Feb 2024 00:14:16 +0000
ROA not before: Thu 01 Feb 2024 00:14:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:62:04:29:49:b2:e1:f6:dd:5d:1b:4b:26:3f:b5:87:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 1 00:14:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=628d5b0216f4baddf9199da5718cd52feefe2fb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:da:40:9f:3b:2c:14:b1:73:b0:da:21:1e:9a:
db:2f:c7:5f:22:0f:fe:b4:46:2d:54:5f:9e:b9:a0:
54:63:18:b5:50:6f:48:5d:ba:2d:ec:92:52:9c:65:
64:57:ce:7b:52:5d:e0:3d:78:14:76:26:6a:c3:86:
db:20:e9:3d:98:bf:ce:6e:c6:76:b6:f6:51:81:87:
46:42:f8:d7:ee:13:20:11:02:c5:b5:63:13:07:6c:
fa:91:11:4f:7f:0a:13:42:68:ea:a0:c5:e3:3b:c1:
85:81:be:3d:2e:56:31:12:92:07:2a:ba:3c:7a:61:
8d:d3:f6:a6:ea:a1:45:f6:8e:a2:0f:4a:6c:2a:45:
a6:89:52:b1:96:e4:60:d4:b9:ba:59:bd:13:85:25:
3d:a3:e1:5d:09:5b:bd:84:3d:c1:72:08:fb:fe:12:
d8:27:9f:11:f6:04:61:ec:09:a0:98:76:be:ec:30:
eb:ee:e3:3d:e8:0e:05:14:46:2c:3d:e1:5b:62:e5:
19:19:d1:9d:94:45:5e:39:b3:89:63:ac:7e:a6:37:
87:44:0c:18:82:61:bd:0b:f1:21:2f:00:7e:f2:d6:
ce:9f:27:d9:8b:33:7b:0b:8b:6d:69:df:9d:ed:24:
8f:fd:04:b8:2a:d1:cd:b2:57:d4:79:c5:d6:7a:c2:
f7:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:8D:5B:02:16:F4:BA:DD:F9:19:9D:A5:71:8C:D5:2F:EE:FE:2F:B6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Yo1bAhb0ut35GZ2lcYzVL-7-L7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
97:49:5c:ea:ad:fa:da:2e:fb:07:44:c6:2b:63:5c:32:80:78:
03:fc:57:9f:36:0c:29:03:e9:2c:12:c5:23:41:bd:7a:b5:2e:
79:2c:8c:97:96:0d:0d:c4:5e:13:4a:b0:30:26:3d:cc:15:ce:
21:6a:5d:ad:c0:24:98:7d:15:30:35:01:d9:0a:28:62:34:a0:
bc:bd:fc:85:3a:c0:1f:34:2d:63:eb:74:f6:0d:2b:3b:26:aa:
ed:f0:4e:bb:ca:fa:6e:6d:82:ad:06:59:75:ea:ae:4d:4e:55:
f8:05:e3:7d:17:e8:a0:51:4f:5e:11:7a:9f:55:a0:cd:3b:18:
41:53:80:4b:95:04:47:55:0d:fe:f1:22:64:68:f6:61:7f:54:
c6:2f:2c:f1:62:f0:4f:98:4d:0c:78:ac:8f:c5:d3:1f:80:ca:
00:c5:e2:74:c0:da:70:ff:b9:d3:56:45:af:2d:42:49:0c:4f:
b1:6d:0b:97:b5:82:09:1e:bf:cd:ef:05:b2:b1:a6:9b:56:2f:
cd:97:77:69:2f:dc:30:d9:15:54:3e:d4:23:05:6d:96:5e:eb:
60:21:59:a4:ae:c3:0d:0f:be:90:48:08:d3:97:ee:63:42:89:
b6:ed:9d:9a:de:58:52:10:ad:8d:09:5f:15:d5:39:aa:68:5c:
90:2e:66:a3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1iBClJsuH23V0bSyY/tYexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjAxMDAxNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjhkNWIwMjE2ZjRiYWRkZjkxOTlkYTU3MThjZDUyZmVlZmUyZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtpAnzssFLFzsNohHprbL8dfIg/+
tEYtVF+euaBUYxi1UG9IXbot7JJSnGVkV857Ul3gPXgUdiZqw4bbIOk9mL/ObsZ2
tvZRgYdGQvjX7hMgEQLFtWMTB2z6kRFPfwoTQmjqoMXjO8GFgb49LlYxEpIHKro8
emGN0/am6qFF9o6iD0psKkWmiVKxluRg1Lm6Wb0ThSU9o+FdCVu9hD3Bcgj7/hLY
J58R9gRh7AmgmHa+7DDr7uM96A4FFEYsPeFbYuUZGdGdlEVeObOJY6x+pjeHRAwY
gmG9C/EhLwB+8tbOnyfZizN7C4ttad+d7SSP/QS4KtHNslfUecXWesL3XQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGKNWwIW9Lrd+RmdpXGM1S/u/i+2MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWW8xYkFoYjB1dDM1R1oybGNZelZMLTctTDdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJdJXOqt+tou+wdExitj
XDKAeAP8V582DCkD6SwSxSNBvXq1LnksjJeWDQ3EXhNKsDAmPcwVziFqXa3AJJh9
FTA1AdkKKGI0oLy9/IU6wB80LWPrdPYNKzsmqu3wTrvK+m5tgq0GWXXqrk1OVfgF
430X6KBRT14Rep9VoM07GEFTgEuVBEdVDf7xImRo9mF/VMYvLPFi8E+YTQx4rI/F
0x+AygDF4nTA2nD/udNWRa8tQkkMT7FtC5e1ggkev83vBbKxpptWL82Xd2kv3DDZ
FVQ+1CMFbZZe62AhWaSuww0PvpBICNOX7mNCibbtnZreWFIQrY0JXxXVOapoXJAu
ZqM=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:56:18 2025 by rpki-client