Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YxMg_VJzPBAWtO0nxskeAE9mTDY.roa
File: YxMg_VJzPBAWtO0nxskeAE9mTDY.roa (raw, json)
Hash identifier: zW39PRLM5179T4xSRCuk35joeVfgB6Fx2SB5iJiyDaU=
Subject key identifier: 63:13:20:FD:52:73:3C:10:16:B4:ED:27:C6:C9:1E:00:4F:66:4C:36
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DD42A735EC4082054E3001ED53AA1DD3F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YxMg_VJzPBAWtO0nxskeAE9mTDY.roa
Signing time: Fri 23 Feb 2024 04:12:48 +0000
ROA not before: Fri 23 Feb 2024 04:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d4:2a:73:5e:c4:08:20:54:e3:00:1e:d5:3a:a1:dd:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 23 04:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=631320fd52733c1016b4ed27c6c91e004f664c36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:0c:af:cc:ea:4b:3a:92:58:b7:86:a7:65:fe:
39:69:9d:c9:9d:56:98:52:39:43:15:77:2a:c5:bc:
10:22:9c:5d:05:0f:45:5d:42:de:c3:2e:2b:6e:cb:
b9:49:df:dc:bd:fb:7f:8a:e0:41:57:a7:e5:69:c2:
9f:55:94:9e:ec:0e:d3:c3:a1:ff:ee:1e:de:85:18:
d2:c3:2a:ab:3d:9b:28:13:95:f0:b1:19:56:d6:89:
fc:91:00:62:6f:11:18:46:92:38:58:54:a5:48:36:
64:9b:3f:27:0e:f4:f3:2b:94:b7:bd:08:c9:ad:22:
fb:ea:35:ec:56:f2:b0:7f:7b:62:7a:3b:ff:24:3a:
ac:04:5b:d0:ab:40:8a:17:e0:11:3b:65:9a:fa:1f:
b6:93:b3:6c:5a:cb:ad:4d:29:fa:ee:00:af:62:34:
a2:54:68:c9:75:21:08:dc:96:ba:5f:f5:0f:81:e7:
a2:4e:72:0e:70:32:61:92:82:ac:3f:9a:68:38:e8:
16:c3:ee:9a:0b:7a:a0:20:9c:f8:03:76:e8:9d:81:
f4:88:50:b6:b0:f1:2b:13:1e:99:4b:49:f2:4b:79:
27:21:e5:34:91:68:0e:88:d6:df:85:02:50:68:75:
ea:72:48:87:b7:f1:d6:9e:f6:c1:4e:c5:51:c1:ec:
27:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:13:20:FD:52:73:3C:10:16:B4:ED:27:C6:C9:1E:00:4F:66:4C:36
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/YxMg_VJzPBAWtO0nxskeAE9mTDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
20:20:96:3f:3a:16:b6:da:44:24:ae:a2:60:62:53:7a:cb:92:
78:27:16:af:8f:b5:7c:37:75:c8:e2:8a:59:6d:a2:f3:f2:6e:
c6:f6:9b:7e:ae:60:88:61:13:e4:75:35:48:1a:32:93:aa:35:
62:e1:25:d8:d7:1a:24:b7:6a:9b:44:16:31:12:da:8b:39:07:
80:ec:ab:0c:47:6d:e1:dc:b8:57:51:00:9c:c6:6a:60:a2:ba:
d6:25:41:4e:22:9d:a3:0c:1f:52:27:ce:71:9d:88:7d:c7:7a:
2b:d2:03:b1:4c:00:f6:43:5c:0c:c5:5e:a1:80:e3:64:3f:15:
6c:dd:5d:d9:eb:4c:05:e9:47:7c:70:25:74:f5:eb:3a:33:91:
50:97:0c:03:c9:a1:40:74:73:7f:73:e9:5d:08:8c:62:ac:82:
75:4a:54:45:dd:65:b1:73:f6:6f:86:1a:36:bd:cc:80:cb:00:
bc:32:5a:53:45:1e:00:8e:a8:47:aa:8f:40:11:e2:f2:34:54:
62:ee:37:88:f3:40:e0:63:2a:3b:93:49:ac:38:d7:ce:a3:f2:
c1:0d:31:eb:80:fd:07:e6:14:32:40:c3:b5:2d:e6:98:f5:7e:
39:4f:4c:7e:2c:da:96:88:03:70:d2:b9:f0:1a:fd:f4:6e:13:
18:c4:a1:b0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3UKnNexAggVOMAHtU6od0/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIzMDQxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzEzMjBmZDUyNzMzYzEwMTZiNGVkMjdjNmM5MWUwMDRmNjY0YzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQyvzOpLOpJYt4anZf45aZ3JnVaY
UjlDFXcqxbwQIpxdBQ9FXULewy4rbsu5Sd/cvft/iuBBV6flacKfVZSe7A7Tw6H/
7h7ehRjSwyqrPZsoE5XwsRlW1on8kQBibxEYRpI4WFSlSDZkmz8nDvTzK5S3vQjJ
rSL76jXsVvKwf3tiejv/JDqsBFvQq0CKF+ARO2Wa+h+2k7NsWsutTSn67gCvYjSi
VGjJdSEI3Ja6X/UPgeeiTnIOcDJhkoKsP5poOOgWw+6aC3qgIJz4A3bonYH0iFC2
sPErEx6ZS0nyS3knIeU0kWgOiNbfhQJQaHXqckiHt/HWnvbBTsVRwewniwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGMTIP1SczwQFrTtJ8bJHgBPZkw2MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWXhNZ19WSnpQQkFXdE8wbnhza2VBRTltVERZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACAglj86FrbaRCSuomBi
U3rLkngnFq+PtXw3dcjiilltovPybsb2m36uYIhhE+R1NUgaMpOqNWLhJdjXGiS3
aptEFjES2os5B4DsqwxHbeHcuFdRAJzGamCiutYlQU4inaMMH1InznGdiH3HeivS
A7FMAPZDXAzFXqGA42Q/FWzdXdnrTAXpR3xwJXT16zozkVCXDAPJoUB0c39z6V0I
jGKsgnVKVEXdZbFz9m+GGja9zIDLALwyWlNFHgCOqEeqj0AR4vI0VGLuN4jzQOBj
KjuTSaw4186j8sENMeuA/QfmFDJAw7Ut5pj1fjlPTH4s2paIA3DSufAa/fRuExjE
obA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:28:34 2025 by rpki-client