Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kYJoUzNnY29cJBiwZqgnUEOElqA.roa
File: kYJoUzNnY29cJBiwZqgnUEOElqA.roa (raw, json)
Hash identifier: X/mFO3gm5fBC6P/qENzTJBmHeR0YLuXFX4ZAtzDajJk=
Subject key identifier: 91:82:68:53:33:67:63:6F:5C:24:18:B0:66:A8:27:50:43:84:96:A0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D562E1F7D21C348539B81F348A1CC47A5
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kYJoUzNnY29cJBiwZqgnUEOElqA.roa
Signing time: Mon 29 Jan 2024 17:04:39 +0000
ROA not before: Mon 29 Jan 2024 17:04:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:562d:e850/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:56:2e:1f:7d:21:c3:48:53:9b:81:f3:48:a1:cc:47:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 29 17:04:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=918268533367636f5c2418b066a82750438496a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fb:0d:0e:de:85:39:e9:c4:e4:60:b1:19:9d:
53:20:ee:07:07:c4:83:4b:c1:8c:39:b3:ec:1f:ae:
02:3a:a2:b4:99:b8:58:02:27:ef:2a:82:d0:12:26:
cc:6e:b1:d4:54:e3:06:f2:90:6a:8f:4e:82:56:e5:
79:7a:82:2f:66:bc:ac:f4:9e:19:f4:ec:65:f6:5e:
f5:29:e0:a2:6c:27:33:c2:c1:90:49:33:2d:2e:c2:
22:84:e1:7a:52:2d:9d:a1:54:21:ee:09:0b:a2:55:
a6:2c:2a:b7:ed:83:90:97:cc:d8:97:ca:18:18:13:
33:9e:cc:1e:6b:85:a9:c0:86:8d:1f:c4:30:5d:c6:
c7:b1:68:15:e7:6b:91:d1:3e:fb:48:66:6e:c0:02:
fc:55:18:51:16:6f:92:c2:47:b1:14:75:f2:f9:b9:
d7:a2:4d:37:ed:0a:4e:57:3d:ed:e9:cf:fb:76:ce:
d8:76:e3:01:8f:79:53:6d:04:2d:f2:ff:88:e5:6a:
85:29:87:42:25:8b:85:2d:23:08:62:5c:b6:bb:36:
ca:70:6f:31:d9:e0:e3:ce:7c:4b:56:f6:05:5f:52:
8b:4d:0f:df:79:57:29:f7:62:63:81:c6:82:ea:33:
71:2a:47:3d:b6:1b:1a:27:5a:bd:56:cb:b6:2a:49:
71:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:82:68:53:33:67:63:6F:5C:24:18:B0:66:A8:27:50:43:84:96:A0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kYJoUzNnY29cJBiwZqgnUEOElqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:f7:65:8d:b0:00:3f:f5:aa:b7:eb:1d:d7:ff:8d:c9:35:a0:
4d:54:c1:bd:54:f7:31:92:b8:39:78:a8:bc:35:d8:71:f8:d9:
59:a0:9a:47:11:7d:06:89:62:49:b4:e6:00:c5:27:b5:10:c8:
c6:33:a4:a2:a3:69:cd:46:b0:e0:d5:0f:3a:10:2d:76:90:50:
f3:9c:f2:bf:a8:bf:18:e3:22:08:a7:bc:11:02:42:df:9b:4b:
cf:6e:ee:4b:e2:c4:d7:4d:2e:3b:69:73:ac:c8:6c:5a:a3:26:
2d:72:0d:54:8b:99:00:91:21:c3:01:49:94:5e:0a:62:37:f5:
0f:f0:f2:f0:41:fc:08:f6:3c:d5:db:f8:15:fd:f5:13:20:f4:
e3:d5:3c:9a:6d:6c:ce:07:e5:9f:67:e2:e6:05:18:ce:97:9c:
0d:18:e5:a0:b9:c0:5e:09:ec:36:ae:e8:a7:e3:d7:56:c2:3b:
6c:89:b4:f9:e8:a6:c0:f9:d3:f0:15:16:4a:b0:a2:1d:ac:a5:
1b:4d:85:81:1d:49:90:8d:cf:1f:b6:dd:ac:d5:a3:bf:aa:8c:
8a:b9:c6:9d:03:37:5a:c7:ab:ac:87:9d:b3:9e:2e:b6:cd:43:
14:cf:97:03:69:d2:61:39:d5:b1:fa:9d:21:28:8d:99:22:ee:
c0:f2:38:8b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1WLh99IcNIU5uB80ihzEelMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI5MTcwNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTgyNjg1MzMzNjc2MzZmNWMyNDE4YjA2NmE4Mjc1MDQzODQ5NmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/sNDt6FOenE5GCxGZ1TIO4HB8SD
S8GMObPsH64COqK0mbhYAifvKoLQEibMbrHUVOMG8pBqj06CVuV5eoIvZrys9J4Z
9Oxl9l71KeCibCczwsGQSTMtLsIihOF6Ui2doVQh7gkLolWmLCq37YOQl8zYl8oY
GBMznswea4WpwIaNH8QwXcbHsWgV52uR0T77SGZuwAL8VRhRFm+SwkexFHXy+bnX
ok037QpOVz3t6c/7ds7YduMBj3lTbQQt8v+I5WqFKYdCJYuFLSMIYly2uzbKcG8x
2eDjznxLVvYFX1KLTQ/feVcp92JjgcaC6jNxKkc9thsaJ1q9Vsu2KklxFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJGCaFMzZ2NvXCQYsGaoJ1BDhJagMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEva1lKb1V6Tm5ZMjljSkJpd1pxZ25VRU9FbHFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA33ZY2wAD/1qrfrHdf/
jck1oE1Uwb1U9zGSuDl4qLw12HH42VmgmkcRfQaJYkm05gDFJ7UQyMYzpKKjac1G
sODVDzoQLXaQUPOc8r+ovxjjIginvBECQt+bS89u7kvixNdNLjtpc6zIbFqjJi1y
DVSLmQCRIcMBSZReCmI39Q/w8vBB/Aj2PNXb+BX99RMg9OPVPJptbM4H5Z9n4uYF
GM6XnA0Y5aC5wF4J7Dau6Kfj11bCO2yJtPnopsD50/AVFkqwoh2spRtNhYEdSZCN
zx+23azVo7+qjIq5xp0DN1rHq6yHnbOeLrbNQxTPlwNp0mE51bH6nSEojZki7sDy
OIs=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:49:30 2025 by rpki-client