Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/y1yEXgNBQqdNPDi88BOEsQfMczE.roa
File: y1yEXgNBQqdNPDi88BOEsQfMczE.roa (raw, json)
Hash identifier: jcexzjatjpYIQpMGiafZeXJn0E089E/4PfhgFgGiP0k=
Subject key identifier: CB:5C:84:5E:03:41:42:A7:4D:3C:38:BC:F0:13:84:B1:07:CC:73:31
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D389A4840417443DB720745039C59945E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/y1yEXgNBQqdNPDi88BOEsQfMczE.roa
Signing time: Tue 23 Jan 2024 23:14:11 +0000
ROA not before: Tue 23 Jan 2024 23:14:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:38:9a:48:40:41:74:43:db:72:07:45:03:9c:59:94:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 23 23:14:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb5c845e034142a74d3c38bcf01384b107cc7331
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:0b:58:6b:ed:78:25:35:08:6d:45:0d:67:00:
e7:86:26:36:58:08:97:06:7c:d6:fa:ea:26:18:ac:
90:15:e1:e4:2f:ae:6a:19:93:81:91:4c:e9:86:05:
c0:f7:72:1b:75:6c:c9:de:8b:c9:71:23:a3:15:bb:
2b:a3:42:c8:6a:e0:31:24:06:e1:85:6d:fe:e5:88:
9f:37:10:57:07:bb:9a:1e:5d:27:f2:bd:79:9c:ae:
42:1b:1d:b3:42:a6:67:31:94:e8:bd:ac:c1:0b:f1:
dc:fb:e9:a9:d2:81:f2:1f:3e:b9:ed:b5:1f:91:2c:
9a:8c:d5:eb:3a:c9:1d:8f:84:d0:97:99:58:7c:ae:
6f:88:84:62:c5:37:c0:ba:41:a0:51:12:0a:05:24:
74:87:6d:04:8a:7a:61:ec:90:77:8b:c1:51:f3:66:
da:63:b7:42:a8:4b:46:a6:9f:d6:98:e1:5a:7e:73:
03:3e:65:16:ae:c0:66:cc:0c:0f:70:e1:6d:03:8a:
d4:f8:fe:6e:de:08:29:56:2f:24:d4:dd:1d:44:47:
c5:7d:0a:f0:30:29:58:ad:4d:53:a8:e4:b5:f3:ab:
eb:88:df:3d:2c:cf:21:cc:a8:14:80:44:3a:3e:62:
1e:a8:03:ef:10:54:01:0e:dd:82:cb:c3:b4:b3:4a:
5a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:5C:84:5E:03:41:42:A7:4D:3C:38:BC:F0:13:84:B1:07:CC:73:31
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/y1yEXgNBQqdNPDi88BOEsQfMczE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
98:e1:2a:78:07:77:71:33:15:8a:c3:e5:f6:31:ab:97:a3:6b:
a5:4d:4d:5c:a8:70:ad:c7:33:1e:7d:06:c2:6f:fe:87:62:51:
54:81:ac:8a:39:57:bf:34:d4:9b:b5:d4:65:dd:59:ac:18:d5:
ad:cf:a9:ad:7e:d6:28:9d:6d:b5:16:d8:0b:01:c9:e7:2c:cd:
12:09:b7:f9:79:e8:74:3e:ef:1a:41:e0:24:15:0f:9d:58:4d:
d8:e9:d1:ed:ff:ee:61:db:5f:4c:da:65:51:dd:9b:84:7e:51:
a5:89:bf:58:42:83:96:f0:92:6e:56:75:1c:de:82:4d:78:85:
8b:c7:f6:1b:20:be:7e:13:4c:db:90:f4:1b:e7:86:a8:17:71:
aa:2c:72:9f:1a:a3:34:a2:a0:82:00:37:53:89:6a:5e:d1:45:
3f:02:8e:51:41:57:ad:3e:07:df:f5:7a:92:b7:62:3e:6c:21:
e4:29:ba:cd:6e:2b:19:e2:99:37:aa:2c:0c:90:8e:b2:42:61:
2a:c6:45:3d:a4:48:ea:45:60:65:73:c6:ef:df:86:d2:f1:81:
b1:7c:8d:88:c3:3c:87:50:5e:a2:90:d7:77:dd:c9:95:72:e4:
02:3a:8e:7e:be:a2:a2:39:12:43:58:18:24:b0:0f:c9:69:3d:
f6:88:d9:54
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY04mkhAQXRD23IHRQOcWZReMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIzMjMxNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjVjODQ1ZTAzNDE0MmE3NGQzYzM4YmNmMDEzODRiMTA3Y2M3MzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwtYa+14JTUIbUUNZwDnhiY2WAiX
BnzW+uomGKyQFeHkL65qGZOBkUzphgXA93IbdWzJ3ovJcSOjFbsro0LIauAxJAbh
hW3+5YifNxBXB7uaHl0n8r15nK5CGx2zQqZnMZTovazBC/Hc++mp0oHyHz657bUf
kSyajNXrOskdj4TQl5lYfK5viIRixTfAukGgURIKBSR0h20Einph7JB3i8FR82ba
Y7dCqEtGpp/WmOFafnMDPmUWrsBmzAwPcOFtA4rU+P5u3ggpVi8k1N0dREfFfQrw
MClYrU1TqOS186vriN89LM8hzKgUgEQ6PmIeqAPvEFQBDt2Cy8O0s0pa0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMtchF4DQUKnTTw4vPAThLEHzHMxMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveTF5RVhnTkJRcWROUERpODhCT0VzUWZNY3pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJjhKngHd3EzFYrD5fYx
q5eja6VNTVyocK3HMx59BsJv/odiUVSBrIo5V7801Ju11GXdWawY1a3Pqa1+1iid
bbUW2AsByecszRIJt/l56HQ+7xpB4CQVD51YTdjp0e3/7mHbX0zaZVHdm4R+UaWJ
v1hCg5bwkm5WdRzegk14hYvH9hsgvn4TTNuQ9BvnhqgXcaoscp8aozSioIIAN1OJ
al7RRT8CjlFBV60+B9/1epK3Yj5sIeQpus1uKxnimTeqLAyQjrJCYSrGRT2kSOpF
YGVzxu/fhtLxgbF8jYjDPIdQXqKQ13fdyZVy5AI6jn6+oqI5EkNYGCSwD8lpPfaI
2VQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:37 2025 by rpki-client