Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/y5rxZvyvH9kqSQPGMHcRVRKcKcE.roa
File: y5rxZvyvH9kqSQPGMHcRVRKcKcE.roa (raw, json)
Hash identifier: YPYpMBEKCLNOGZ2ssriAgD0zswAXekbwvLFbFHEzz8Y=
Subject key identifier: CB:9A:F1:66:FC:AF:1F:D9:2A:49:03:C6:30:77:11:55:12:9C:29:C1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D4430972613DEE1F9D9B7EE99AAC4F268
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/y5rxZvyvH9kqSQPGMHcRVRKcKcE.roa
Signing time: Fri 26 Jan 2024 05:14:11 +0000
ROA not before: Fri 26 Jan 2024 05:14:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:44:30:97:26:13:de:e1:f9:d9:b7:ee:99:aa:c4:f2:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 26 05:14:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb9af166fcaf1fd92a4903c630771155129c29c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:05:3e:29:31:14:cf:c8:61:5b:66:6d:f1:88:
b8:82:bb:48:e5:2b:4b:5f:83:25:2a:5e:3e:65:be:
4d:08:cb:a7:b2:6c:65:df:a9:93:52:48:12:00:42:
89:48:7d:8d:0a:f2:0d:c7:f5:c8:b8:11:22:31:b0:
1d:be:c2:07:db:6d:2e:7c:bb:70:db:f4:c9:d9:58:
c6:98:4b:ce:c0:22:4a:fb:57:57:f4:7d:49:33:1e:
4c:a7:e1:60:31:8c:5a:a8:55:4c:40:a8:ad:98:3a:
24:c5:6a:f3:58:0c:bf:d5:08:3c:b0:72:7b:4e:a0:
46:11:a6:df:40:f8:54:88:8c:f3:e6:87:31:ec:ee:
fa:93:41:d5:37:4f:2e:f3:5e:0c:0d:31:b0:17:c6:
ff:22:82:ff:82:e2:06:5f:e1:86:25:ba:18:77:3e:
af:a6:3d:4c:37:e5:7d:98:08:c0:8d:e2:e1:ef:2d:
06:bb:77:f4:98:e4:7b:17:f4:42:f1:69:db:4c:69:
63:17:96:6a:59:f7:12:74:0d:6d:46:7c:32:a0:21:
06:1a:c4:90:ea:f1:9f:fc:d4:40:e9:ec:7b:0f:70:
6f:60:c1:40:30:8c:c6:26:a1:88:ca:9a:60:b3:18:
f2:17:a3:17:96:8a:42:9a:b6:41:fe:75:64:8a:ac:
09:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:9A:F1:66:FC:AF:1F:D9:2A:49:03:C6:30:77:11:55:12:9C:29:C1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/y5rxZvyvH9kqSQPGMHcRVRKcKcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
52:2a:6d:6b:aa:be:ee:58:7b:ae:ae:3d:0c:b6:3a:28:c8:0a:
e5:03:f8:07:15:bd:cd:6a:8f:cc:0f:49:0f:7c:23:b3:84:70:
34:21:93:cd:41:43:06:2d:4a:8a:b7:65:41:6e:02:da:ec:6b:
ab:09:f1:bf:75:08:8f:1c:0c:d6:ae:f3:ae:e3:8c:a0:cb:39:
2f:9a:da:71:50:aa:3a:f0:cd:b6:70:09:5a:bf:e2:57:5f:2a:
68:da:c7:f3:5c:ca:d8:0f:f3:36:52:b1:f3:52:7e:f5:32:fc:
be:fd:e5:5b:cd:6e:70:50:0e:87:43:d8:f5:a9:c9:11:b9:a4:
d5:f4:7c:8b:6f:e0:08:6e:de:10:43:3a:4a:38:cf:af:7d:a2:
da:69:38:a0:f4:0b:4e:4a:04:80:53:8e:09:36:18:0f:52:96:
26:d1:56:47:45:48:20:f7:38:da:ef:53:c9:18:c3:0e:c3:79:
64:80:ac:9c:b7:e4:0a:c0:60:ef:e8:b5:9f:a7:55:99:15:a1:
0a:58:c5:dd:5f:d7:dd:b1:39:2f:83:73:9c:39:5b:f3:b0:41:
00:84:60:71:d5:63:8f:a7:2d:ef:53:99:b2:50:dd:82:9f:cc:
f2:27:35:c6:e7:65:98:02:57:ad:15:2b:bf:60:2f:8c:b8:e8:
97:72:ff:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1EMJcmE97h+dm37pmqxPJoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI2MDUxNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjlhZjE2NmZjYWYxZmQ5MmE0OTAzYzYzMDc3MTE1NTEyOWMyOWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6QU+KTEUz8hhW2Zt8Yi4grtI5StL
X4MlKl4+Zb5NCMunsmxl36mTUkgSAEKJSH2NCvINx/XIuBEiMbAdvsIH220ufLtw
2/TJ2VjGmEvOwCJK+1dX9H1JMx5Mp+FgMYxaqFVMQKitmDokxWrzWAy/1Qg8sHJ7
TqBGEabfQPhUiIzz5ocx7O76k0HVN08u814MDTGwF8b/IoL/guIGX+GGJboYdz6v
pj1MN+V9mAjAjeLh7y0Gu3f0mOR7F/RC8WnbTGljF5ZqWfcSdA1tRnwyoCEGGsSQ
6vGf/NRA6ex7D3BvYMFAMIzGJqGIyppgsxjyF6MXlopCmrZB/nVkiqwJLwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMua8Wb8rx/ZKkkDxjB3EVUSnCnBMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveTVyeFp2eXZIOWtxU1FQR01IY1JWUktjS2NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFIqbWuqvu5Ye66uPQy2
OijICuUD+AcVvc1qj8wPSQ98I7OEcDQhk81BQwYtSoq3ZUFuAtrsa6sJ8b91CI8c
DNau867jjKDLOS+a2nFQqjrwzbZwCVq/4ldfKmjax/NcytgP8zZSsfNSfvUy/L79
5VvNbnBQDodD2PWpyRG5pNX0fItv4Ahu3hBDOko4z699otppOKD0C05KBIBTjgk2
GA9SlibRVkdFSCD3ONrvU8kYww7DeWSArJy35ArAYO/otZ+nVZkVoQpYxd1f192x
OS+Dc5w5W/OwQQCEYHHVY4+nLe9TmbJQ3YKfzPInNcbnZZgCV60VK79gL4y46Jdy
/4A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org