Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/y8H4Wwe6762CssRJ-qU39tSHgrM.roa
File: y8H4Wwe6762CssRJ-qU39tSHgrM.roa (raw, json)
Hash identifier: NlVkNqy+NnmZY7x5GIl3Pakc4reKhs+/HU6gFMUJv2o=
Subject key identifier: CB:C1:F8:5B:07:BA:EF:AD:82:B2:C4:49:FA:A5:37:F6:D4:87:82:B3
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DDDD175E6B83A0876FC1DC8D94BF586EB
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/y8H4Wwe6762CssRJ-qU39tSHgrM.roa
Signing time: Sun 25 Feb 2024 01:11:48 +0000
ROA not before: Sun 25 Feb 2024 01:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:dd:d1:75:e6:b8:3a:08:76:fc:1d:c8:d9:4b:f5:86:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 25 01:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cbc1f85b07baefad82b2c449faa537f6d48782b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8f:15:4a:60:f8:2a:ae:6c:e4:3c:32:7f:41:
a1:c0:ff:da:53:f4:e8:73:fa:da:3f:54:72:2d:e9:
0f:90:41:7a:bd:b8:22:85:84:8c:72:96:0e:38:5e:
d0:f4:93:9b:c6:80:ec:c2:10:2a:4d:3d:5f:fc:03:
58:02:dc:e2:0c:8c:98:17:ff:4d:c0:ca:cf:e5:eb:
b6:33:35:5e:1e:a7:7f:7c:08:79:a9:24:1c:ad:07:
ba:5f:8c:25:2a:80:9d:13:28:c2:7c:60:17:89:8c:
f8:b9:f5:e6:90:3a:89:a2:4a:d6:03:c5:39:39:0a:
bc:15:ea:ad:2b:3c:0b:51:06:4c:8f:e0:96:b4:be:
d3:96:ef:63:99:5c:72:96:c4:70:a6:5e:5d:18:f6:
b4:f7:13:80:54:84:69:93:84:87:9b:c9:ae:78:3d:
42:be:4f:ae:46:1e:70:48:cf:ab:ec:7f:a7:75:eb:
ce:6c:d4:29:11:8b:aa:09:bb:11:e8:7d:96:8b:2a:
b7:b2:05:eb:fe:3e:1e:ca:f6:ac:c2:b2:9f:e6:ed:
b6:0f:3d:f4:7f:3b:af:1b:7a:50:15:f8:b0:38:ad:
60:fb:5e:4a:1e:7f:13:fe:ac:c5:5c:d7:ad:fe:f9:
dc:3c:d1:8e:2b:7e:47:2b:8b:08:13:4e:7f:54:10:
bc:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:C1:F8:5B:07:BA:EF:AD:82:B2:C4:49:FA:A5:37:F6:D4:87:82:B3
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/y8H4Wwe6762CssRJ-qU39tSHgrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
03:5b:f5:c0:a2:cd:ba:6f:1d:a5:be:b8:1d:48:09:11:a2:fc:
f5:55:66:fb:7a:51:5d:fd:e8:c0:ca:a2:a4:a5:3c:85:48:21:
67:93:2f:43:2e:d8:ed:fc:86:7c:fe:70:24:02:7e:57:c8:51:
ce:46:b4:0c:62:19:17:60:f5:e2:89:07:db:aa:f9:2d:24:79:
18:5d:cd:75:19:13:57:ff:37:89:c9:c3:c5:1d:1e:4e:9b:3b:
05:67:69:5f:1f:9b:c3:3f:20:1f:17:a5:69:c9:54:b8:64:d0:
d2:c5:fd:ff:04:22:2d:25:e1:14:21:ae:79:bc:e3:2d:a0:d9:
77:1c:47:a9:82:00:8c:02:58:c9:f3:d3:d6:ca:1f:ea:eb:43:
59:76:9e:ae:18:a1:11:a1:be:8e:f6:ab:42:57:21:09:e0:c9:
c2:f4:dc:ce:ae:1e:33:0d:e7:0e:1f:8d:31:a1:b4:d9:39:8b:
92:b0:a2:70:de:02:86:74:81:ee:8a:6b:e6:49:6d:52:e8:cb:
f3:b7:dc:32:cf:b8:29:20:56:4e:3e:8e:0b:f8:cc:ea:29:f4:
e3:99:57:2d:9f:c3:50:0d:c4:2c:9f:ac:0e:ce:a0:af:02:1c:
de:1a:83:b9:e3:e3:ad:80:54:b5:1b:9c:f1:c9:df:d7:48:03:
be:7c:9a:8a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3d0XXmuDoIdvwdyNlL9YbrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI1MDExMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmMxZjg1YjA3YmFlZmFkODJiMmM0NDlmYWE1MzdmNmQ0ODc4MmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuI8VSmD4Kq5s5Dwyf0GhwP/aU/To
c/raP1RyLekPkEF6vbgihYSMcpYOOF7Q9JObxoDswhAqTT1f/ANYAtziDIyYF/9N
wMrP5eu2MzVeHqd/fAh5qSQcrQe6X4wlKoCdEyjCfGAXiYz4ufXmkDqJokrWA8U5
OQq8FeqtKzwLUQZMj+CWtL7Tlu9jmVxylsRwpl5dGPa09xOAVIRpk4SHm8mueD1C
vk+uRh5wSM+r7H+ndevObNQpEYuqCbsR6H2Wiyq3sgXr/j4eyvaswrKf5u22Dz30
fzuvG3pQFfiwOK1g+15KHn8T/qzFXNet/vncPNGOK35HK4sIE05/VBC8ZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMvB+FsHuu+tgrLESfqlN/bUh4KzMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveThINFd3ZTY3NjJDc3NSSi1xVTM5dFNIZ3JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAANb9cCizbpvHaW+uB1I
CRGi/PVVZvt6UV396MDKoqSlPIVIIWeTL0Mu2O38hnz+cCQCflfIUc5GtAxiGRdg
9eKJB9uq+S0keRhdzXUZE1f/N4nJw8UdHk6bOwVnaV8fm8M/IB8XpWnJVLhk0NLF
/f8EIi0l4RQhrnm84y2g2XccR6mCAIwCWMnz09bKH+rrQ1l2nq4YoRGhvo72q0JX
IQngycL03M6uHjMN5w4fjTGhtNk5i5KwonDeAoZ0ge6Ka+ZJbVLoy/O33DLPuCkg
Vk4+jgv4zOop9OOZVy2fw1ANxCyfrA7OoK8CHN4ag7nj462AVLUbnPHJ39dIA758
moo=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:14:48 2025 by rpki-client