Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yPHMkH_zZMPqrXiI40nMZwMB5lA.roa
File: yPHMkH_zZMPqrXiI40nMZwMB5lA.roa (raw, json)
Hash identifier: 5vaJ1lbO7Z+Y70I8BsuQtH0egNZNuugWbpfZGybvNAc=
Subject key identifier: C8:F1:CC:90:7F:F3:64:C3:EA:AD:78:88:E3:49:CC:67:03:01:E6:50
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D8CB78B6A4AB890A265B309D33522CDCE
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yPHMkH_zZMPqrXiI40nMZwMB5lA.roa
Signing time: Fri 09 Feb 2024 07:14:15 +0000
ROA not before: Fri 09 Feb 2024 07:14:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8c:b7:8b:6a:4a:b8:90:a2:65:b3:09:d3:35:22:cd:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 9 07:14:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c8f1cc907ff364c3eaad7888e349cc670301e650
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:70:1e:e1:f8:66:84:e1:27:4a:e5:a7:87:76:
be:92:c9:b9:de:0b:aa:ba:aa:03:79:89:05:4b:05:
4f:64:43:6e:b7:2e:71:c9:52:d0:bb:bd:bc:eb:0b:
d4:70:00:35:df:f5:ac:c9:f5:95:e8:ba:36:f3:03:
ec:c0:41:c2:1e:cc:82:1e:c5:44:67:45:f8:55:37:
b9:9c:44:36:3f:b7:82:f0:a3:46:29:c7:44:cb:fa:
26:35:45:f5:77:d1:c8:d0:d1:52:cd:c4:fc:71:92:
b4:aa:cc:ed:cf:39:36:6d:a9:4c:95:19:13:9b:05:
23:82:1f:fc:db:c1:10:80:2a:4b:54:ca:7a:f3:66:
10:ec:f8:75:7d:5e:f7:51:2c:fc:4b:c5:db:70:9a:
a6:f0:3f:74:0c:44:33:44:6f:c8:01:7a:d4:d2:aa:
94:18:8d:e6:39:86:f2:31:da:06:79:81:a7:61:82:
f8:8a:88:95:6d:54:c0:84:3a:56:2f:94:80:ed:e7:
47:9d:ad:bb:37:b8:45:7a:d1:eb:8b:10:9d:96:4c:
16:91:8a:bc:84:d4:02:29:a6:2f:c3:bf:89:2a:25:
4c:55:99:87:7d:86:42:16:16:31:1e:8c:c2:78:49:
a9:6e:ae:bf:d3:8f:a9:b5:a4:2e:3e:02:ed:a0:c6:
9c:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:F1:CC:90:7F:F3:64:C3:EA:AD:78:88:E3:49:CC:67:03:01:E6:50
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yPHMkH_zZMPqrXiI40nMZwMB5lA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
77:8c:38:8e:73:25:15:3c:f6:90:4a:4c:5c:19:98:64:78:5a:
f6:75:59:f3:e8:95:5e:36:ff:c0:e6:69:21:54:df:88:7f:75:
fa:7d:68:3d:1e:6b:1e:e3:13:54:06:18:29:e4:db:4f:c4:d4:
82:51:1b:fe:9f:d6:f3:9c:97:46:62:27:0b:22:79:56:ca:84:
1d:dd:22:4a:4f:40:b1:da:5f:cd:72:7a:e8:c1:b8:01:0c:7b:
4b:22:55:9f:4b:d6:ab:14:4f:39:28:84:ab:7f:ab:44:03:29:
e2:98:26:3d:54:3f:b6:c5:4d:28:ff:e3:b0:f3:cc:16:f2:36:
e7:2f:3e:e5:27:d9:5b:ca:97:66:69:3d:f4:91:43:b6:1a:95:
01:00:2e:d9:ce:68:c1:47:32:26:b5:79:ab:c7:cf:78:36:33:
02:ae:b5:7c:cf:72:56:4f:44:c1:1d:94:2c:27:75:17:4b:7f:
27:56:fb:4e:8a:43:f0:53:72:d8:9d:a9:dc:f2:d1:48:35:5b:
21:3b:1a:50:2d:5c:19:d8:24:21:3f:fe:d6:b8:58:06:7d:6b:
7a:35:3e:d8:90:b9:e8:87:7e:fb:df:2c:6e:5d:44:b4:3f:ff:
9b:6d:04:3d:b4:fd:97:6d:b9:7b:d5:59:a6:e2:86:34:4e:94:
e1:06:70:bb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2Mt4tqSriQomWzCdM1Is3OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA5MDcxNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGYxY2M5MDdmZjM2NGMzZWFhZDc4ODhlMzQ5Y2M2NzAzMDFlNjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnAe4fhmhOEnSuWnh3a+ksm53guq
uqoDeYkFSwVPZENuty5xyVLQu7286wvUcAA13/WsyfWV6Lo28wPswEHCHsyCHsVE
Z0X4VTe5nEQ2P7eC8KNGKcdEy/omNUX1d9HI0NFSzcT8cZK0qsztzzk2balMlRkT
mwUjgh/828EQgCpLVMp682YQ7Ph1fV73USz8S8XbcJqm8D90DEQzRG/IAXrU0qqU
GI3mOYbyMdoGeYGnYYL4ioiVbVTAhDpWL5SA7edHna27N7hFetHrixCdlkwWkYq8
hNQCKaYvw7+JKiVMVZmHfYZCFhYxHozCeEmpbq6/04+ptaQuPgLtoMacNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMjxzJB/82TD6q14iONJzGcDAeZQMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveVBITWtIX3paTVBxclhpSTQwbk1ad01CNWxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHeMOI5zJRU89pBKTFwZ
mGR4WvZ1WfPolV42/8DmaSFU34h/dfp9aD0eax7jE1QGGCnk20/E1IJRG/6f1vOc
l0ZiJwsieVbKhB3dIkpPQLHaX81yeujBuAEMe0siVZ9L1qsUTzkohKt/q0QDKeKY
Jj1UP7bFTSj/47DzzBbyNucvPuUn2VvKl2ZpPfSRQ7YalQEALtnOaMFHMia1eavH
z3g2MwKutXzPclZPRMEdlCwndRdLfydW+06KQ/BTctidqdzy0Ug1WyE7GlAtXBnY
JCE//ta4WAZ9a3o1PtiQueiHfvvfLG5dRLQ//5ttBD20/ZdtuXvVWabihjROlOEG
cLs=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:58:55 2025 by rpki-client