Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yZorKFhOE30QAlk-Hejrb2ph5Xg.roa
File: yZorKFhOE30QAlk-Hejrb2ph5Xg.roa (raw, json)
Hash identifier: KCfS75FIVgrUQBDEoqEWX0bJHcNVqiBAahawZUQpafY=
Subject key identifier: C9:9A:2B:28:58:4E:13:7D:10:02:59:3E:1D:E8:EB:6F:6A:61:E5:78
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C8942B06FAC26C69765CE7D65C1FB9C33
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yZorKFhOE30QAlk-Hejrb2ph5Xg.roa
Signing time: Wed 20 Dec 2023 22:04:58 +0000
ROA not before: Wed 20 Dec 2023 22:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:8942:74c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:89:42:b0:6f:ac:26:c6:97:65:ce:7d:65:c1:fb:9c:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 20 22:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c99a2b28584e137d1002593e1de8eb6f6a61e578
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:dd:d4:3b:d3:da:db:55:49:17:3c:40:41:3c:
50:fc:1e:1a:54:bb:1a:10:cb:e0:4a:b0:17:86:ff:
3d:8e:20:4b:3f:64:43:bd:1a:d7:7a:d8:46:43:99:
6e:10:0d:8d:69:d7:4e:59:c9:8a:56:d6:d1:fd:6d:
54:c3:60:9f:bd:c2:70:b2:f8:c2:15:78:96:fc:e1:
e3:0f:fb:d7:4a:d9:10:c7:8f:eb:18:5f:a5:19:0c:
e0:57:84:5b:86:89:a8:ee:0c:7e:a7:0e:6f:dc:c9:
86:e7:ee:a1:b2:da:dd:94:82:1e:44:2b:a5:13:5b:
ca:a7:80:3d:64:a8:1f:a4:0b:9a:95:52:8e:d4:1f:
7b:ff:b7:4b:32:28:ec:97:39:61:96:3b:bf:9c:89:
f5:57:2d:c2:75:6a:64:80:0d:ad:e2:4c:75:61:48:
84:c6:35:92:fd:4c:7b:72:bd:63:10:a0:93:43:f5:
1c:8a:25:41:98:85:74:8a:3d:90:80:34:9c:45:b5:
8e:da:0a:9d:3c:b3:45:96:63:d4:5b:99:6d:ea:84:
bd:36:f2:35:8e:13:b6:bc:53:53:36:af:18:18:b7:
ca:97:8d:97:be:f1:c8:21:4d:17:71:79:c6:56:51:
14:ea:19:ac:12:0c:d2:10:88:d5:b7:ff:c9:97:eb:
13:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:9A:2B:28:58:4E:13:7D:10:02:59:3E:1D:E8:EB:6F:6A:61:E5:78
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yZorKFhOE30QAlk-Hejrb2ph5Xg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
87:54:ec:fd:4c:6e:3d:5f:e0:0e:16:7c:ef:e8:75:b4:f8:29:
b3:62:08:ee:43:5a:3e:95:92:90:eb:e6:0b:58:8a:cd:7a:8e:
83:22:c6:24:2a:91:81:84:46:73:e1:8e:97:5e:6a:41:13:b3:
27:ec:6c:a0:22:84:fb:ce:89:b9:74:da:36:9d:15:e1:7e:87:
7a:9a:d1:93:c2:95:41:00:b5:ec:d5:cf:02:0c:d8:9d:aa:22:
5e:10:53:a3:10:b2:ad:a6:ac:46:50:ae:be:a6:b8:7b:68:f3:
d5:f8:5a:f5:5f:1d:31:11:8f:a5:c6:b3:76:2d:9d:b4:91:0f:
df:d2:26:00:71:c1:e5:03:d8:fd:77:1b:49:18:e7:07:57:94:
e3:3c:a8:8e:90:70:b7:30:a2:be:d5:48:59:17:9c:da:a3:35:
2c:d2:6e:de:56:65:60:e6:a3:60:99:a8:ba:ce:14:d0:77:2e:
9a:c3:24:51:67:8e:f4:31:d2:bd:ee:7b:6b:5f:7d:7b:81:e5:
f8:8a:ce:d6:58:5a:25:83:a0:13:34:39:b7:ce:85:48:8c:85:
a4:6e:ee:e2:95:81:34:ea:bd:6d:1e:32:b8:a9:8b:91:d6:7f:
ad:4b:9e:2e:21:6f:d1:9c:40:ca:4e:09:c5:31:3d:0b:e5:1d:
9f:ca:53:b1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyJQrBvrCbGl2XOfWXB+5wzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIwMjIwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTlhMmIyODU4NGUxMzdkMTAwMjU5M2UxZGU4ZWI2ZjZhNjFlNTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk93UO9Pa21VJFzxAQTxQ/B4aVLsa
EMvgSrAXhv89jiBLP2RDvRrXethGQ5luEA2NaddOWcmKVtbR/W1Uw2CfvcJwsvjC
FXiW/OHjD/vXStkQx4/rGF+lGQzgV4Rbhomo7gx+pw5v3MmG5+6hstrdlIIeRCul
E1vKp4A9ZKgfpAualVKO1B97/7dLMijslzlhlju/nIn1Vy3CdWpkgA2t4kx1YUiE
xjWS/Ux7cr1jEKCTQ/UciiVBmIV0ij2QgDScRbWO2gqdPLNFlmPUW5lt6oS9NvI1
jhO2vFNTNq8YGLfKl42XvvHIIU0XcXnGVlEU6hmsEgzSEIjVt//Jl+sTfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMmaKyhYThN9EAJZPh3o629qYeV4MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveVpvcktGaE9FMzBRQWxrLUhlanJiMnBoNVhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIdU7P1Mbj1f4A4WfO/o
dbT4KbNiCO5DWj6VkpDr5gtYis16joMixiQqkYGERnPhjpdeakETsyfsbKAihPvO
ibl02jadFeF+h3qa0ZPClUEAtezVzwIM2J2qIl4QU6MQsq2mrEZQrr6muHto89X4
WvVfHTERj6XGs3YtnbSRD9/SJgBxweUD2P13G0kY5wdXlOM8qI6QcLcwor7VSFkX
nNqjNSzSbt5WZWDmo2CZqLrOFNB3LprDJFFnjvQx0r3ue2tffXuB5fiKztZYWiWD
oBM0ObfOhUiMhaRu7uKVgTTqvW0eMripi5HWf61Lni4hb9GcQMpOCcUxPQvlHZ/K
U7E=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:12:21 2025 by rpki-client