Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yedcjIPNlMa4XWy5sijgr3h8TEQ.roa
File: yedcjIPNlMa4XWy5sijgr3h8TEQ.roa (raw, json)
Hash identifier: UCA3WpEoKw3ho3/AZVbcBIg8oGAG/j4Ym6c71dgX/i0=
Subject key identifier: C9:E7:5C:8C:83:CD:94:C6:B8:5D:6C:B9:B2:28:E0:AF:78:7C:4C:44
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E0E1C057289E6E62DD8286A8AFFAF0A4A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yedcjIPNlMa4XWy5sijgr3h8TEQ.roa
Signing time: Tue 05 Mar 2024 10:15:01 +0000
ROA not before: Tue 05 Mar 2024 10:15:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:1c:05:72:89:e6:e6:2d:d8:28:6a:8a:ff:af:0a:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 5 10:15:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9e75c8c83cd94c6b85d6cb9b228e0af787c4c44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:fb:3f:da:c8:4d:d8:5c:1c:b5:95:90:b9:b7:
86:3c:e3:d1:0e:25:93:13:d4:9c:ab:d3:07:7c:7d:
b9:9b:88:8a:15:df:80:86:49:ab:fc:bb:da:f8:2d:
a9:12:a1:7d:78:6f:b4:3a:4e:d3:12:00:cd:4c:7d:
59:81:51:b5:69:7f:65:d7:45:48:f4:e3:4a:b2:d2:
07:08:01:d0:04:a6:93:6b:68:01:ec:c8:4f:5b:77:
db:06:57:2d:cf:ca:ca:a3:c7:cd:74:e2:ef:d2:01:
2e:fc:74:27:1d:e8:95:a4:02:dd:07:47:7f:af:5a:
8c:e4:b9:2f:fa:37:9b:e3:ca:53:42:b2:00:32:bc:
25:5b:9b:6e:f6:48:f6:21:31:70:1b:56:45:74:f7:
2c:98:d0:a4:f3:ea:d6:94:2d:d3:b4:b5:6a:76:a4:
8d:f5:23:6a:5c:2e:cf:8e:8e:e4:dc:bc:c5:50:de:
7a:12:dd:f4:fa:03:9b:6b:3d:01:88:da:ad:f6:f4:
6d:d3:4d:ec:41:e4:04:58:25:e9:50:f4:ce:89:24:
14:96:c8:98:ee:cd:e4:f7:67:b4:c6:7e:31:4d:e5:
8f:ea:f1:2a:56:4a:72:b8:a1:84:8b:78:02:39:5b:
9f:05:71:aa:60:f9:94:fa:dd:41:58:8a:55:6e:51:
bb:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:E7:5C:8C:83:CD:94:C6:B8:5D:6C:B9:B2:28:E0:AF:78:7C:4C:44
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yedcjIPNlMa4XWy5sijgr3h8TEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
71:28:cc:14:fd:ca:e7:b5:6c:3c:aa:16:62:57:03:5a:5d:94:
6a:5f:66:54:1a:f2:e6:4b:fa:d4:a6:6d:48:6b:19:63:c4:1d:
bb:b0:96:22:72:c8:35:84:8e:41:87:a5:76:8b:5e:bc:e1:4f:
47:97:14:ae:7d:51:2a:47:ff:15:39:97:d9:81:a4:0e:db:76:
87:0c:52:dc:de:11:65:af:bb:0a:d4:98:e0:9b:8d:43:47:60:
43:99:d4:59:4e:62:86:f9:25:46:d7:c2:0c:aa:b7:e0:a3:7a:
97:b2:a4:b3:a0:4f:a8:7b:03:81:e1:10:9b:28:ed:30:80:28:
b7:f4:14:fc:d8:4d:e0:40:93:58:be:7b:61:dd:f3:85:de:f1:
6f:47:ab:8d:1d:34:d1:48:f4:a1:90:04:a4:d7:4b:92:b3:b7:
2f:4e:e3:80:a6:a0:4c:0c:cd:2a:47:5a:f4:30:28:91:ee:5e:
95:19:b3:9d:3a:8f:ca:50:35:7a:a1:d8:8e:bc:b9:28:f2:95:
c2:b1:98:6f:06:37:93:f5:d6:c4:e1:11:2f:bc:45:d4:71:05:
7a:81:98:22:fb:de:22:89:b1:39:95:6c:c4:9c:d5:ce:b5:69:
16:38:90:c4:8d:a2:dd:cc:e1:56:f1:6a:89:1b:2b:ea:0c:a2:
34:70:49:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4OHAVyiebmLdgoaor/rwpKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA1MTAxNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWU3NWM4YzgzY2Q5NGM2Yjg1ZDZjYjliMjI4ZTBhZjc4N2M0YzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfs/2shN2FwctZWQubeGPOPRDiWT
E9Scq9MHfH25m4iKFd+Ahkmr/Lva+C2pEqF9eG+0Ok7TEgDNTH1ZgVG1aX9l10VI
9ONKstIHCAHQBKaTa2gB7MhPW3fbBlctz8rKo8fNdOLv0gEu/HQnHeiVpALdB0d/
r1qM5Lkv+jeb48pTQrIAMrwlW5tu9kj2ITFwG1ZFdPcsmNCk8+rWlC3TtLVqdqSN
9SNqXC7Pjo7k3LzFUN56Et30+gObaz0BiNqt9vRt003sQeQEWCXpUPTOiSQUlsiY
7s3k92e0xn4xTeWP6vEqVkpyuKGEi3gCOVufBXGqYPmU+t1BWIpVblG7OwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMnnXIyDzZTGuF1subIo4K94fExEMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveWVkY2pJUE5sTWE0WFd5NXNpamdyM2g4VEVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHEozBT9yue1bDyqFmJX
A1pdlGpfZlQa8uZL+tSmbUhrGWPEHbuwliJyyDWEjkGHpXaLXrzhT0eXFK59USpH
/xU5l9mBpA7bdocMUtzeEWWvuwrUmOCbjUNHYEOZ1FlOYob5JUbXwgyqt+Cjepey
pLOgT6h7A4HhEJso7TCAKLf0FPzYTeBAk1i+e2Hd84Xe8W9Hq40dNNFI9KGQBKTX
S5Kzty9O44CmoEwMzSpHWvQwKJHuXpUZs506j8pQNXqh2I68uSjylcKxmG8GN5P1
1sThES+8RdRxBXqBmCL73iKJsTmVbMSc1c61aRY4kMSNot3M4VbxaokbK+oMojRw
ScA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:26 2025 by rpki-client