Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yiWaehXaOdrd8COHONIFvLH1wyI.roa
File: yiWaehXaOdrd8COHONIFvLH1wyI.roa (raw, json)
Hash identifier: LTocUuFcjmdcRgEd+eIY/lh5ZHu32WSoH2uhhDYs4Jg=
Subject key identifier: CA:25:9A:7A:15:DA:39:DA:DD:F0:23:87:38:D2:05:BC:B1:F5:C3:22
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C97353F24D650C12F9CB1A05E7627B1BC
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yiWaehXaOdrd8COHONIFvLH1wyI.roa
Signing time: Sat 23 Dec 2023 15:04:58 +0000
ROA not before: Sat 23 Dec 2023 15:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:9734:9a5a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:97:35:3f:24:d6:50:c1:2f:9c:b1:a0:5e:76:27:b1:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 23 15:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca259a7a15da39daddf0238738d205bcb1f5c322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:53:45:23:d8:c1:d2:5d:50:9a:01:9d:0c:9d:
cf:18:a9:5d:a1:4a:ac:d0:d2:f8:c0:fc:5c:06:c0:
7d:69:58:7d:c3:7a:c2:f2:d4:ad:ec:7f:44:af:90:
8a:7a:75:f7:ad:2c:61:f5:0c:5e:80:56:a7:ab:b3:
c9:2a:a9:9d:99:dc:41:7b:19:bf:36:f5:90:28:61:
ba:81:d5:eb:cc:48:c8:9f:d1:f9:b6:74:2a:27:c4:
ac:a1:58:8f:f6:30:bc:29:08:e6:d6:65:7a:2f:8f:
a8:e9:8f:13:a0:37:c7:1c:4b:8a:70:2a:66:c5:51:
29:aa:d7:b4:c4:e8:0e:bd:36:89:cd:13:60:30:62:
6c:4d:8c:7d:36:c3:20:20:b3:12:aa:f7:db:9b:35:
1a:90:56:d8:b2:f1:43:34:4c:ba:e3:ae:cf:66:3f:
59:16:5f:ca:03:91:bf:bd:62:9e:a4:eb:3c:da:d6:
23:ec:02:67:8c:e1:ad:78:65:7a:9a:07:76:64:f5:
83:70:ff:06:8c:8d:ca:e5:f1:6e:fb:35:19:c1:73:
cf:4f:42:19:2a:f5:0b:52:1d:aa:59:c0:37:4f:dc:
0a:8d:d9:67:31:fe:01:a2:ad:c2:54:2a:01:94:9a:
41:35:85:fc:57:ba:dd:bd:f1:a3:d1:99:18:6d:06:
ec:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:25:9A:7A:15:DA:39:DA:DD:F0:23:87:38:D2:05:BC:B1:F5:C3:22
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yiWaehXaOdrd8COHONIFvLH1wyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2e:c1:da:80:08:21:96:8b:b5:36:67:ce:f1:e4:f6:aa:51:c6:
e3:b1:0b:cc:c8:69:cd:c7:36:ca:8f:8b:3a:d9:12:3d:4f:44:
75:06:39:80:e9:44:2b:50:a8:b2:e5:32:0a:b9:5c:9e:0d:30:
0a:a2:8d:f4:a5:b7:e7:2c:41:08:0a:4c:8d:31:22:b6:c5:b5:
b6:19:68:6d:4c:82:a5:f7:62:7e:70:2f:e3:15:e7:96:ef:1e:
25:4f:47:ef:04:96:2c:74:76:c0:7b:e3:31:f9:b1:d2:3c:4d:
a3:b5:fa:31:c0:0b:a1:52:4b:39:ff:db:38:73:7d:87:e2:5c:
9a:b9:4c:37:98:c2:02:f8:36:ed:ca:cc:8e:c6:22:04:27:26:
b1:9f:dd:73:d3:e0:47:40:22:10:5e:28:c7:f1:89:b7:5e:a9:
7e:2e:fe:76:10:cf:ce:ed:ff:9a:07:dd:aa:a6:4e:57:63:33:
b3:7f:f8:55:e6:64:35:4d:c5:a5:08:22:28:75:be:d3:99:0c:
28:06:09:d6:9e:1a:0d:cd:25:34:b1:5d:6f:b1:1d:68:34:d9:
ef:f8:2a:47:e4:95:ee:24:da:e9:19:6d:b4:d4:e7:6f:af:4a:
41:9a:88:72:9d:9c:aa:e7:44:24:0d:2b:76:3b:5d:f6:b2:7c:
d4:1b:01:1e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyXNT8k1lDBL5yxoF52J7G8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIzMTUwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTI1OWE3YTE1ZGEzOWRhZGRmMDIzODczOGQyMDViY2IxZjVjMzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFNFI9jB0l1QmgGdDJ3PGKldoUqs
0NL4wPxcBsB9aVh9w3rC8tSt7H9Er5CKenX3rSxh9QxegFanq7PJKqmdmdxBexm/
NvWQKGG6gdXrzEjIn9H5tnQqJ8SsoViP9jC8KQjm1mV6L4+o6Y8ToDfHHEuKcCpm
xVEpqte0xOgOvTaJzRNgMGJsTYx9NsMgILMSqvfbmzUakFbYsvFDNEy6467PZj9Z
Fl/KA5G/vWKepOs82tYj7AJnjOGteGV6mgd2ZPWDcP8GjI3K5fFu+zUZwXPPT0IZ
KvULUh2qWcA3T9wKjdlnMf4Boq3CVCoBlJpBNYX8V7rdvfGj0ZkYbQbsKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMolmnoV2jna3fAjhzjSBbyx9cMiMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveWlXYWVoWGFPZHJkOENPSE9OSUZ2TEgxd3lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC7B2oAIIZaLtTZnzvHk
9qpRxuOxC8zIac3HNsqPizrZEj1PRHUGOYDpRCtQqLLlMgq5XJ4NMAqijfSlt+cs
QQgKTI0xIrbFtbYZaG1MgqX3Yn5wL+MV55bvHiVPR+8Elix0dsB74zH5sdI8TaO1
+jHAC6FSSzn/2zhzfYfiXJq5TDeYwgL4Nu3KzI7GIgQnJrGf3XPT4EdAIhBeKMfx
ibdeqX4u/nYQz87t/5oH3aqmTldjM7N/+FXmZDVNxaUIIih1vtOZDCgGCdaeGg3N
JTSxXW+xHWg02e/4Kkfkle4k2ukZbbTU52+vSkGaiHKdnKrnRCQNK3Y7XfayfNQb
AR4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:52 2024 by rpki-client on console-ams.rpki-client.org