Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ynhyO7rMdJPk5wkwv_vviuGvYik.roa
File: ynhyO7rMdJPk5wkwv_vviuGvYik.roa (raw, json)
Hash identifier: W7QUt1v3kLCo6vyB/XVkQxTggbSYu/oXIMRLHbl0S/A=
Subject key identifier: CA:78:72:3B:BA:CC:74:93:E4:E7:09:30:BF:FB:EF:8A:E1:AF:62:29
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C8F84DC52E4E92E37CEAE656FF7D03F8B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ynhyO7rMdJPk5wkwv_vviuGvYik.roa
Signing time: Fri 22 Dec 2023 03:14:58 +0000
ROA not before: Fri 22 Dec 2023 03:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8f:84:dc:52:e4:e9:2e:37:ce:ae:65:6f:f7:d0:3f:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 22 03:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca78723bbacc7493e4e70930bffbef8ae1af6229
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b9:22:6f:a1:ce:2f:69:3e:c1:15:ac:24:c6:
bf:02:24:65:74:77:c5:61:5e:87:c8:0c:d7:37:a3:
1c:93:f5:a4:a9:d6:6f:38:70:dc:fa:ec:7d:1f:a7:
ab:c8:de:cc:25:85:e9:b5:e5:fe:a8:34:91:0f:b9:
17:b4:a7:0d:8f:87:e8:60:f4:05:9d:a6:9e:af:98:
ed:1e:3d:84:b4:f0:fa:37:a4:f0:f0:d2:07:8b:29:
8c:5c:27:f9:12:f4:22:1b:10:cc:28:09:c6:02:14:
07:43:1d:cb:6d:72:37:9c:a2:ed:ce:55:7b:68:18:
aa:38:81:98:98:f7:ab:96:54:97:6e:5d:bf:60:48:
8b:22:ed:0b:ca:f0:12:0a:3a:3a:f5:d3:a4:a0:43:
50:81:60:10:34:9c:ee:76:bd:45:6b:57:b8:d4:29:
72:42:71:41:7d:50:db:05:4a:2e:08:e5:89:7e:95:
3d:48:b3:98:41:46:16:f7:b8:a5:0e:58:a6:2d:2b:
dc:16:c6:39:9a:61:40:da:62:d6:23:5f:3f:44:bd:
7a:ba:1d:cd:9c:01:34:65:20:60:e2:b0:e3:82:88:
6e:50:30:8a:03:57:c7:70:f1:ff:d4:f0:ba:c2:11:
d1:eb:fc:ea:e7:8e:3c:7c:6e:d6:7c:27:2c:00:73:
94:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:78:72:3B:BA:CC:74:93:E4:E7:09:30:BF:FB:EF:8A:E1:AF:62:29
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ynhyO7rMdJPk5wkwv_vviuGvYik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8a:4d:91:2c:64:28:cf:a0:aa:82:a6:64:68:aa:b9:00:68:d2:
70:3f:43:80:20:9e:26:64:6b:b8:9e:e6:56:7d:5e:42:d8:0b:
0b:12:a5:91:9b:f3:f3:eb:bb:33:ab:56:57:f9:b3:38:ac:46:
ec:73:42:ff:c9:20:1f:f8:96:52:2a:99:e5:7e:49:bf:34:9e:
ff:b6:eb:27:a7:38:74:a6:db:2d:97:96:73:b8:a1:1c:e4:5e:
5a:57:10:2f:1c:91:66:8e:d9:16:df:9a:f4:df:a7:ce:97:38:
c4:4a:2c:2f:8f:45:6c:dc:63:33:ae:98:35:cf:b6:0c:b8:ee:
b3:46:18:8e:c4:a5:dc:1c:7d:c5:67:50:10:11:69:e6:eb:d8:
28:cb:d9:51:2c:a5:be:51:ac:d7:bf:c8:3f:5e:2d:40:5a:c7:
11:5a:50:25:46:62:09:23:1f:70:7d:bd:a5:11:18:14:2f:f8:
c9:5e:06:3f:15:13:73:03:92:ae:fc:69:c6:91:05:17:4e:df:
90:9a:db:3a:cc:9b:41:e3:6d:c9:fc:1c:a5:00:42:c2:61:eb:
06:9a:9b:5f:ce:a4:7c:a3:29:52:91:a4:e2:93:27:03:bc:c0:
78:1c:46:61:7b:d2:e6:ca:b3:9e:2f:7e:ca:0e:67:a4:09:6a:
6a:cc:80:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyPhNxS5OkuN86uZW/30D+LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIyMDMxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTc4NzIzYmJhY2M3NDkzZTRlNzA5MzBiZmZiZWY4YWUxYWY2MjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLkib6HOL2k+wRWsJMa/AiRldHfF
YV6HyAzXN6Mck/WkqdZvOHDc+ux9H6eryN7MJYXpteX+qDSRD7kXtKcNj4foYPQF
naaer5jtHj2EtPD6N6Tw8NIHiymMXCf5EvQiGxDMKAnGAhQHQx3LbXI3nKLtzlV7
aBiqOIGYmPerllSXbl2/YEiLIu0LyvASCjo69dOkoENQgWAQNJzudr1Fa1e41Cly
QnFBfVDbBUouCOWJfpU9SLOYQUYW97ilDlimLSvcFsY5mmFA2mLWI18/RL16uh3N
nAE0ZSBg4rDjgohuUDCKA1fHcPH/1PC6whHR6/zq5448fG7WfCcsAHOUBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMp4cju6zHST5OcJML/774rhr2IpMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveW5oeU83ck1kSlBrNXdrd3ZfdnZpdUd2WWlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIpNkSxkKM+gqoKmZGiq
uQBo0nA/Q4AgniZka7ie5lZ9XkLYCwsSpZGb8/PruzOrVlf5szisRuxzQv/JIB/4
llIqmeV+Sb80nv+26yenOHSm2y2XlnO4oRzkXlpXEC8ckWaO2RbfmvTfp86XOMRK
LC+PRWzcYzOumDXPtgy47rNGGI7EpdwcfcVnUBARaebr2CjL2VEspb5RrNe/yD9e
LUBaxxFaUCVGYgkjH3B9vaURGBQv+MleBj8VE3MDkq78acaRBRdO35Ca2zrMm0Hj
bcn8HKUAQsJh6waam1/OpHyjKVKRpOKTJwO8wHgcRmF70ubKs54vfsoOZ6QJamrM
gFg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:11 2025 by rpki-client