Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yqO-0jtsVBOxT8fj4IsmDfXEKp8.roa
File: yqO-0jtsVBOxT8fj4IsmDfXEKp8.roa (raw, json)
Hash identifier: 9oRRiLt5tL4OGe+AA48l1l6w8AiPUuaDPOGl9e4lcP0=
Subject key identifier: CA:A3:BE:D2:3B:6C:54:13:B1:4F:C7:E3:E0:8B:26:0D:F5:C4:2A:9F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DBF26690273A344ED9DA0B5AD016013B2
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yqO-0jtsVBOxT8fj4IsmDfXEKp8.roa
Signing time: Mon 19 Feb 2024 02:16:21 +0000
ROA not before: Mon 19 Feb 2024 02:16:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:bf:26:69:02:73:a3:44:ed:9d:a0:b5:ad:01:60:13:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 19 02:16:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=caa3bed23b6c5413b14fc7e3e08b260df5c42a9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:85:e2:92:e0:cf:ab:81:ee:a8:bf:82:ef:da:
f1:ee:2e:a5:fd:b4:bd:a0:6b:14:24:75:3f:9d:44:
d3:69:7d:37:fb:74:5d:5b:d3:54:61:5b:65:70:e1:
36:51:3d:c4:20:f3:e0:21:8a:b8:47:a7:aa:ef:9d:
a5:f6:b3:15:d9:1b:82:64:ab:7b:fc:02:77:59:da:
40:06:a2:8c:a7:09:ec:cc:c7:4f:42:6b:4c:a2:67:
40:83:4f:85:cd:34:b5:b7:95:66:6f:ec:41:20:c6:
8f:e8:54:c1:fe:9a:0d:b1:96:8b:59:c2:7a:48:97:
e9:f4:c2:eb:d1:00:de:bc:9e:38:53:17:af:0f:c3:
02:b5:35:cf:d5:f6:d1:e4:c6:70:51:ae:a9:7c:f4:
5b:92:13:08:91:1a:a7:b4:a3:d2:f9:7b:2d:57:23:
3c:a3:b9:66:b8:fc:f8:ca:ee:83:b5:a5:7a:0d:5c:
13:c4:da:55:f6:d3:67:49:b7:23:05:53:9b:6a:fc:
00:00:0b:e8:a3:27:ba:bb:91:4d:2c:ca:d8:35:2c:
82:2d:db:b8:db:a2:72:2f:6b:a9:20:f6:0a:00:52:
dd:77:6f:46:23:22:8e:f2:1c:00:f2:da:5e:04:8f:
f0:95:a7:ea:54:81:40:1e:ad:87:81:58:d9:c3:0c:
16:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:A3:BE:D2:3B:6C:54:13:B1:4F:C7:E3:E0:8B:26:0D:F5:C4:2A:9F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/yqO-0jtsVBOxT8fj4IsmDfXEKp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
08:e8:55:bc:05:7b:76:19:10:66:eb:0c:fc:0f:0f:18:d1:25:
a7:b9:cd:24:3f:75:05:b0:17:f8:18:a3:5a:cb:53:fb:f4:2e:
f5:ee:cb:f0:c8:c4:8e:10:82:38:c6:17:3a:70:2f:d8:7b:36:
62:d8:95:f7:5a:6d:bd:0a:9d:bc:b7:05:3c:c4:fc:e5:59:03:
d1:22:36:b5:3e:0e:c8:27:a3:a8:d9:1c:ac:47:8b:e9:b3:74:
1d:0f:10:67:c4:e8:16:52:fb:5b:83:c7:da:e1:11:9e:ee:48:
c0:13:db:f2:d9:df:c7:26:85:7c:79:4e:8e:14:89:41:3a:f9:
33:19:9e:96:4d:6d:fa:2a:1a:d5:f7:e7:22:36:77:43:31:70:
d2:7c:81:06:8e:af:bb:64:1b:27:16:4a:76:ae:17:71:0b:d4:
c4:33:65:e0:61:b2:37:e6:96:a7:e1:01:93:3b:4f:25:38:75:
49:9c:26:0a:32:d6:5b:bf:6c:95:8e:85:2a:3f:d3:45:5a:5f:
d7:87:8d:02:8a:5a:ca:fa:34:1b:fd:da:fb:98:de:2b:f1:d9:
26:eb:58:73:ff:19:06:22:c0:99:5c:f8:7d:d7:6b:de:cb:bb:
7d:2a:9b:69:4b:a5:f0:13:18:ab:b5:c8:13:55:54:24:b8:b3:
6d:ad:c3:d0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2/JmkCc6NE7Z2gta0BYBOyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE5MDIxNjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWEzYmVkMjNiNmM1NDEzYjE0ZmM3ZTNlMDhiMjYwZGY1YzQyYTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYXikuDPq4HuqL+C79rx7i6l/bS9
oGsUJHU/nUTTaX03+3RdW9NUYVtlcOE2UT3EIPPgIYq4R6eq752l9rMV2RuCZKt7
/AJ3WdpABqKMpwnszMdPQmtMomdAg0+FzTS1t5Vmb+xBIMaP6FTB/poNsZaLWcJ6
SJfp9MLr0QDevJ44UxevD8MCtTXP1fbR5MZwUa6pfPRbkhMIkRqntKPS+XstVyM8
o7lmuPz4yu6DtaV6DVwTxNpV9tNnSbcjBVObavwAAAvooye6u5FNLMrYNSyCLdu4
26JyL2upIPYKAFLdd29GIyKO8hwA8tpeBI/wlafqVIFAHq2HgVjZwwwWmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMqjvtI7bFQTsU/H4+CLJg31xCqfMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEveXFPLTBqdHNWQk94VDhmajRJc21EZlhFS3A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAjoVbwFe3YZEGbrDPwP
DxjRJae5zSQ/dQWwF/gYo1rLU/v0LvXuy/DIxI4QgjjGFzpwL9h7NmLYlfdabb0K
nby3BTzE/OVZA9EiNrU+Dsgno6jZHKxHi+mzdB0PEGfE6BZS+1uDx9rhEZ7uSMAT
2/LZ38cmhXx5To4UiUE6+TMZnpZNbfoqGtX35yI2d0MxcNJ8gQaOr7tkGycWSnau
F3EL1MQzZeBhsjfmlqfhAZM7TyU4dUmcJgoy1lu/bJWOhSo/00VaX9eHjQKKWsr6
NBv92vuY3ivx2SbrWHP/GQYiwJlc+H3Xa97Lu30qm2lLpfATGKu1yBNVVCS4s22t
w9A=
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:11:49 2025 by rpki-client