Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zYmhVsWkBt03S0Zt1RLnAUZHxII.roa
File: zYmhVsWkBt03S0Zt1RLnAUZHxII.roa (raw, json)
Hash identifier: veYaja7E8g5Gia1hrdae51F/P4ALBoZDy17961dYy8E=
Subject key identifier: CD:89:A1:56:C5:A4:06:DD:37:4B:46:6D:D5:12:E7:01:46:47:C4:82
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C8A94846D4B26F0CAB8CA3A20277414DF
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zYmhVsWkBt03S0Zt1RLnAUZHxII.roa
Signing time: Thu 21 Dec 2023 04:13:58 +0000
ROA not before: Thu 21 Dec 2023 04:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8a:94:84:6d:4b:26:f0:ca:b8:ca:3a:20:27:74:14:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 21 04:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd89a156c5a406dd374b466dd512e7014647c482
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ab:7c:c3:af:e7:79:c8:99:33:f3:96:9d:b3:
bd:00:63:a9:d3:63:9e:b2:9a:c8:c7:70:af:ca:5b:
96:41:4a:b1:7e:87:12:d8:7d:72:04:ed:8e:3e:02:
61:31:5f:66:1c:b0:51:a6:d4:ba:3f:90:03:cd:ed:
89:2f:db:fb:91:c8:51:bf:dc:ec:70:a1:a5:1a:b6:
8c:ee:a3:c3:8d:a9:84:03:37:ad:f0:d9:ea:c7:b4:
7d:3b:46:38:86:69:03:d5:64:6e:92:fd:e6:45:2d:
ab:cc:20:45:67:9f:f6:95:f6:b8:dc:13:22:c3:fb:
59:fc:a6:5c:ef:a0:18:ab:9b:b2:87:a7:bc:47:4d:
be:07:59:09:93:00:c8:ef:d5:03:06:e8:07:4d:65:
d0:e3:87:0d:db:0b:71:00:61:a1:f7:ab:b9:d3:1d:
7c:b8:0f:14:fa:e6:23:d5:ff:c9:6a:37:d7:1e:36:
81:e3:c9:b3:33:6e:02:65:3c:1e:6c:66:37:94:36:
87:3e:f8:44:b2:a5:29:85:e4:bc:cc:b9:91:09:51:
39:94:29:e2:d4:52:ce:98:27:37:39:28:f9:16:27:
83:84:d3:2c:df:b0:79:27:c7:34:5c:55:0c:86:21:
ab:97:9e:dd:41:14:f1:a4:0e:7b:5b:30:8f:23:f3:
7c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:89:A1:56:C5:A4:06:DD:37:4B:46:6D:D5:12:E7:01:46:47:C4:82
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/zYmhVsWkBt03S0Zt1RLnAUZHxII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
71:2a:21:47:2b:12:b3:8a:51:c3:b3:84:f3:03:a6:b7:d9:40:
48:73:d5:d1:4c:89:79:19:30:86:a7:df:0c:e4:e4:ee:2c:07:
d9:c8:65:df:23:60:1c:92:db:fb:92:7b:94:01:a9:94:e3:3f:
74:5c:d8:b1:fd:16:75:8b:10:7f:11:83:e1:67:57:f9:1c:2a:
ca:99:97:4c:58:7c:28:0e:62:7e:bd:40:d7:70:ef:f2:da:b1:
d5:86:44:37:8a:8b:17:0b:6e:dc:1a:83:60:9e:87:19:d3:54:
93:3b:3e:88:68:9f:64:7f:15:d6:4a:60:cf:9f:68:1d:b9:6b:
94:48:09:35:87:71:8d:a8:f2:2e:5c:5b:60:23:c7:d4:f1:7e:
0a:50:f7:47:f4:6b:dc:72:04:49:a6:52:a6:49:77:4b:e2:b8:
90:07:6f:72:e3:f7:d2:a2:70:52:0f:b1:83:85:f9:bd:57:37:
d8:a2:0f:e3:4a:b2:aa:c7:39:28:f4:76:0c:43:80:a0:0f:7f:
fd:3c:f5:2d:20:0f:98:0c:dc:dc:7b:f2:80:7f:8e:53:88:2a:
a5:6f:62:88:99:7f:3f:6f:b9:26:8b:85:e0:ad:d7:65:ed:b5:
4d:b0:dd:c6:2a:d3:d0:ee:df:87:99:cb:a8:48:70:ad:96:52:
25:d6:65:7d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyKlIRtSybwyrjKOiAndBTfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIxMDQxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDg5YTE1NmM1YTQwNmRkMzc0YjQ2NmRkNTEyZTcwMTQ2NDdjNDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKt8w6/neciZM/OWnbO9AGOp02Oe
sprIx3CvyluWQUqxfocS2H1yBO2OPgJhMV9mHLBRptS6P5ADze2JL9v7kchRv9zs
cKGlGraM7qPDjamEAzet8Nnqx7R9O0Y4hmkD1WRukv3mRS2rzCBFZ5/2lfa43BMi
w/tZ/KZc76AYq5uyh6e8R02+B1kJkwDI79UDBugHTWXQ44cN2wtxAGGh96u50x18
uA8U+uYj1f/JajfXHjaB48mzM24CZTwebGY3lDaHPvhEsqUpheS8zLmRCVE5lCni
1FLOmCc3OSj5FieDhNMs37B5J8c0XFUMhiGrl57dQRTxpA57WzCPI/N8BwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM2JoVbFpAbdN0tGbdUS5wFGR8SCMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvelltaFZzV2tCdDAzUzBadDFSTG5BVVpIeElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHEqIUcrErOKUcOzhPMD
prfZQEhz1dFMiXkZMIan3wzk5O4sB9nIZd8jYByS2/uSe5QBqZTjP3Rc2LH9FnWL
EH8Rg+FnV/kcKsqZl0xYfCgOYn69QNdw7/LasdWGRDeKixcLbtwag2CehxnTVJM7
Pohon2R/FdZKYM+faB25a5RICTWHcY2o8i5cW2Ajx9TxfgpQ90f0a9xyBEmmUqZJ
d0viuJAHb3Lj99KicFIPsYOF+b1XN9iiD+NKsqrHOSj0dgxDgKAPf/089S0gD5gM
3Nx78oB/jlOIKqVvYoiZfz9vuSaLheCt12XttU2w3cYq09Du34eZy6hIcK2WUiXW
ZX0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:11:57 2025 by rpki-client